Main Vulnerability Database SB2021072188

SB2021072188 - Anolis OS update for container-tools:2.0 (Anolis OS 8.4) module

Published: July 21, 2021 Updated: March 28, 2025

Security Bulletin ID SB2021072188

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Adjecent network

Highest impact Data manipulation

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Security features bypass (CVE-ID: CVE-2021-30465)

The vulnerability allows a remote attacker to compromise the target system.

The vulnerability exists due to the security features bypass issue. A remote authenticated attacker on the local network can perform a symlink exchange attack and host filesystem being bind-mounted into the container.

Remediation

Install update from vendor's website.

References

https://anas.openanolis.cn/errata/detail/ANSA-2021:0045

Vulnerable Software

Anolis OS: 8
podman-docker: before 1.6.4-26
container-selinux: before 2.130.0-1
cockpit-podman: before 11-1
skopeo-tests: before 0.1.41-4
skopeo: before 0.1.41-4
podman-tests: before 1.6.4-26
podman-remote: before 1.6.4-26
podman: before 1.6.4-26
fuse-overlayfs: before 0.7.8-1
containers-common: before 0.1.41-4
conmon: before 2.0.15-1
buildah-tests: before 1.11.6-8
buildah: before 1.11.6-8
udica: before 0.2.1-2
toolbox: before 0.0.7-1
python-podman-api: before 1.2.0-0.2.gitd0a45fe
slirp4netns: before 0.4.2-3.git21fdece
runc: before 1.0.0-65.rc10
python3-criu: before 3.12-9
criu: before 3.12-9
crit: before 3.12-9
containernetworking-plugins: before 0.8.3-4