'[oss-security] CVE-2021-3762 quay/claircore: directory traversal when scanning crafted container ima'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    [oss-security] CVE-2021-3762 quay/claircore: directory traversal when scanning crafted container ima
From:       Przemyslaw Roguski <proguski () redhat ! com>
Date:       2021-09-29 18:20:22
Message-ID: CAGGkMiuFnMtwuUOeP7zdtf0dryKk0JLHfnHAk0uCzioKWeWKfw () mail ! gmail ! com
[Download RAW message or body]

Hello,

A directory traversal vulnerability was found in the ClairCore engine of
Clair.
An attacker can exploit this by supplying a crafted container image which,
when scanned by Clair, allows for arbitrary file write on the filesystem,
potentially allowing for remote code execution.

Red Hat has assigned CVE-2021-3762 to this vulnerability.
These issues have been rated Critical, with a CVSS:
9.8CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

### Affected Versions
ClairCore 0.4.6 release and higher (Clair v4.1.4 and higher)
ClairCore 0.5.3 release and higher (Clair v4.2.1 and higher)

### Fixed Versions
ClairCore v0.4.8 (shipped in Clair v4.1.6)
ClairCore v0.5.5 (shipped in Clair v4.2.3)

### Fixes
https://github.com/quay/claircore/pull/478
https://github.com/quay/clair/pull/1379
https://github.com/quay/clair/pull/1380

## Acknowledgements
Yanir Tsarimi
twitter.com/Yanir_
(Orca Security)

Best regards,
Przemyslaw Roguski

--
Przemyslaw Roguski / Red Hat Product Security

[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic