SUSE update for libcontainers-common
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 5 |
| CVE-ID | CVE-2020-14370 CVE-2020-15157 CVE-2021-20199 CVE-2021-20291 CVE-2021-3602 |
| CWE-ID | CWE-200 CWE-522 CWE-346 CWE-667 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
SUSE Enterprise Storage Operating systems & Components / Operating system SUSE Manager Server Operating systems & Components / Operating system SUSE Manager Retail Branch Server Operating systems & Components / Operating system SUSE Manager Proxy Operating systems & Components / Operating system SUSE Linux Enterprise Server for SAP Operating systems & Components / Operating system SUSE Linux Enterprise Server Operating systems & Components / Operating system SUSE Linux Enterprise High Performance Computing Operating systems & Components / Operating system SUSE CaaS Platform Operating systems & Components / Operating system libcontainers-common Operating systems & Components / Operating system package or component |
| Vendor | SUSE |
Security Bulletin
This security bulletin contains information about 5 vulnerabilities.
1) Information disclosure
EUVDB-ID: #VU47117
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-14370
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to the way application processes environment variables with deprecated Varlink API or the Docker-compatible REST API. If multiple containers are created in a short duration, the environment variables from the first container gets leaked into subsequent containers. A remote user with control over the subsequent containers could use this flaw to gain access to sensitive information stored in such variables.
MitigationUpdate the affected package libcontainers-common to the latest version.
Vulnerable software versionsSUSE Enterprise Storage: 6 - 7.1
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
SUSE Linux Enterprise Server for SAP: 15-SP1 - 15-SP2
SUSE Linux Enterprise Server: 15-SP1-BCL - 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing: 15-SP1-ESPOS - 15-SP2-LTSS
SUSE CaaS Platform: 4.0
libcontainers-common: before 20210626-150100.3.15.1
External linkshttp://www.suse.com/support/update/announcement/2022/suse-su-20223312-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Insufficiently protected credentials
EUVDB-ID: #VU48721
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-15157
CWE-ID:
CWE-522 - Insufficiently Protected Credentials
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
If a container image manifest in the OCI Image format or Docker Image V2 Schema 2 format includes a URL for the location of a specific image layer (otherwise known as a “foreign layer”), the default containerd resolver will follow that URL to attempt to download it. In v1.2.x the default containerd resolver will provide its authentication credentials if the server where the URL is located presents an HTTP 401 status code along with registry-specific HTTP headers.
If an attacker publishes a public image with a manifest that directs one of the layers to be fetched from a web server they control and they trick a user or system into pulling the image, they can obtain the credentials used for pulling that image. In some cases, this may be the user's username and password for the registry. In other cases, this may be the credentials attached to the cloud virtual instance which can grant access to other cloud resources in the account.
The default containerd resolver is used by the cri-containerd plugin (which can be used by Kubernetes), the ctr development tool, and other client programs that have explicitly linked against it.
MitigationUpdate the affected package libcontainers-common to the latest version.
Vulnerable software versionsSUSE Enterprise Storage: 6 - 7.1
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
SUSE Linux Enterprise Server for SAP: 15-SP1 - 15-SP2
SUSE Linux Enterprise Server: 15-SP1-BCL - 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing: 15-SP1-ESPOS - 15-SP2-LTSS
SUSE CaaS Platform: 4.0
libcontainers-common: before 20210626-150100.3.15.1
External linkshttp://www.suse.com/support/update/announcement/2022/suse-su-20223312-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Origin validation error
EUVDB-ID: #VU50275
Risk: High
CVSSv3.1: 7.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-20199
CWE-ID:
CWE-346 - Origin Validation Error
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass security restrictions.
The vulnerability exists due to missing authentication when connecting from all sources. A remote attacker can send a specially crafted request and bypass access restrictions to containerized applications.
MitigationUpdate the affected package libcontainers-common to the latest version.
Vulnerable software versionsSUSE Enterprise Storage: 6 - 7.1
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
SUSE Linux Enterprise Server for SAP: 15-SP1 - 15-SP2
SUSE Linux Enterprise Server: 15-SP1-BCL - 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing: 15-SP1-ESPOS - 15-SP2-LTSS
SUSE CaaS Platform: 4.0
libcontainers-common: before 20210626-150100.3.15.1
External linkshttp://www.suse.com/support/update/announcement/2022/suse-su-20223312-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Improper locking
EUVDB-ID: #VU62797
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-20291
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service attack (DoS) on the target system.
The vulnerability exists due to double-locking error. When a container image is processed, each layer is unpacked using `tar`. If one of those layers is not a valid `tar` archive this causes an error leading to an unexpected situation where the code indefinitely waits for the tar unpacked stream, which never finishes. An attacker could use this vulnerability to craft a malicious image, which when downloaded and stored by an application using containers/storage, would then cause a deadlock leading to a Denial of Service (DoS).
MitigationUpdate the affected package libcontainers-common to the latest version.
Vulnerable software versionsSUSE Enterprise Storage: 6 - 7.1
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
SUSE Linux Enterprise Server for SAP: 15-SP1 - 15-SP2
SUSE Linux Enterprise Server: 15-SP1-BCL - 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing: 15-SP1-ESPOS - 15-SP2-LTSS
SUSE CaaS Platform: 4.0
libcontainers-common: before 20210626-150100.3.15.1
External linkshttp://www.suse.com/support/update/announcement/2022/suse-su-20223312-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Information disclosure
EUVDB-ID: #VU54940
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-3602
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to podman build command with the --isolation chroot flag includes environment variables from the host. A remote attacker with access to the container can obtain sensitive information from environment variables.
Update the affected package libcontainers-common to the latest version.
Vulnerable software versionsSUSE Enterprise Storage: 6 - 7.1
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
SUSE Linux Enterprise Server for SAP: 15-SP1 - 15-SP2
SUSE Linux Enterprise Server: 15-SP1-BCL - 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing: 15-SP1-ESPOS - 15-SP2-LTSS
SUSE CaaS Platform: 4.0
libcontainers-common: before 20210626-150100.3.15.1
External linkshttp://www.suse.com/support/update/announcement/2022/suse-su-20223312-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
