SynopsisThe remote SUSE host is missing one or more security updates.
DescriptionThe remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3766-1 advisory.
- A path traversal flaw was found in Buildah in versions before 1.14.5. This flaw allows an attacker to trick a user into building a malicious container image hosted on an HTTP(s) server and then write files to the user's system anywhere that the user has permissions. (CVE-2020-10696)
- An improper limitation of path name flaw was found in containernetworking/cni in versions before 0.8.1.
When specifying the plugin to load in the 'type' field in the network configuration, it is possible to use special elements such as ../ separators to reference binaries elsewhere on the system. This flaw allows an attacker to execute other existing binaries other than the cni plugins/types, such as 'reboot'. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
- An incorrect handling of the supplementary groups in the Buildah container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to execute a binary code in that container. (CVE-2022-2990)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
SolutionUpdate the affected buildah, libgpg-error-devel, libgpg-error0 and / or libgpg-error0-32bit packages.
File Name: suse_SU-2022-3766-1.nasl
Supported Sensors: Agentless Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent
Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C
CPE: p-cpe:/a:novell:suse_linux:libgpg-error0, p-cpe:/a:novell:suse_linux:buildah, p-cpe:/a:novell:suse_linux:libgpg-error-devel, p-cpe:/a:novell:suse_linux:libgpg-error0-32bit, cpe:/o:novell:suse_linux:15
Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list
Exploit Ease: Exploits are available
Patch Publication Date: 10/26/2022
Vulnerability Publication Date: 3/31/2020