Gentoo update for runC



Published: 2020-03-15 | Updated: 2023-01-23
Risk Medium
Patch available YES
Number of vulnerabilities 3
CVE-ID CVE-2019-16884
CVE-2019-19921
CVE-2019-5736
CWE-ID CWE-264
CWE-284
Exploitation vector Local
Public exploit Public exploit code for vulnerability #2 is available.
Public exploit code for vulnerability #3 is available.
Vulnerable software
Subscribe
Gentoo Linux
Operating systems & Components / Operating system

Vendor Gentoo

Security Bulletin

This security bulletin contains information about 3 vulnerabilities.

1) Permissions, Privileges, and Access Controls

EUVDB-ID: #VU22482

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2019-16884

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to incorrect checking of the mount targets in libcontainer/rootfs_linux.go in runc. A local user can bypass AppArmor restrictions and perform unauthorized actions on the system, as demonstrated by overwriting the /proc directory with a malicious Doker image.

Mitigation

Update the affected packages.
app-emulation/runc to version:

Vulnerable software versions

Gentoo Linux: All versions


CPE2.3 External links

http://security.gentoo.org/
http://security.gentoo.org/glsa/202003-21

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

2) Improper access control

EUVDB-ID: #VU25847

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2019-19921

CWE-ID: CWE-284 - Improper Access Control

Exploit availability: No

Description

The vulnerability allows a local user to gain unauthorized access to sensitive information.

The vulnerability exists due to improper access restrictions, related to libcontainer/rootfs_linux.go in runc. A local user with ability to spawn two containers with custom volume-mount configurations, and run custom images can escalate privileges on the system.

Mitigation

Update the affected packages.
app-emulation/runc to version:

Vulnerable software versions

Gentoo Linux: All versions


CPE2.3 External links

http://security.gentoo.org/
http://security.gentoo.org/glsa/202003-21

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

3) Privilege escalation

EUVDB-ID: #VU17474

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2019-5736

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: Yes

Description

The vulnerability allows a remote attacker to gain elevated privileges.

The weakness exists in the runc container runtime due to file-descriptor mishandling, related to /proc/self/exe. A remote attacker can leverage the ability to execute a command as root within one of these types of containers: (1) a new container with an attacker-controlled image, or (2) an existing container, to which the attacker previously had write access, that can be attached with docker exec, overwrite the host runc binary with minimal user interaction and execute arbitrary code with root privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update the affected packages.
app-emulation/runc to version:

Vulnerable software versions

Gentoo Linux: All versions


CPE2.3 External links

http://security.gentoo.org/
http://security.gentoo.org/glsa/202003-21

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?



###SIDEBAR###