Описание
vzctl before 4.9.4 determines the virtual environment (VE) layout based on the presence of root.hdd/DiskDescriptor.xml in the VE private directory, which allows local simfs container (CT) root users to change the root password for arbitrary ploop containers, as demonstrated by a symlink attack on the ploop container root.hdd file and then access a control panel.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | ignored | end of life |
| bionic | not-affected | 4.9.4-1 |
| cosmic | not-affected | 4.9.4-1 |
| devel | not-affected | 4.9.4-1 |
| disco | not-affected | 4.9.4-1 |
| esm-apps/bionic | not-affected | 4.9.4-1 |
| esm-apps/xenial | not-affected | 4.9.4-1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was needed] |
| precise | not-affected | |
| precise/esm | DNE | precise was not-affected |
Показывать по
3.6 Low
CVSS2
Связанные уязвимости
vzctl before 4.9.4 determines the virtual environment (VE) layout based on the presence of root.hdd/DiskDescriptor.xml in the VE private directory, which allows local simfs container (CT) root users to change the root password for arbitrary ploop containers, as demonstrated by a symlink attack on the ploop container root.hdd file and then access a control panel.
vzctl before 4.9.4 determines the virtual environment (VE) layout base ...
vzctl before 4.9.4 determines the virtual environment (VE) layout based on the presence of root.hdd/DiskDescriptor.xml in the VE private directory, which allows local simfs container (CT) root users to change the root password for arbitrary ploop containers, as demonstrated by a symlink attack on the ploop container root.hdd file and then access a control panel.
3.6 Low
CVSS2