SUSE update for cni

1) Improper Protection of Alternate Path

EUVDB-ID: #VU55590

Risk: Medium

CVSSv4.0: 6.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2021-20206

CWE-ID: CWE-424 - Improper Protection of Alternate Path

Exploit availability: No

Description

The vulnerability allows a remote user to compromise the affected system.

the vulnerability exists due to improper input validation. When specifying the plugin to load in the 'type' field in the network configuration, it is possible to use special elements such as "../" separators to reference binaries elsewhere on the system. This flaw allows a remote user to execute other existing binaries other than the cni plugins/types, such as 'reboot'.

Mitigation

Update the affected package cni to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Module for Public Cloud: 15-SP4

SUSE Linux Enterprise Server for SAP Applications: 15

SUSE Linux Enterprise High Performance Computing: 15

SUSE Linux Enterprise Server: 15-SP2

cni: before 0.7.1-150000.1.7.1

CPE2.3

• cpe:2.3:o:suse:suse_linux_enterprise_module_for_public_cloud:15-SP4:*:*:*:*:*:*:*
• cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications:15:*:*:*:*:*:*:*
• cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing:15:*:*:*:*:*:*:*
• cpe:2.3:o:suse:suse_linux_enterprise_server:15-SP2:*:*:*:*:*:*:*
• cpe:2.3:a:suse:cni:*:*:*:*:*:suse_linux:*:*

External links

https://www.suse.com/support/update/announcement/2022/suse-su-20224150-1/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.