Описание
Docker Engine 1.12.2 enabled ambient capabilities with misconfigured capability policies. This allowed malicious images to bypass user permissions to access files within the container filesystem or mounted volumes.
The runc version as used in docker 1.12.2 was incorrectly setting ambient capabilities for all processes executed inside containers. This caused processes of non-root users to run with unexpected privileges, allowing them to escalate their privileges to root.
Отчет
This issue only affected a single version of the docker packages as shipped with Red Hat Enterprise Linux 7 Extras - docker-1.13.1-108.git4ef4b30.el7. This version was released on January 8th 2020 via erratum RHBA-2020:0053 and the problem was corrected in version docker-1.13.1-109.gitcccb291.el7_7 released on February 4th 2020 via erratum RHBA-2020:0427. This CVE is listed as fixed in erratum RHSA-2020:2653 released on June 23rd 2020. However, the erratum RHSA-2020:2653 does not provide any new or improved fix compared to RHBA-2020:0427 and it was released to ensure proper visibility of the problem to users and security scanning tools, as the fix was originally released via a non-security bug fix erratum. The current version of OpenShift Container Platform (OCP) 3.11 is not affected because it installs the latest package from the Red Hat Enterprise Linux 7 Extras repository. If on an earlier version of OCP 3.11 be sure to update to a docker package later than 1.13.1-108.git4ef4b30.el7.
Дополнительная информация
Статус:
EPSS
7.5 High
CVSS3
Связанные уязвимости
Docker Engine 1.12.2 enabled ambient capabilities with misconfigured capability policies. This allowed malicious images to bypass user permissions to access files within the container filesystem or mounted volumes.
Docker Engine 1.12.2 enabled ambient capabilities with misconfigured c ...
EPSS
7.5 High
CVSS3