Main Vulnerability Database Vulnerabilities #VU51017

#VU51017 Security restrictions bypass in Podman - CVE-2021-20188

Published: March 2, 2021

Vulnerability identifier: #VU51017

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2021-20188

CWE-ID: CWE-264

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
Podman

Software vendor:
Container Projects

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to file permissions for non-root users running in a privileged container are not correctly checked. A local low-privileged user inside the container can access arbitrary files in the container despite file permissions, e.g. even files owned by the root user inside the container are accessible.

Successful exploitation of the vulnerability may allow a local user to escalate privileges on the system.

Remediation

Install updates from vendor's website.

External links

https://bugzilla.redhat.com/show_bug.cgi?id=1915734

#VU51017 Security restrictions bypass in Podman - CVE-2021-20188

Description

Remediation

External links

Please verify you're human