SB2020031126 - Multiple vulnerabilities in OpenShift Container Platform

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2020031126

SB2020031126 - Multiple vulnerabilities in OpenShift Container Platform

Published: March 11, 2020 Updated: January 25, 2023

Security Bulletin ID SB2020031126
Severity
High
Patch available
YES
Number of vulnerabilities 5
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 40% Medium 20% Low 40%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 5 secuirty vulnerabilities.


1) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2020-1726)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists in Podman where it incorrectly allows containers when created to overwrite existing files in volumes, even if they are mounted as read-only. When a user runs a malicious container or a container based on a malicious image with an attached volume that is used for the first time, it is possible to trigger the flaw and overwrite files in the volume.T


2) Use-after-free (CVE-ID: CVE-2020-8945)

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error, as demonstrated by use for container image pulls by Docker or CRI-O. A remote attacker can crash the target system, or cause potential code execution for Go applications that use this library under certain conditions during GPG signature verification.


3) Incorrect default permissions (CVE-ID: CVE-2019-19355)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to incorrect default permissions for "/etc/passwd" file after modification in the "openshift/ocp-release-operator-sdk". A local user with access to the system can modify the file and escalate privileges on the system.


4) Resource exhaustion (CVE-ID: CVE-2019-16865)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to incorrect resource management issue when processing invalid images in Pillow. A remote attacker can trigger resource exhaustion with a specially crafted image file and perform a denial of service (DoS) attack.


5) Buffer overflow (CVE-ID: CVE-2020-5312)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists in the "libImaging/PcxDecode.c" file due to a boundary error when processing PCX image. A remote attacker can trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


Remediation

Install update from vendor's website.

References