GHSA-7452-xqpj-6rpc

Suggest an improvement
Source
https://github.com/advisories/GHSA-7452-xqpj-6rpc
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/01/GHSA-7452-xqpj-6rpc/GHSA-7452-xqpj-6rpc.json
JSON Data
https://api.osv.dev/v1/vulns/GHSA-7452-xqpj-6rpc
Aliases
Related
Published
2024-01-31T23:14:25Z
Modified
2024-06-10T18:39:17Z
Severity
  • 6.8 (Medium) CVSS_V3 - CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N CVSS Calculator
Summary
moby Access to remapped root allows privilege escalation to real root
Details

Impact

When using --userns-remap, if the root user in the remapped namespace has access to the host filesystem they can modify files under /var/lib/docker/<remapping> that cause writing files with extended privileges.

Patches

Versions 20.10.3 and 19.03.15 contain patches that prevent privilege escalation from remapped user.

Credits

Maintainers would like to thank Alex Chapman for discovering the vulnerability; @awprice, @nathanburrell, @raulgomis, @chris-walz, @erin-jensby, @bassmatt, @mark-adams, @dbaxa for working on it and Zac Ellis for responsibly disclosing it to security@docker.com

Database specific
{
    "nvd_published_at": "2021-02-02T18:15:00Z",
    "cwe_ids": [
        "CWE-22"
    ],
    "severity": "MODERATE",
    "github_reviewed": true,
    "github_reviewed_at": "2024-01-31T23:14:25Z"
}
References

Affected packages

Go / github.com/moby/moby

Package

Name
github.com/moby/moby
View open source insights on deps.dev
Purl
pkg:golang/github.com/moby/moby

Affected ranges

Type
SEMVER
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
19.3.15

Go / github.com/moby/moby

Package

Name
github.com/moby/moby
View open source insights on deps.dev
Purl
pkg:golang/github.com/moby/moby

Affected ranges

Type
SEMVER
Events
Introduced
20.10.0-beta1
Fixed
20.10.3