Detections
Analytics

Alpine: multiple podman packages: security update to 3.4.2-r0 (deprecated)

medium Tenable Cloud Security Plugin ID 400011

Description

There are packages installed that are affected by multiple vulnerabilities referenced in the following CVEs:

 - A flaw was found in podman. The `podman machine` function (used to create and manage Podman virtual
 machine containing a Podman process) spawns a `gvproxy` process on the host system. The `gvproxy` API is
 accessible on port 7777 on all IP addresses on the host. If that port is open on the host's firewall, an
 attacker can potentially use the `gvproxy` API to forward ports on the host to ports in the VM, making
 private services on the VM accessible to the network. This issue could be also used to interrupt the
 host's services by forwarding all ports to the VM. (CVE-2021-4024)

 - The OCI Distribution Spec project defines an API protocol to facilitate and standardize the distribution
 of content. In the OCI Distribution Specification version 1.0.0 and prior, the Content-Type header alone
 was used to determine the type of document during push and pull operations. Documents that contain both
 “manifests” and “layers” fields could be interpreted as either a manifest or an index in the absence of an
 accompanying Content-Type header. If a Content-Type header changed between two pulls of the same digest, a
 client may interpret the resulting content differently. The OCI Distribution Specification has been
 updated to require that a mediaType value present in a manifest or index match the Content-Type header
 used during the push and pull operations. Clients pulling from a registry may distrust the Content-Type
 header and reject an ambiguous document that contains both “manifests” and “layers” fields or “manifests”
 and “config” fields if they are unable to update to version 1.0.1 of the spec. (CVE-2021-41190)

See Also

https://git.alpinelinux.org/aports/commit/?id=5ed3a07407b49691fc37480b1da129949b0e8789

https://git.alpinelinux.org/aports/commit/?id=d16b1f16df08d918301f31e26e2d61c49a49e8e5

Plugin Details

Severity: Medium

ID: 400011

Version: Revision 1.33

Type: Local

Published: 1/31/2022

Updated: 1/17/2024

Supported Sensors: Agentless Assessment, Tenable Cloud Security, Tenable Self-Hosted Container Security

Risk Information

VPR

Risk Factor: Low

Score: 2.5

CVSS v2

Risk Factor: Medium

Base Score: 6.4

Temporal Score: 4.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P

CVSS Score Source: CVE-2021-4024

CVSS v3

Risk Factor: Medium

Base Score: 6.5

Temporal Score: 5.7

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

Exploit Ease: No known exploits are available

Patch Publication Date: 12/11/2021

Vulnerability Publication Date: 11/17/2021

Reference Information

CVE: CVE-2021-4024, CVE-2021-41190