You should verify that all the registry certificate files (usually found under /etc/docker/certs.d/ directory) have permissions of 444 or are set more restrictively.
Recommended Mitigation
You should execute the following command: find /etc/docker/certs.d/ -type f -exec chmod 0444 . This would set the permissions for the registry certificate files to 444.