Detections
Analytics
Alibaba Cloud Linux 3 : 0013: container-tools:rhel8 (ALINUX3-SA-2021:0013)
high Nessus Plugin ID 236549
Synopsis
The remote Alibaba Cloud Linux host is missing one or more security updates.Description
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2021:0013 advisory.Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities:
CVE-2019-10214:
The containers/image library used by the container tools Podman, Buildah, and Skopeo in Red Hat Enterprise Linux version 8 and CRI-O in OpenShift Container Platform, does not enforce TLS connections to the container registry authorization service. An attacker could use this vulnerability to launch a MiTM attack and steal login credentials or bearer tokens.
CVE-2019-18466:
An issue was discovered in Podman in libpod before 1.6.0. It resolves a symlink in the host context during a copy operation from the container to the host, because an undesired glob operation occurs. An attacker could create a container image containing particular symlinks that, when copied by a victim user to the host filesystem, may overwrite existing files with others from the host.
CVE-2019-9514:
Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service.
The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer queues the RST_STREAM frames, this can consume excess memory, CPU, or both.
CVE-2020-10696:
A path traversal flaw was found in Buildah in versions before 1.14.5. This flaw allows an attacker to trick a user into building a malicious container image hosted on an HTTP(s) server and then write files to the user's system anywhere that the user has permissions.
CVE-2020-14040:
The x/text package before 0.3.3 for Go has a vulnerability in encoding/unicode that could lead to the UTF-16 decoder entering an infinite loop, causing the program to crash or run out of memory. An attacker could provide a single byte to a UTF16 decoder instantiated with UseBOM or ExpectBOM to trigger an infinite loop if the String function on the Decoder is called, or the Decoder is passed to golang.org/x/text/transform.String.
CVE-2020-14370:
An information disclosure vulnerability was found in containers/podman in versions before 2.0.5. When using the deprecated Varlink API or the Docker-compatible REST API, if multiple containers are created in a short duration, the environment variables from the first container will get leaked into subsequent containers. An attacker who has control over the subsequent containers could use this flaw to gain access to sensitive information stored in such variables.
CVE-2020-1702:
A malicious container image can consume an unbounded amount of memory when being pulled to a container runtime host, such as Red Hat Enterprise Linux using podman, or OpenShift Container Platform. An attacker can use this flaw to trick a user, with privileges to pull container images, into crashing the process responsible for pulling the image. This flaw affects containers-image versions before 5.2.0.
CVE-2020-1726:
A flaw was discovered in Podman where it incorrectly allows containers when created to overwrite existing files in volumes, even if they are mounted as read-only. When a user runs a malicious container or a container based on a malicious image with an attached volume that is used for the first time, it is possible to trigger the flaw and overwrite files in the volume.This issue was introduced in version 1.6.0.
Tenable has extracted the preceding description block directly from the Alibaba Cloud Linux security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Update the affected packages.See Also
http://mirrors.aliyun.com/alinux/3/cve/alinux3-sa-20210013.xml
Plugin Details
Severity: High
ID: 236549
File Name: alinux3_sa_2021-0013.nasl
Version: 1.2
Type: local
Published: 5/14/2025
Updated: 5/15/2025
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 6.7
CVSS v2
Risk Factor: High
Base Score: 9.3
Temporal Score: 7.3
Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C
CVSS Score Source: CVE-2020-10696
CVSS v3
Risk Factor: High
Base Score: 8.8
Temporal Score: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C
Vulnerability Information
CPE: p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:oci-seccomp-bpf-hook-debuginfo, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:criu-debugsource, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:podman-remote-debuginfo, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:runc-debugsource, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:containernetworking-plugins-debugsource, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:podman-debuginfo, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:skopeo, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:buildah-debugsource, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:fuse-overlayfs, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:crit, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:python3-criu, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:crun-debuginfo, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:slirp4netns, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:podman, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:criu, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:podman-remote, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:podman-catatonit-debuginfo, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:skopeo-tests, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:udica, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:crun-debugsource, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:buildah-tests-debuginfo, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:conmon-debugsource, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:skopeo-debuginfo, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:conmon, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:crun, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:runc-debuginfo, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:podman-catatonit, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:slirp4netns-debugsource, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:containers-common, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:conmon-debuginfo, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:buildah, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:container-selinux, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:containernetworking-plugins, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:oci-seccomp-bpf-hook-debugsource, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:oci-seccomp-bpf-hook, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:fuse-overlayfs-debugsource, cpe:/o:alibabacloud:alibaba_cloud_linux_3, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:podman-plugins-debuginfo, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:podman-debugsource, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:buildah-tests, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:buildah-debuginfo, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:runc, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:criu-debuginfo, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:slirp4netns-debuginfo, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:containernetworking-plugins-debuginfo, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:skopeo-debugsource, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:fuse-overlayfs-debuginfo, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:cockpit-podman, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:podman-docker, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:podman-tests, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:podman-plugins
Required KB Items: Host/local_checks_enabled, Host/cpu, Host/Alibaba/release, Host/Alibaba/rpm-list
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 3/10/2021
Vulnerability Publication Date: 8/9/2019
Reference Information
CVE: CVE-2019-10214, CVE-2019-18466, CVE-2019-9514, CVE-2020-10696, CVE-2020-14040, CVE-2020-14370, CVE-2020-1702, CVE-2020-1726