Описание
An improper limitation of path name flaw was found in containernetworking/cni in versions before 0.8.1. When specifying the plugin to load in the 'type' field in the network configuration, it is possible to use special elements such as "../" separators to reference binaries elsewhere on the system. This flaw allows an attacker to execute other existing binaries other than the cni plugins/types, such as 'reboot'. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
An improper limitation of path name flaw was found in containernetworking/cni. When specifying the plugin to load in the type field in the network configuration, it is possible to use special elements such as "../" separators to reference binaries elsewhere on the system. This flaw allows an attacker to execute other existing binaries other than the cni plugins/types, such as reboot. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
Отчет
OpenShift ServiceMesh (OSSM) does package a vulnerable version of containernetworking/cni, however, the NetworkDefinitionAttachment is defined in code and cannot be easily changed except through a user who has access to the operator namespace such as cluster-admin. As such, for OSSM, the impact is Moderate. The fix for podman was released as a part of OpenShift 4.8 and is included in future releases.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| OpenShift Service Mesh 2.0 | servicemesh-cni | Affected | ||
| Red Hat Advanced Cluster Management for Kubernetes 2 | cni | Not affected | ||
| Red Hat Enterprise Linux 7 | buildah | Out of support scope | ||
| Red Hat Enterprise Linux 7 | containernetworking-plugins | Out of support scope | ||
| Red Hat Enterprise Linux 7 | podman | Out of support scope | ||
| Red Hat Enterprise Linux 8 | container-tools:1.0/buildah | Will not fix | ||
| Red Hat Enterprise Linux 8 | container-tools:1.0/containernetworking-plugins | Out of support scope | ||
| Red Hat Enterprise Linux 8 | container-tools:1.0/podman | Out of support scope | ||
| Red Hat Enterprise Linux 8 | container-tools:2.0/buildah | Will not fix | ||
| Red Hat Enterprise Linux 8 | container-tools:2.0/containernetworking-plugins | Affected |
Показывать по
Дополнительная информация
Статус:
EPSS
7.2 High
CVSS3
Связанные уязвимости
An improper limitation of path name flaw was found in containernetworking/cni in versions before 0.8.1. When specifying the plugin to load in the 'type' field in the network configuration, it is possible to use special elements such as "../" separators to reference binaries elsewhere on the system. This flaw allows an attacker to execute other existing binaries other than the cni plugins/types, such as 'reboot'. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
An improper limitation of path name flaw was found in containernetworking/cni in versions before 0.8.1. When specifying the plugin to load in the 'type' field in the network configuration, it is possible to use special elements such as "../" separators to reference binaries elsewhere on the system. This flaw allows an attacker to execute other existing binaries other than the cni plugins/types, such as 'reboot'. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
An improper limitation of path name flaw was found in containernetwork ...
EPSS
7.2 High
CVSS3