CVE-2021-30465

high
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

runc before 1.0.0-rc95 allows a Container Filesystem Breakout via Directory Traversal. To exploit the vulnerability, an attacker must be able to create multiple containers with a fairly specific mount configuration. The problem occurs via a symlink-exchange attack that relies on a race condition.

References

https://github.com/opencontainers/runc/security/advisories/GHSA-c3xm-pvg7-gh7r

https://github.com/opencontainers/runc/releases

http://www.openwall.com/lists/oss-security/2021/05/19/2

https://lists.fedoraproject.org/archives/list/[email protected]/message/4HOARVIT47RULTTFWAU7XBG4WY6TDDHV/

https://lists.fedoraproject.org/archives/list/[email protected]/message/35ZW6NBZSBH5PWIT7JU4HXOXGFVDCOHH/

https://bugzilla.opensuse.org/show_bug.cgi?id=1185405

https://github.com/opencontainers/runc/commit/0ca91f44f1664da834bc61115a849b56d22f595f

https://security.netapp.com/advisory/ntap-20210708-0003/

Details

Source: MITRE

Published: 2021-05-27

Updated: 2021-07-10

Type: CWE-22

Risk Information

CVSS v2

Base Score: 6

Vector: AV:N/AC:M/Au:S/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 6.8

Severity: MEDIUM

CVSS v3

Base Score: 8.5

Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

Impact Score: 6

Exploitability Score: 1.8

Severity: HIGH

Tenable Plugins

View all (30 total)

IDNameProductFamilySeverity
154100SUSE SLES12 Security Update : containerd, docker, runc (SUSE-SU-2021:3336-1)NessusSuSE Local Security Checks
medium
153713EulerOS 2.0 SP9 : docker-engine (EulerOS-SA-2021-2523)NessusHuawei Local Security Checks
high
153702EulerOS 2.0 SP9 : docker-engine (EulerOS-SA-2021-2547)NessusHuawei Local Security Checks
high
152329EulerOS 2.0 SP8 : docker-engine (EulerOS-SA-2021-2292)NessusHuawei Local Security Checks
high
151692openSUSE 15 Security Update : containerd, docker, runc (openSUSE-SU-2021:1954-1)NessusSuSE Local Security Checks
high
151114Oracle Linux 7 : docker-engine / docker-cli (ELSA-2021-9329)NessusOracle Linux Local Security Checks
high
151113Oracle Linux 7 : docker-engine / docker-cli (ELSA-2021-15112)NessusOracle Linux Local Security Checks
high
151074openSUSE 15 Security Update : containerd, docker, runc (openSUSE-SU-2021:0878-1)NessusSuSE Local Security Checks
high
150841CentOS 8 : container-tools:2.0 (CESA-2021:2291)NessusCentOS Local Security Checks
high
150839CentOS 8 : container-tools:3.0 (CESA-2021:2370)NessusCentOS Local Security Checks
high
150832CentOS 8 : container-tools:rhel8 (CESA-2021:2371)NessusCentOS Local Security Checks
high
150823RHEL 8 : container-tools:3.0 (RHSA-2021:2370)NessusRed Hat Local Security Checks
high
150813RHEL 8 : container-tools:rhel8 (RHSA-2021:2371)NessusRed Hat Local Security Checks
high
150748Oracle Linux 8 : container-tools:3.0 (ELSA-2021-2370)NessusOracle Linux Local Security Checks
high
150747Oracle Linux 8 : container-tools:ol8 (ELSA-2021-2371)NessusOracle Linux Local Security Checks
high
150729SUSE SLES15 Security Update : containerd, docker, runc (SUSE-SU-2021:1954-1)NessusSuSE Local Security Checks
high
150688Oracle Linux 7 : runc (ELSA-2021-9298)NessusOracle Linux Local Security Checks
high
150505SUSE SLES12 Security Update : runc (SUSE-SU-2021:1885-1)NessusSuSE Local Security Checks
high
150500Oracle Linux 8 : container-tools:2.0 (ELSA-2021-2291)NessusOracle Linux Local Security Checks
high
150433RHEL 7 : OpenShift Container Platform 3.11.452 bug fix and (RHSA-2021:2150)NessusRed Hat Local Security Checks
high
150375RHEL 8 : container-tools:2.0 (RHSA-2021:2292)NessusRed Hat Local Security Checks
high
150235Photon OS 4.0: Runc PHSA-2021-4.0-0035NessusPhotonOS Local Security Checks
high
149980RHEL 7 : OpenShift Container Platform 4.5.40 (RHSA-2021:2057)NessusRed Hat Local Security Checks
high
149978RHEL 7 : OpenShift Container Platform 4.6.30 packages and (RHSA-2021:1566)NessusRed Hat Local Security Checks
high
149876RHEL 7 / 8 : OpenShift Container Platform 4.7.12 packages and (RHSA-2021:1562)NessusRed Hat Local Security Checks
high
149832Photon OS 2.0: Runc PHSA-2021-2.0-0347NessusPhotonOS Local Security Checks
high
149827Photon OS 1.0: Runc PHSA-2021-1.0-0388NessusPhotonOS Local Security Checks
high
149821Photon OS 3.0: Runc PHSA-2021-3.0-0239NessusPhotonOS Local Security Checks
high
149783Amazon Linux AMI : runc (ALAS-2021-1499)NessusAmazon Linux Local Security Checks
high
149742Ubuntu 18.04 LTS / 20.04 LTS : runC vulnerability (USN-4960-1)NessusUbuntu Local Security Checks
high