A vulnerability classified as critical was found in podman 1.6.0. Affected by this vulnerability is an unknown function. The manipulation with an unknown input leads to a file access vulnerability. The CWE definition for the vulnerability is CWE-552. The product makes files or directories accessible to unauthorized actors, even though they should not be. As an impact it is known to affect integrity, and availability. The summary by CVE is:

A flaw was discovered in Podman where it incorrectly allows containers when created to overwrite existing files in volumes, even if they are mounted as read-only. When a user runs a malicious container or a container based on a malicious image with an attached volume that is used for the first time, it is possible to trigger the flaw and overwrite files in the volume.This issue was introduced in version 1.6.0.

The weakness was released 02/11/2020 as not defined bug report (Bugzilla). It is possible to read the advisory at bugzilla.redhat.com. This vulnerability is known as CVE-2020-1726 since 11/27/2019. The exploitation appears to be difficult. The attack can be launched remotely. The exploitation doesn't need any form of authentication. The technical details are unknown and an exploit is not publicly available. The attack technique deployed by this issue is T1083 according to MITRE ATT&CK.

There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Productinfo

Name

• podman

Version

• 1.6.0

CPE 2.3info

• 🔍
• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion