SB2022112121 - SUSE update for cni-plugins

Security Bulletin ID SB2022112121

Severity

Medium

Patch available

YES

Number of vulnerabilities 2

Exploitation vector Remote access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 2 secuirty vulnerabilities.

1) Insufficient verification of data authenticity (CVE-ID: CVE-2020-10749)

The vulnerability allows a remote attacker to perform a man-in-the-Middle attack.

The vulnerability exists due to insufficient verification of data authenticity in CNI plugins when processing IPV6 router advertisements. A malicious container can exploit this flaw by sending rogue IPv6 router advertisements to the host or other containers, to redirect traffic to the malicious container.

2) Improper Protection of Alternate Path (CVE-ID: CVE-2021-20206)

The vulnerability allows a remote user to compromise the affected system.

the vulnerability exists due to improper input validation. When specifying the plugin to load in the 'type' field in the network configuration, it is possible to use special elements such as "../" separators to reference binaries elsewhere on the system. This flaw allows a remote user to execute other existing binaries other than the cni plugins/types, such as 'reboot'.

Remediation

Install update from vendor's website.

References

https://www.suse.com/support/update/announcement/2022/suse-su-20224151-1/