CVE-2021-30465

Aliases:GHSA-c3xm-pvg7-gh7rGO-2022-0914
Advisory lineage Upstream: 0 Downstream: 26
Modified
Published: 27 May 2021, 00:00
Last modified:03 Aug 2024, 22:32

Vulnerability Summary

Overall Risk (default)
medium
34/100
CVSS Score
8.5 HIGH
v3.1 (nvd)
EPSS Score
1.47% LOW
1% probability 0.00%
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

27 May 2021, 00:00
Published
Vulnerability first disclosed
03 Aug 2024, 22:32
Last Modified
Vulnerability information updated

Description

runc before 1.0.0-rc95 allows a Container Filesystem Breakout via Directory Traversal. To exploit the vulnerability, an attacker must be able to create multiple containers with a fairly specific mount configuration. The problem occurs via a symlink-exchange attack that relies on a race condition.

CVSS Metrics

  • v3.1HIGHScore: 8.5CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
  • v3.1HIGHScore: 7.6CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N
  • v2.0MEDIUMScore: 6AV:N/AC:M/Au:S/C:P/I:P/A:P

EPSS Trends

Current EPSS score: 1.47% Percentile: 81%

Techniques & Countermeasures

  • CWE-362Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

    The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.

Affected Systems

  • fedoraprojectfedora

    33 | 34

  • github.com/opencontainersrunc

    < 1.0.0-rc95

  • linuxfoundationrunc

    ≤ 0.1.1 | 1.0.0:rc1 | 1.0.0:rc10 | 1.0.0:rc2 | 1.0.0:rc3 | 1.0.0:rc4 | 1.0.0:rc5 | 1.0.0:rc6 | 1.0.0:rc7 | 1.0.0:rc8 | 1.0.0:rc9 | 1.0.0:rc90 | 1.0.0:rc91 | 1.0.0:rc92 | 1.0.0:rc93 | 1.0.0:rc94

References (14)