Bug 1953065 (CVE-2021-31607)
| Summary: | CVE-2021-31607 salt: Command injection in the snapper module | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Pedro Sampaio <psampaio> |
| Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
| Status: | CLOSED WONTFIX | QA Contact: | |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | unspecified | CC: | amctagga, anharris, bniver, brycel, david-dm.murphy, flucifre, frederic.pierret, gmeno, hvyas, kp, mbenjamin, mhackett, sostapov, vereddy |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | salt 3003 | Doc Type: | If docs needed, set a value |
| Doc Text: |
A flaw was found in Salt. A command injection vulnerability occurs in the snapper module that allows local privilege escalation on a minion. This attack requires the creation of a file with a pathname that is backed up by snapper, with the master calling the snapper.diff function. Snapper.diff executes the popen unsafely. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | 2021-04-29 22:46:35 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 1953066 | ||
| Bug Blocks: | 1953067 | ||
|
Description
Pedro Sampaio
2021-04-23 19:41:47 UTC
Created salt tracking bugs for this issue: Affects: fedora-all [bug 1953066] This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2021-31607 |