Main Vulnerability Database Vulnerabilities #VU59237

#VU59237 Security restrictions bypass in containerd - CVE-2021-43816

Published: January 6, 2022

Vulnerability identifier: #VU59237

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2021-43816

CWE-ID: CWE-264

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
containerd

Software vendor:
containerd

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a logic issue, which causes arbitrary files and directories on the host to be relabeled to match the container process label through the use of specially-configured bind mounts in a hostPath volume. A local user can place the in-container location of the hostPath volume mount at either `/etc/hosts`, `/etc/hostname`, or `/etc/resolv.conf` and gain read/write access to arbitrary file on the system.

The vulnerability affects containerd installations using SELinux, such as EL8 (CentOS, RHEL), Fedora, or SUSE MicroOS.

Remediation

Install updates from vendor's website.

External links

https://github.com/containerd/containerd/security/advisories/GHSA-mvff-h3cj-wj9c

#VU59237 Security restrictions bypass in containerd - CVE-2021-43816

Description

Remediation

External links

Please verify you're human