GHSA-7452-XQPJ-6RPC
Vulnerability from github – Published: 2024-01-31 23:14 – Updated: 2024-06-10 18:39
VLAI?
Summary
moby Access to remapped root allows privilege escalation to real root
Details
Impact
When using --userns-remap, if the root user in the remapped namespace has access to the host filesystem they can modify files under /var/lib/docker/<remapping> that cause writing files with extended privileges.
Patches
Versions 20.10.3 and 19.03.15 contain patches that prevent privilege escalation from remapped user.
Credits
Maintainers would like to thank Alex Chapman for discovering the vulnerability; @awprice, @nathanburrell, @raulgomis, @chris-walz, @erin-jensby, @bassmatt, @mark-adams, @dbaxa for working on it and Zac Ellis for responsibly disclosing it to security@docker.com
Severity ?
6.8 (Medium)
{
"affected": [
{
"package": {
"ecosystem": "Go",
"name": "github.com/moby/moby"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "19.3.15"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Go",
"name": "github.com/moby/moby"
},
"ranges": [
{
"events": [
{
"introduced": "20.10.0-beta1"
},
{
"fixed": "20.10.3"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2021-21284"
],
"database_specific": {
"cwe_ids": [
"CWE-22"
],
"github_reviewed": true,
"github_reviewed_at": "2024-01-31T23:14:25Z",
"nvd_published_at": "2021-02-02T18:15:00Z",
"severity": "MODERATE"
},
"details": "### Impact\n\nWhen using `--userns-remap`, if the root user in the remapped namespace has access to the host filesystem they can modify files under `/var/lib/docker/\u003cremapping\u003e` that cause writing files with extended privileges.\n\n### Patches\n\nVersions 20.10.3 and 19.03.15 contain patches that prevent privilege escalation from remapped user.\n\n### Credits\n\nMaintainers would like to thank Alex Chapman for discovering the vulnerability; @awprice, @nathanburrell, @raulgomis, @chris-walz, @erin-jensby, @bassmatt, @mark-adams, @dbaxa for working on it and Zac Ellis for responsibly disclosing it to security@docker.com",
"id": "GHSA-7452-xqpj-6rpc",
"modified": "2024-06-10T18:39:17Z",
"published": "2024-01-31T23:14:25Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/moby/moby/security/advisories/GHSA-7452-xqpj-6rpc"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21284"
},
{
"type": "WEB",
"url": "https://github.com/moby/moby/commit/64bd4485b3a66a597c02c95f5776395e540b2c7c"
},
{
"type": "WEB",
"url": "https://docs.docker.com/engine/release-notes/#20103"
},
{
"type": "WEB",
"url": "https://github.com/moby/moby/releases/tag/v19.03.15"
},
{
"type": "WEB",
"url": "https://github.com/moby/moby/releases/tag/v20.10.3"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/202107-23"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20210226-0005"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2021/dsa-4865"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N",
"type": "CVSS_V3"
}
],
"summary": "moby Access to remapped root allows privilege escalation to real root"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…