Vulnerability CVE-2019-10152

Vulnerability Name:

CVE-2019-10152 (CCN-164445)

Assigned:

2019-05-28

Published:

2019-05-28

Updated:

2020-09-30

Summary:

A path traversal vulnerability has been discovered in podman before version 1.4.0 in the way it handles symlinks inside containers. An attacker who has compromised an existing container can cause arbitrary files on the host filesystem to be read/written when an administrator tries to copy a file from/to the container.

CVSS v3 Severity:

7.2 High (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:N)
6.3 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): High Privileges Required (PR): Low User Interaction (UI): Required
Scope:	Scope (S): Changed
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): None

7.5 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H)
6.5 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): High Privileges Required (PR): Low User Interaction (UI): Required
Scope:	Scope (S): Changed
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

CVSS v2 Severity:

2.6 Low (CVSS v2 Vector: AV:L/AC:H/Au:N/C:P/I:P/A:N)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): High Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): None

6.0 Medium (CCN CVSS v2 Vector: AV:L/AC:H/Au:S/C:C/I:C/A:C)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): High Athentication (Au): Single_Instance
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

Vulnerability Type:

CWE-59
CWE-22

Vulnerability Consequences:

Obtain Information

References:

Source: MITRE
Type: CNA
CVE-2019-10152

Source: SUSE
Type: Mailing List, Third Party Advisory
openSUSE-SU-2019:2044

Source: CCN
Type: Red Hat Bugzilla - Bug 1715667
CVE-2019-10152 podman: Improper symlink resolution allows access to host files when executing `podman cp` on running containers

Source: CONFIRM
Type: Issue Tracking, Patch, Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10152

Source: XF
Type: UNKNOWN
podman-cve201910152-dir-traversal(164445)

Source: CONFIRM
Type: Release Notes, Third Party Advisory
https://github.com/containers/libpod/blob/master/RELEASE_NOTES.md#140

Source: CCN
Type: libpod GIT Repository
Podman cp dereferences symlinks in host context #3211

Source: CONFIRM
Type: Third Party Advisory
https://github.com/containers/libpod/issues/3211

Source: CONFIRM
Type: Third Party Advisory
https://github.com/containers/libpod/pull/3214

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2019-10152

Vulnerable Configuration:

Configuration 1:

cpe:/a:libpod_project:libpod:*:*:*:*:*:*:*:* (Version < 1.4.0)

Configuration 2:

cpe:/o:opensuse:leap:15.1:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:podman_project:podman:1.3.2:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:201910152	V	CVE-2019-10152	2023-06-22
oval:org.opensuse.security:def:7584	P	libcontainers-common-20230214-150500.2.1 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:7862	P	podman-4.4.4-150500.1.4 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:721	P	Security update for postgresql13 (Important)	2022-09-01
oval:org.opensuse.security:def:3000	P	MozillaFirefox-68.1.0-109.92.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3247	P	libraptor2-0-2.0.10-3.63 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:94877	P	podman-3.4.4-150400.2.14 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:94630	P	libcontainers-common-20210626-150400.1.3 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:126	P	libcontainers-common-20200727-3.12.1 on GA media (Moderate)	2022-06-13
oval:org.opensuse.security:def:1298	P	Security update for the Linux Kernel (Important)	2022-03-30
oval:org.opensuse.security:def:942	P	Security update for strongswan (Important)	2022-02-18
oval:org.opensuse.security:def:1055	P	Security update for SDL2 (Important)	2022-01-18
oval:org.opensuse.security:def:112609	P	libcontainers-common-20210626-5.1 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:113150	P	podman-3.3.1-2.1 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:70027	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:100704	P	(Moderate)	2021-12-28
oval:org.opensuse.security:def:1290	P	Security update for the Linux Kernel (Live Patch 5 for SLE 15 SP3) (Important)	2021-12-14
oval:org.opensuse.security:def:93777	P	(Important)	2021-12-06
oval:org.opensuse.security:def:93991	P	(Moderate)	2021-12-06
oval:org.opensuse.security:def:68376	P	Security update for the Linux Kernel (Live Patch 7 for SLE 15 SP3) (Important)	2021-11-19
oval:org.opensuse.security:def:1577	P	Security update for samba (Important)	2021-11-15
oval:org.opensuse.security:def:64778	P	Security update for the Linux Kernel (Important)	2021-10-12
oval:org.opensuse.security:def:106093	P	libcontainers-common-20210626-5.1 on GA media (Moderate)	2021-10-01
oval:org.opensuse.security:def:106578	P	podman-3.3.1-2.1 on GA media (Moderate)	2021-10-01
oval:org.opensuse.security:def:63230	P	postgresql-contrib-10-6.8 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:69922	P	Security update for dovecot23 (Moderate)	2021-08-31
oval:org.opensuse.security:def:69708	P	Security update for go1.15 (Moderate)	2021-08-20
oval:org.opensuse.security:def:48095	P	libasan2-32bit-5.3.1+r233831-12.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48109	P	libexif12-0.6.21-8.3.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48094	P	libarchive13-3.1.2-26.3.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48230	P	libyaml-0-2-0.1.6-7.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:63092	P	java-1_8_0-openjdk-1.8.0.282-3.48.1 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:63456	P	rsvg-view-2.42.8-3.3.1 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:1914	P	cvs-1.12.12-2.30 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:71832	P	grep-3.1-4.3.12 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:1919	P	glibc-devel-32bit-2.31-7.20 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:71885	P	libcontainers-common-20200727-3.12.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:1928	P	jetty-http-9.4.38-3.6.2 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62387	P	podman-2.1.1-4.28.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:1930	P	kernel-docs-5.3.18-57.3 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:1936	P	nasm-2.14.02-3.4.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:100902	P	libcontainers-common-20200727-3.12.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:1949	P	perl-doc-5.26.1-15.87 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62144	P	libcontainers-common-20200727-3.12.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:1954	P	rpm-build-4.14.1-29.46 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:101131	P	podman-2.1.1-4.28.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:1910	P	crash-7.2.9-21.4 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:1959	P	zlib-devel-32bit-1.2.11-3.21.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:1908	P	cargo-1.43.1-12.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:68212	P	Security update for the Linux Kernel (Live Patch 2 for SLE 15 SP2) (Important)	2021-07-16
oval:org.opensuse.security:def:48426	P	giflib-progs-5.0.5-12.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48423	P	gdk-pixbuf-loader-rsvg-2.40.15-4.5 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48442	P	gzip-1.6-7.209 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48425	P	ghostscript-9.15-6.5 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48555	P	libsystemd0-228-117.12 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48567	P	libvorbis-doc-1.3.3-8.6 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48647	P	wpa_supplicant-2.2-14.2 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48765	P	bogofilter-1.2.4-5.3 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48795	P	libnewt0_52-0.52.16-1.83 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48906	P	gnome-online-accounts-3.20.5-9.6 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:74345	P	Security update for MozillaFirefox (Important)	2021-03-29
oval:org.opensuse.security:def:69813	P	Security update for ldb (Important)	2021-03-24
oval:org.opensuse.security:def:68112	P	Security update for the Linux Kernel (Live Patch 14 for SLE 15 SP1) (Important)	2021-03-17
oval:org.opensuse.security:def:64279	P	Security update for webkit2gtk3 (Important)	2020-12-17
oval:org.opensuse.security:def:100490	P	libcontainers-common-20200306-3.9.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62379	P	podman-1.8.0-4.20.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:71716	P	rzsz-0.12.21~rc-1.8 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62410	P	gdm-3.26.2.1-11.17 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:61810	P	libcontainers-common-20200306-3.9.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:107156	P	libcontainers-common-20200306-3.9.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:2215	P	spice-gtk-devel-0.37-1.92 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:116714	P	libcontainers-common-20200306-3.9.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62434	P	libcairo2-32bit-1.15.10-2.22 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:1961	P	python2-numpy-gnu-hpc-1.14.0-2.105 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62611	P	ImageMagick-7.0.7.34-8.3 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:71565	P	libipa_hbac-devel-1.16.1-15.32 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62411	P	gnome-keyring-3.20.1-3.21 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:107370	P	podman-1.8.0-4.20.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:116928	P	podman-1.8.0-4.20.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:71452	P	c-ares-devel-1.15.0+20200117-3.5.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62890	P	bsh2-2.0.0.b6-3.102 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:71551	P	libcontainers-common-20200306-3.9.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:49009	P	libfbembed2_5-2.5.2.26539-15.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:49000	P	kernel-default-extra-4.12.14-120.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:2599	P	Security update for containerd, docker, docker-runc, golang-github-docker-libnetwork (Important)	2020-12-02
oval:org.opensuse.security:def:2609	P	Security update for podman, slirp4netns and libcontainers-common (Moderate)	2020-12-02
oval:org.opensuse.security:def:49322	P	radvd on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:51044	P	Security update for podman, slirp4netns and libcontainers-common (Moderate)	2020-12-01
oval:org.opensuse.security:def:49220	P	libpq5 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49093	P	flac-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:66579	P	openvpn on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49154	P	libXvMC-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49108	P	gpg2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:66671	P	podman on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49633	P	gnome-shell-search-provider-nautilus on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49162	P	libcontainers-common on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49155	P	libXvnc1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49381	P	docker-libnetwork on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49706	P	newt-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:64865	P	Security update for podman, slirp4netns and libcontainers-common (Moderate)	2020-12-01
oval:org.opensuse.security:def:49602	P	typelib-1_0-JavaScriptCore-4_0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:73148	P	libcontainers-common on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49470	P	libthai-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:63783	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:49329	P	shadow on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:73030	P	amavisd-new on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49383	P	podman on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49537	P	libXp6-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:63917	P	Security update for shibboleth-sp (Moderate)	2020-12-01
oval:org.opensuse.security:def:65042	P	Security update for perl-DBI (Important)	2020-12-01
oval:org.opensuse.security:def:74219	P	Security update for MozillaThunderbird (Moderate)	2020-12-01
oval:org.opensuse.security:def:65132	P	Security update for podman, slirp4netns and libcontainers-common (Moderate)	2020-12-01
oval:org.opensuse.security:def:64167	P	Security update for samba (Important)	2020-12-01
oval:org.opensuse.security:def:73362	P	podman on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:64023	P	Security update for glibc (Important)	2020-12-01
oval:org.opensuse.security:def:50598	P	Security update for python3 (Moderate)	2020-12-01
oval:org.opensuse.security:def:73244	P	libwebp7 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:68479	P	Security update for podman, slirp4netns and libcontainers-common (Moderate)	2020-12-01
oval:org.opensuse.security:def:50652	P	Security update for podman, slirp4netns and libcontainers-common (Moderate)	2020-12-01
oval:org.opensuse.security:def:64125	P	Security update for grub2 (Important)	2020-12-01
oval:org.opensuse.security:def:66365	P	coreutils on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:66457	P	libcontainers-common on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49251	P	libunwind on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50982	P	Security update for qemu (Important)	2020-12-01
oval:org.opensuse.security:def:109969	P	Security update for podman, slirp4netns and libcontainers-common (Moderate)	2019-09-01
oval:org.opensuse.security:def:104134	P	Security update for podman, slirp4netns and libcontainers-common (Moderate)	2019-08-27
oval:org.opensuse.security:def:90191	P	Security update for podman, slirp4netns and libcontainers-common (Moderate)	2019-08-27
oval:org.opensuse.security:def:97444	P	Security update for podman, slirp4netns and libcontainers-common (Moderate)	2019-08-27
oval:org.opensuse.security:def:90479	P	Security update for podman, slirp4netns and libcontainers-common (Moderate)	2019-08-27
oval:org.opensuse.security:def:103846	P	Security update for podman, slirp4netns and libcontainers-common (Moderate)	2019-08-27

BACK