Arch Linux Security Advisory ASA-202102-12

Severity: Medium
Date : 2021-02-06
CVE-ID : CVE-2021-21284 CVE-2021-21285
Package : docker
Type : multiple issues
Remote : No
Link : https://security.archlinux.org/AVG-1528

Summary

The package docker before version 1:20.10.3-1 is vulnerable to multiple
issues including denial of service and privilege escalation.

Resolution

Upgrade to 1:20.10.3-1.

pacman -Syu “docker>=1:20.10.3-1”

The problems have been fixed upstream in version 20.10.3.

Workaround

None.

Description

• CVE-2021-21284 (privilege escalation)

In Docker before versions 9.03.15, 20.10.3 there is a vulnerability
involving the --userns-remap option in which access to remapped root
allows privilege escalation to real root. When using “–userns-remap”,
if the root user in the remapped namespace has access to the host
filesystem they can modify files under “/var/lib/docker/<remapping>”
that cause writing files with extended privileges. Versions 20.10.3 and
19.03.15 contain patches that prevent privilege escalation from
remapped user.

• CVE-2021-21285 (denial of service)

In Docker before versions 9.03.15, 20.10.3 there is a vulnerability in
which pulling an intentionally malformed Docker image manifest crashes
the dockerd daemon. Versions 20.10.3 and 19.03.15 contain patches that
prevent the daemon from crashing.

Impact

An attacker could crash the dockerd daemon via a crafted image. An
attacker with root access inside a docker container can escape the
container.

References

https://github.com/moby/moby/security/advisories/GHSA-7452-xqpj-6rpc
https://github.com/moby/moby/commit/edb62a3ace8c4303822a391b38231e577f8c2ee8
https://github.com/moby/moby/commit/bfedd2725971303efb7a2fe5d6990317b381622f
https://github.com/moby/moby/commit/e908cc39018c015084ffbffbc5703ccba5c2fbb7
https://github.com/moby/moby/security/advisories/GHSA-6fj5-m822-rqx8
https://github.com/moby/moby/commit/a7d4af84bd2f189b921c3ec60796aa825e3a0f2a
https://security.archlinux.org/CVE-2021-21284
https://security.archlinux.org/CVE-2021-21285