Bug 1921154 (CVE-2020-27534)
| Summary: | CVE-2020-27534 moby/buildkit: calls os.OpenFile with a potentially unsafe qemu-check temporary pathname | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Michael Kaplan <mkaplan> |
| Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
| Status: | CLOSED NOTABUG | QA Contact: | |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | unspecified | CC: | aos-bugs, bbennett, bdettelb, bmontgom, eparis, jburrell, jokerman, kmullins, maszulik, mcooper, mfojtik, nstielau, sponnaga, sttts, tomckay, xxia |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | moby/buildkit v0.8.0 | Doc Type: | If docs needed, set a value |
| Doc Text: |
A flaw was found in moby. Moby buildkit calls os.OpenFile with a potentially unsafe qemu-check temporary pathname, constructed with an empty first argument in an ioutil.TempDir call.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | 2021-01-29 08:41:39 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | |||
| Bug Blocks: | 1921156 | ||
|
Description
Michael Kaplan
2021-01-27 15:44:05 UTC
External References: https://github.com/moby/buildkit/pull/1462 https://github.com/moby/moby/pull/40877 Originally I thought this might apply to linux fixing the check function, but not so. This vulnerability only relates to the Windows environment. Windows doesn't support binfmt and the check command, but the library assumes it's there and attempts to execute it. This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2020-27534 |