Описание
runc through 1.1.4 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. NOTE: this issue exists because of a CVE-2019-19921 regression.
A flaw was found in runc. An attacker who controls the container image for two containers that share a volume can race volume mounts during container initialization by adding a symlink to the rootfs that points to a directory on the volume.
Отчет
The vulnerability in runc, related to Incorrect Access Control in libcontainer/rootfs_linux.go, is classified as a moderate severity issue due to its prerequisites for exploitation and the level of access required by an attacker. To exploit this vulnerability, an attacker must have the capability to spawn two containers with custom volume-mount configurations and execute custom images within these containers. This restricts the attack vector to scenarios where an attacker already has a certain level of access to the container environment. Additionally, the vulnerability leads to an escalation of privileges, potentially allowing an attacker to gain elevated permissions on the host system. While the impact of privilege escalation is significant, the specific conditions required for successful exploitation mitigate the overall severity to moderate. This CVE exists because of a CVE-2019-19921 regression.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 7 | runc | Out of support scope | ||
| Red Hat Enterprise Linux 8 | container-tools:3.0/runc | Affected | ||
| Red Hat OpenShift Container Platform 3.11 | atomic-openshift | Out of support scope | ||
| Red Hat OpenShift Container Platform 3.11 | runc | Out of support scope | ||
| Red Hat OpenShift Container Platform 4 | microshift | Will not fix | ||
| Red Hat OpenShift Container Platform 4 | openshift4/ose-pod | Not affected | ||
| Red Hat OpenShift Container Platform 4 | openshift4/ose-tests | Will not fix | ||
| Red Hat OpenShift Container Platform Assisted Installer 1 | rhai-tech-preview/assisted-installer-agent-rhel8 | Not affected | ||
| Red Hat OpenShift Container Platform Assisted Installer 1 | rhai-tech-preview/assisted-installer-reporter-rhel8 | Not affected | ||
| Red Hat OpenShift Container Platform Assisted Installer 1 | rhai-tech-preview/assisted-installer-rhel8 | Not affected |
Показывать по
Ссылки на источники
Дополнительная информация
Статус:
EPSS
7 High
CVSS3
Связанные уязвимости
runc through 1.1.4 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. NOTE: this issue exists because of a CVE-2019-19921 regression.
runc through 1.1.4 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. NOTE: this issue exists because of a CVE-2019-19921 regression.
runc through 1.1.4 has Incorrect Access Control leading to Escalation ...
Opencontainers runc Incorrect Authorization vulnerability
EPSS
7 High
CVSS3