UNIX symbolic link following in Podman - CVE-2019-18466
Published: April 1, 2020
Vulnerability identifier: #VU26515
CSH Severity: Medium
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2019-18466
CWE-ID: CWE-61
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Container Projects
Affected software:
Podman
Podman
Detailed vulnerability description
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a symlink following issue in libpod (podman) in the host context during a copy operation from the container to the
host, because an undesired glob operation occurs. An attacker could
create a container image containing particular symlinks that, when
copied by a victim user to the host filesystem, may overwrite existing
files with others from the host.
Successful exploitation of this vulnerability may result in privilege escalation on the host operating system.
How to mitigate CVE-2019-18466
Install updates from vendor's website.