Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Thu, 13 Oct 2016 09:33:21 -0400 (EDT)
From: CAI Qian <caiqian@...hat.com>
To: oss-security@...ts.openwall.com
Subject: Re: cve request: systemd-machined: information exposure for docker
 containers



----- Original Message -----
> From: cve-assign@...re.org
> To: caiqian@...hat.com
> Cc: cve-assign@...re.org, oss-security@...ts.openwall.com
> Sent: Tuesday, July 26, 2016 3:24:13 PM
> Subject: Re: cve request: systemd-machined: information exposure for docker containers
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
> 
> > Once docker containers register themselves to systemd-machined
> > by oci-register-machine. Any unprivileged user could run
> > machinectl to list every single containers running in the host
> > even if the containers do not belong to this user (including containers
> > belong to the root user), and access sensitive information associated
> > with any individual container including its internal IP address, OS
> > version, running processes, and file path for its rootfs.
> > 
> > $ machinectl status cc8d10c7b9892b75843d200d54d34a3a
> > cc8d10c7b9892b75843d200d54d34a3a(63633864313063376239383932623735)
> >            Since: Mon 2016-07-25 17:55:36 UTC; 34s ago
> >           Leader: 43494 (sleep)
> >          Service: docker; class container
> >             Root:
> >             /var/mnt/overlay/overlay/0429684e3da515ae4f11b8514c7b20f759613
> >          Address: 172.17.0.2
> >                   fe80::42:acff:fe11:2
> >               OS: Red Hat Enterprise Linux Server 7.2 (Maipo)
> >             Unit:
> >             docker-cc8d10c7b9892b75843d200d54d34a3a9435fe0f65527c254ebfd2d
> >                   43494 sleep 3000
> 
> Use CVE-2016-6349.
It turns out this CVE is against oci-register-machine NOT systemd. The fix is here,

https://github.com/projectatomic/oci-register-machine/pull/22

   CAI Qian

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ