podman-1.6.4-29.el7
エラータID: AXSA:2021-1611:02
リリース日:
2021/03/24 Wednesday - 06:38
題名:
podman-1.6.4-29.el7
影響のあるチャネル:
Asianux Server 7 for x86_64
Severity:
High
Description:
以下項目について対処しました。
[Security Fix]
- podmanには、特権付きコンテナの中で非rootユーザー向けの
ファイルのパーミッションが正しくチェックされないため、少ない特権を持つ
ユーザーがコンテナの中の他のファイルへのアクセスのために悪用することが
可能な脆弱性があります。(CVE-2021-20188)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2021-20188
A flaw was found in podman before 1.7.0. File permissions for non-root users running in a privileged container are not correctly checked. This flaw can be abused by a low-privileged user inside the container to access any other file in the container, even if owned by the root user inside the container. It does not allow to directly escape the container, though being a privileged container means that a lot of security features are disabled when running the container. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
A flaw was found in podman before 1.7.0. File permissions for non-root users running in a privileged container are not correctly checked. This flaw can be abused by a low-privileged user inside the container to access any other file in the container, even if owned by the root user inside the container. It does not allow to directly escape the container, though being a privileged container means that a lot of security features are disabled when running the container. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
追加情報:
N/A
ダウンロード:
SRPMS
- podman-1.6.4-29.el7.src.rpm
MD5: ced98154518af376cd9f42a580a72afe
SHA-256: 2fcf97ebc43a60ab9e9da9cbadc6f31ebc3d54e1a5a5ba0d5d8b0409a3080475
Size: 9.07 MB
Asianux Server 7 for x86_64
- podman-1.6.4-29.el7.x86_64.rpm
MD5: 7e62e3bfde86517aa594229d6f01b63f
SHA-256: 9edf8b9ec2afad535e491e2981c99bec2824be0c998d108811830e3e55e7a839
Size: 12.85 MB - podman-docker-1.6.4-29.el7.noarch.rpm
MD5: 57731d0920d95461f7720f0ac37f6a17
SHA-256: 9f54cf6560af610a125b1a577ba792a2d2d45270626bcc34cbab841d669a3e3f
Size: 30.57 kB
English