Medium: docker

Issue Overview: Lack of content verification in Docker-CE Also known as Moby versions 1.12.6-0, 1.10.3, 17.03.0, 17.03.1, 17.03.2, 17.06.0, 17.06.1, 17.06.2, 17.09.0, and earlier allows a remote attacker to cause a Denial of Service via a crafted image layer payload, aka gzip bombing...

Medium: docker

Issue Overview: A flaw was found in the userns-remap feature of Docker. The root user in the remapped namespace can modify files under /var/lib/docker/, leading to possible privilege escalation to the root user in the host. The highest threat from this vulnerability is to data integrity...

Important: runc

Issue Overview: The runc package is vulnerable to a symlink exchange attack whereby an attacker can request a seemingly innocuous container configuration that results in the host filesystem being bind-mounted into the container. The highest threat from this vulnerability is to data confidentialit...

Medium: containerd

Issue Overview: A flaw was found in containerd. Credentials may be leaked during an image pull. CVE-2020-15157 Affected Packages: containerd Note: This advisory is applicable to Amazon Linux 2 - Docker Extra. Visit this page to learn more about Amazon Linux 2 AL2 Extras and this FAQ section for t...

Medium: containerd

Issue Overview: A flaw was found in containerd where pulling and extracting a specially-crafted container image can result in Unix file permission changes for existing files in the host's filesystem. Changes to file permissions can deny access to the expected owner of the file, widen access to...

Important: docker

Issue Overview: A flaw was discovered in the API endpoint behind the 'docker cp' command. The endpoint is vulnerable to a Time Of Check to Time Of Use TOCTOU vulnerability in the way it handles symbolic links inside a container. An attacker who has compromised an existing container can cause...

Medium: docker

Issue Overview: The default OCI Linux spec in oci/defaultslinux.go in Docker/Moby, from 1.11 to current, does not block /proc/acpi pathnames. The flaw allows an attacker to modify host's hardware like enabling/disabling Bluetooth or turning up/down keyboard brightness. CVE-2018-10892 Affected...

Medium: docker

Issue Overview: A flaw was found in moby. Moby buildkit calls os.OpenFile with a potentially unsafe qemu-check temporary pathname, constructed with an empty first argument in an ioutil.TempDir call. CVE-2020-27534 Affected Packages: docker Note: This advisory is applicable to Amazon Linux 2 -...

Medium: containerd

Issue Overview: A flaw was found in containerd. Access controls for the shim's API socket verified that a connecting process had an effective UID of 0, but otherwise did not restrict access to the abstract Unix domain socket. This could allow malicious containers running in the same network...

Medium: docker

Issue Overview: A flaw was found in the userns-remap feature of Docker. The root user in the remapped namespace can modify files under /var/lib/docker/, leading to possible privilege escalation to the root user in the host. The highest threat from this vulnerability is to data integrity...

Medium: docker

Issue Overview: Docker Engine before 18.09 allows attackers to cause a denial of service dockerd memory consumption via a large integer in a --cpuset-mems or --cpuset-cpus value, related to daemon/daemonunix.go, pkg/parsers/parsers.go, and pkg/sysinfo/sysinfo.go. CVE-2018-20699 A command injectio...

Important: runc

Issue Overview: runc through 1.0.0-rc8, as used in Docker through 19.03.2-ce and other products, allows AppArmor restriction bypass because libcontainer/rootfslinux.go incorrectly checks mount targets, and thus a malicious Docker image can mount over a /proc directory. CVE-2019-16884 A flaw was...

Important: docker

Issue Overview: A flaw was discovered in the API endpoint behind the 'docker cp' command. The endpoint is vulnerable to a Time Of Check to Time Of Use TOCTOU vulnerability in the way it handles symbolic links inside a container. An attacker who has compromised an existing container can cause...

Medium: containerd

Issue Overview: A flaw was found in containerd. Access controls for the shim's API socket verified that a connecting process had an effective UID of 0, but otherwise did not restrict access to the abstract Unix domain socket. This could allow malicious containers running in the same network...

Medium: docker

Issue Overview: The default OCI Linux spec in oci/defaultslinux.go in Docker/Moby, from 1.11 to current, does not block /proc/acpi pathnames. The flaw allows an attacker to modify host's hardware like enabling/disabling Bluetooth or turning up/down keyboard brightness. CVE-2018-10892 Affected...

Medium: docker

Issue Overview: Lack of content verification in Docker-CE Also known as Moby versions 1.12.6-0, 1.10.3, 17.03.0, 17.03.1, 17.03.2, 17.06.0, 17.06.1, 17.06.2, 17.09.0, and earlier allows a remote attacker to cause a Denial of Service via a crafted image layer payload, aka gzip bombing...

Important: runc

Issue Overview: The runc package is vulnerable to a symlink exchange attack whereby an attacker can request a seemingly innocuous container configuration that results in the host filesystem being bind-mounted into the container. The highest threat from this vulnerability is to data confidentialit...

Medium: containerd, docker

Issue Overview: In the OCI Distribution Specification version 1.0.0 and prior and in the OCI Image Specification version 1.0.1 and prior, manifest and index documents are ambiguous without an accompanying Content-Type HTTP header. Versions of Moby Docker Engine prior to 20.10.11 and versions of...

Medium: containerd, docker

Issue Overview: In the OCI Distribution Specification version 1.0.0 and prior and in the OCI Image Specification version 1.0.1 and prior, manifest and index documents are ambiguous without an accompanying Content-Type HTTP header. Versions of Moby Docker Engine prior to 20.10.11 and versions of...

Medium: containerd

Issue Overview: A flaw was found in containerd. Credentials may be leaked during an image pull. CVE-2020-15157 Affected Packages: containerd Note: This advisory is applicable to Amazon Linux 2 - Nitro-enclaves Extra. Visit this page to learn more about Amazon Linux 2 AL2 Extras and this FAQ secti...

Medium: docker

Issue Overview: Docker Engine before 18.09 allows attackers to cause a denial of service dockerd memory consumption via a large integer in a --cpuset-mems or --cpuset-cpus value, related to daemon/daemonunix.go, pkg/parsers/parsers.go, and pkg/sysinfo/sysinfo.go. CVE-2018-20699 A command injectio...

Medium: containerd

Issue Overview: A flaw was found in containerd CRI plugin. Containers launched through containerd's CRI implementation that share the same image may receive incorrect environment variables, including values that are defined for other containers. The highest threat from this vulnerability is to da...

Medium: containerd

Issue Overview: A flaw was found in containerd CRI plugin. Containers launched through containerd's CRI implementation that share the same image may receive incorrect environment variables, including values that are defined for other containers. The highest threat from this vulnerability is to da...

Important: runc

Issue Overview: runc through 1.0.0-rc8, as used in Docker through 19.03.2-ce and other products, allows AppArmor restriction bypass because libcontainer/rootfslinux.go incorrectly checks mount targets, and thus a malicious Docker image can mount over a /proc directory. CVE-2019-16884 A flaw was...

Important: tomcat8

Issue Overview: Apache Tomcat 10.0.0-M1 to 10.0.6, 9.0.0.M1 to 9.0.46 and 8.5.0 to 8.5.66 did not correctly parse the HTTP transfer-encoding request header in some circumstances leading to the possibility to request smuggling when used with a reverse proxy. Specifically: - Tomcat incorrectly...

Medium: curl

Issue Overview: A flaw was found in curl. This flaw lies in the --ssl-reqd option or related settings in libcurl. Users specify this flag to upgrade to TLS when communicating with either IMAP, POP3 or a FTP server. An attacker controlling such servers could return a crafted response which could...

Important: kernel-livepatch-5.10.62-55.141

Issue Overview: No CVE associated with this advisory Affected Packages: kernel-livepatch-5.10.62-55.141 Issue Correction: Please ensure you have live patching enabled. Run yum update kernel-livepatch-5.10.62-55.141 or yum update --advisory ALAS2LIVEPATCH-2021-068 to update your system. New...

Important: kernel-livepatch-5.10.59-52.142

Issue Overview: No CVE associated with this advisory Affected Packages: kernel-livepatch-5.10.59-52.142 Issue Correction: Please ensure you have live patching enabled. Run yum update kernel-livepatch-5.10.59-52.142 or yum update --advisory ALAS2LIVEPATCH-2021-067 to update your system. New...

Important: kernel-livepatch-5.10.50-44.132

Issue Overview: No CVE associated with this advisory Affected Packages: kernel-livepatch-5.10.50-44.132 Issue Correction: Please ensure you have live patching enabled. Run yum update kernel-livepatch-5.10.50-44.132 or yum update --advisory ALAS2LIVEPATCH-2021-066 to update your system. New...

Important: kernel-livepatch-5.10.50-44.131

Issue Overview: No CVE associated with this advisory Affected Packages: kernel-livepatch-5.10.50-44.131 Issue Correction: Please ensure you have live patching enabled. Run yum update kernel-livepatch-5.10.50-44.131 or yum update --advisory ALAS2LIVEPATCH-2021-065 to update your system. New...

Important: java-11-amazon-corretto

Issue Overview: There is a flaw in the xml entity encoding functionality of libxml2. An attacker who is able to supply a crafted file to be processed by an application linked with the affected functionality of libxml2 could trigger an out-of-bounds read. The most likely impact of this flaw is to...

Important: kernel

Issue Overview: A flaw was found in the Linux kernel. A corrupted timer tree caused the task wakeup to be missing in the timerqueueadd function in lib/timerqueue.c. This flaw allows a local attacker with special user privileges to cause a denial of service, slowing and eventually stopping the...

Medium: c-ares

Issue Overview: A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS Domain Name Servers can lead to output of wrong hostnames which might potentially lead to Domain Hijacking. The highest threat from this vulnerability is to confidentiality and...

Medium: openssl

Issue Overview: It was found that openssl assumed ASN.1 strings to be NUL terminated. A malicious actor may be able to force an application into calling openssl function with a specially crafted, non-NUL terminated string to deliberately hit this bug, which may result in a crash of the applicatio...

Medium: mysql57

Issue Overview: Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 5.7.34 and prior and 8.0.25 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to...

Low: hivex

Issue Overview: A flaw was found in the hivex library. This flaw allows an attacker to input a specially crafted Windows Registry hive file, which would cause hivex to recursively call the getchildren function, leading to a stack overflow. The highest threat from this vulnerability is to system...

Important: thunderbird

Issue Overview: Mozilla developers reported memory safety bugs present in Firefox 91 and Firefox ESR 78.13. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects...

Important: tomcat8

Issue Overview: A memory leak flaw was found in Apache Tomcat, where an HTTP upgrade connection does not release for WebSocket connections once the WebSocket connection is closed. If a sufficient number of such requests are made, an OutOfMemoryError occurs, leading to a denial of service. The...

Important: httpd24

Issue Overview: A NULL pointer dereference was found in Apache httpd modh2. The highest threat from this flaw is to system integrity. CVE-2021-33193 A NULL pointer dereference in httpd allows an unauthenticated remote attacker to crash httpd by providing malformed HTTP requests. The highest threa...

Important: httpd

Issue Overview: A NULL pointer dereference was found in Apache httpd modh2. The highest threat from this flaw is to system integrity. CVE-2021-33193 A NULL pointer dereference in httpd allows an unauthenticated remote attacker to crash httpd by providing malformed HTTP requests. The highest threa...

Important: libsndfile

Issue Overview: A heap buffer overflow flaw was found in libsndfile. This flaw allows an attacker to execute arbitrary code via a crafted WAV file. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. CVE-2021-3246 Affected Packages:...

Medium: openssl11

Issue Overview: It was found that openssl assumed ASN.1 strings to be NUL terminated. A malicious actor may be able to force an application into calling openssl function with a specially crafted, non-NUL terminated string to deliberately hit this bug, which may result in a crash of the applicatio...

Medium: glib2

Issue Overview: An issue was discovered in GNOME GLib before 2.66.7 and 2.67.x before 2.67.4. If gbytearraynewtake was called with a buffer of 4GB or more on a 64-bit platform, the length would be truncated modulo 232, causing unintended length truncation. CVE-2021-27218 Affected Packages: glib2...

Important: sssd

Issue Overview: A flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via the logs-fetch and cache-expire subcommands. This flaw allows an attacker to trick the root user into running a specially crafted sssctl command, such as via sudo, to gain root access...

Medium: kernel

Issue Overview: A flaw was found in the Linux kernel. A race condition was discovered in the ext4 subsystem. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. CVE-2021-40490 Affected Packages: kernel Note: This advisory is applicab...

Medium: openssl

Issue Overview: It was found that openssl assumed ASN.1 strings to be NUL terminated. A malicious actor may be able to force an application into calling openssl function with a specially crafted, non-NUL terminated string to deliberately hit this bug, which may result in a crash of the applicatio...

Important: sssd

Issue Overview: A flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via the logs-fetch and cache-expire subcommands. This flaw allows an attacker to trick the root user into running a specially crafted sssctl command, such as via sudo, to gain root access...

Important: kernel

Issue Overview: A flaw was found in the Linux kernel. When reusing a socket with an attached dccpshctxccid as a listener, the socket will be used after being released leading to denial of service DoS or a potential code execution. The highest threat from this vulnerability is to data...

Medium: golang

Issue Overview: A race condition flaw was found in Go. The incoming requests body weren't closed after the handler panic and as a consequence this could lead to ReverseProxy crash. The highest threat from this vulnerability is to Availability. CVE-2021-36221 Affected Packages: golang Issue...

Medium: containerd

Issue Overview: A bug was found in containerd where container root directories and some plugins had insufficiently restricted permissions, allowing otherwise unprivileged Linux users to traverse directory contents and execute programs. When containers included executable programs with extended...