Vulnerability Report

CVE-2021-41103

Title: Containerd Insufficiently Restricted Permissions EoP

Privilege Escalation

Proof Of Concept

No public PoC currently indexed for CVE-2021-41103.

CWE Category CWE-22

Published Date Oct 04, 2021

Modified Date Nov 21, 2024

Exploit Status Not Found

Score 7.8 CVSS v3.1

Exploit Probability (EPSS)

0.25%

Vulnerability Summary

CVE-2021-41103: containerd is an open source container runtime with an emphasis on simplicity, robustness and portability. A bug was found in containerd where container root directories and some plugins had insufficiently restricted permissions, allowing otherwise unprivileged Linux users to traverse directory contents and execute programs. When containers included executable programs with extended permission bits (such as setuid), unprivileged Linux users could discover and execute those programs. When the UID of an unprivileged Linux user on the host collided with the file owner or group inside a container, the unprivileged Linux user on the host could discover, read, and modify those files. This vulnerability has been fixed in containerd 1.4.11 and containerd 1.5.7. Users should update to these version when they are released and may restart containers or update directory permissions to mitigate the vulnerability. Users unable to update should limit access to the host to trusted users. Update directory permission on container bundles directories.

Impacted Vendors

linuxfoundation 1

Reference Links

https://cert-portal.siemens.com/productcert/pdf/ssa-222547.pdf https://github.com/containerd/containerd/commit/5b46e404f6b9f661a205e28d59c982d3634148f8 https://github.com/containerd/containerd/security/advisories/GHSA-c2h3-6mxw-7mvq https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/B5Q6G6I4W5COQE25QMC7FJY3I3PAYFBB/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNFADTCHHYWVM6W4NJ6CB4FNFM2VMBIB/ https://security.gentoo.org/glsa/202401-31 https://www.debian.org/security/2021/dsa-5002 https://cert-portal.siemens.com/productcert/pdf/ssa-222547.pdf https://github.com/containerd/containerd/commit/5b46e404f6b9f661a205e28d59c982d3634148f8 https://github.com/containerd/containerd/security/advisories/GHSA-c2h3-6mxw-7mvq https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/B5Q6G6I4W5COQE25QMC7FJY3I3PAYFBB/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNFADTCHHYWVM6W4NJ6CB4FNFM2VMBIB/ https://security.gentoo.org/glsa/202401-31 https://www.debian.org/security/2021/dsa-5002

CVSS v3.1

Source Entity [email protected]

Severity HIGH

7.8

Attack Vector

LOCAL

Complexity

LOW

Privileges

N/A

Interaction

NONE

Confidentiality

N/A

Integrity

N/A

Availability

N/A

Scope

UNCHANGED

RAW VECTOR CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS v3.0

Source Entity [email protected]

Severity MEDIUM

5.9

Attack Vector

LOCAL

Complexity

LOW

Privileges

N/A

Interaction

NONE

Confidentiality

N/A

Integrity

N/A

Availability

N/A

Scope

UNCHANGED

RAW VECTOR CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CVSS v2.0

Source Entity [email protected]

Severity HIGH

7.2

Access Vector

N/A

Authentication

N/A

RAW VECTOR AV:L/AC:L/Au:N/C:C/I:C/A:C

Associated Attack Patterns (CAPEC)

Total: Patterns

CVE-2021-41103 Exploits & PoCs (Proof Of Concept)

No public PoCs found in our database for this CVE.

November 21, 2024 MODIFIED

Vulnerability data or affected products updated.

October 04, 2021 PUBLISHED

Vulnerability first announced in NVD.

Attack Vector Matrix

Access Vector LOCAL

Complexity LOW

Privileges N/A

Interaction NONE

CVSS Vector String


                                    CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Stack

No specific products linked.