漏洞标题
存档包允许对解压缩目标目录以外的文件进行 chmod 操作
漏洞描述信息
存档包允许对解压目标目录之外的文件进行chmod操作
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:L
漏洞类别
N/A
漏洞标题
Archive package allows chmod of file outside of unpack target directory
漏洞描述信息
containerd is a container runtime. A bug was found in containerd versions prior to 1.4.8 and 1.5.4 where pulling and extracting a specially-crafted container image can result in Unix file permission changes for existing files in the host’s filesystem. Changes to file permissions can deny access to the expected owner of the file, widen access to others, or set extended bits like setuid, setgid, and sticky. This bug does not directly allow files to be read, modified, or executed without an additional cooperating process. This bug has been fixed in containerd 1.5.4 and 1.4.8. As a workaround, ensure that users only pull images from trusted sources. Linux security modules (LSMs) like SELinux and AppArmor can limit the files potentially affected by this bug through policies and profiles that prevent containerd from interacting with specific files.
CVSS信息
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L
漏洞类别
将资源暴露给错误范围
漏洞标题
Apache Containerd 权限许可和访问控制问题漏洞
漏洞描述信息
containerd是美国阿帕奇(Apache)基金会的一个容器守护进程。该进程根据 RunC OCI 规范负责控制宿主机上容器的完整周期。 Containerd 1.4.8之前版本和1.5.4之前版本存在安全漏洞,该漏洞源于一个特殊制作的容器映像会导致主机文件系统中现有文件的Unix文件权限发生更改。对文件权限的更改可以拒绝对文件所有者的访问,扩大对其他人的访问。
CVSS信息
N/A
漏洞类别
权限许可和访问控制问题