Date: Thu, 13 Oct 2016 09:33:21 -0400 (EDT) From: CAI Qian <caiqian@...hat.com> To: oss-security@...ts.openwall.com Subject: Re: cve request: systemd-machined: information exposure for docker containers ----- Original Message ----- > From: cve-assign@...re.org > To: caiqian@...hat.com > Cc: cve-assign@...re.org, oss-security@...ts.openwall.com > Sent: Tuesday, July 26, 2016 3:24:13 PM > Subject: Re: cve request: systemd-machined: information exposure for docker containers > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > > Once docker containers register themselves to systemd-machined > > by oci-register-machine. Any unprivileged user could run > > machinectl to list every single containers running in the host > > even if the containers do not belong to this user (including containers > > belong to the root user), and access sensitive information associated > > with any individual container including its internal IP address, OS > > version, running processes, and file path for its rootfs. > > > > $ machinectl status cc8d10c7b9892b75843d200d54d34a3a > > cc8d10c7b9892b75843d200d54d34a3a(63633864313063376239383932623735) > > Since: Mon 2016-07-25 17:55:36 UTC; 34s ago > > Leader: 43494 (sleep) > > Service: docker; class container > > Root: > > /var/mnt/overlay/overlay/0429684e3da515ae4f11b8514c7b20f759613 > > Address: 172.17.0.2 > > fe80::42:acff:fe11:2 > > OS: Red Hat Enterprise Linux Server 7.2 (Maipo) > > Unit: > > docker-cc8d10c7b9892b75843d200d54d34a3a9435fe0f65527c254ebfd2d > > 43494 sleep 3000 > > Use CVE-2016-6349. It turns out this CVE is against oci-register-machine NOT systemd. The fix is here, https://github.com/projectatomic/oci-register-machine/pull/22 CAI Qian
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.