Main Vulnerability Database Exploits ID:8917 - Exploit for Insecure dynamic library loading in Docker - CVE-2019-14271

ID:8917 - Exploit for Insecure dynamic library loading in Docker - CVE-2019-14271

Published: March 16, 2023

Vulnerability identifier: #VU20969

Vulnerability risk: Medium

CVE-ID: CVE-2019-14271

CWE-ID: CWE-427

Exploitation vector: Local access

Vulnerable software:
Docker

Link to public exploit:

https://github.com/iridium-soda/CVE-2019-14271_Exploit

Vulnerability description

The vulnerability allows a local user to compromise vulnerable system.

The vulnerability exists due to the application loads NSS libraries in docker cp in an insecure manner. A local attacker can pass a specially crafted library file to the application and execute arbitrary code on the system with elevated privileges.

Remediation

Install updates from vendor's website.

ID:8917 - Exploit for Insecure dynamic library loading in Docker - CVE-2019-14271

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human