Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Archive package allows chmod of file outside of unpack target directory
Vulnerability Description
containerd is a container runtime. A bug was found in containerd versions prior to 1.4.8 and 1.5.4 where pulling and extracting a specially-crafted container image can result in Unix file permission changes for existing files in the host’s filesystem. Changes to file permissions can deny access to the expected owner of the file, widen access to others, or set extended bits like setuid, setgid, and sticky. This bug does not directly allow files to be read, modified, or executed without an additional cooperating process. This bug has been fixed in containerd 1.5.4 and 1.4.8. As a workaround, ensure that users only pull images from trusted sources. Linux security modules (LSMs) like SELinux and AppArmor can limit the files potentially affected by this bug through policies and profiles that prevent containerd from interacting with specific files.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L
Vulnerability Type
将资源暴露给错误范围
Vulnerability Title
Apache Containerd 权限许可和访问控制问题漏洞
Vulnerability Description
containerd是美国阿帕奇(Apache)基金会的一个容器守护进程。该进程根据 RunC OCI 规范负责控制宿主机上容器的完整周期。 Containerd 1.4.8之前版本和1.5.4之前版本存在安全漏洞,该漏洞源于一个特殊制作的容器映像会导致主机文件系统中现有文件的Unix文件权限发生更改。对文件权限的更改可以拒绝对文件所有者的访问,扩大对其他人的访问。
CVSS Information
N/A
Vulnerability Type
N/A