Fedora 33 update for buildah, containernetworking-plugins, containers-common, podman, skopeo

1) Improper Protection of Alternate Path

EUVDB-ID: #VU55590

Risk: Medium

CVSSv4.0: 6.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2021-20206

CWE-ID: CWE-424 - Improper Protection of Alternate Path

Exploit availability: No

Description

The vulnerability allows a remote user to compromise the affected system.

the vulnerability exists due to improper input validation. When specifying the plugin to load in the 'type' field in the network configuration, it is possible to use special elements such as "../" separators to reference binaries elsewhere on the system. This flaw allows a remote user to execute other existing binaries other than the cni plugins/types, such as 'reboot'.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

Fedora: 33

skopeo: before 1.2.2-1.fc33

podman: before 3.0.1-1.fc33

containers-common: before 1-4.fc33

containernetworking-plugins: before 0.9.1-2.fc33

buildah: before 1.19.6-2.fc33

CPE2.3

• cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*
• cpe:2.3:a:fedoraproject:skopeo:*:*:*:*:*:fedora:*:*
• cpe:2.3:a:fedoraproject:podman:*:*:*:*:*:fedora:*:*
• cpe:2.3:a:fedoraproject:containers-common:*:*:*:*:*:fedora:*:*
• cpe:2.3:a:fedoraproject:containernetworking-plugins:*:*:*:*:*:fedora:*:*
• cpe:2.3:a:fedoraproject:buildah:*:*:*:*:*:fedora:*:*

External links

https://bodhi.fedoraproject.org/updates/FEDORA-2021-fb466fb623

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.