#VU61797 Incorrect default permissions in buildah - CVE-2022-27651

Cybersecurity Help s.r.o.

Published: 2022-04-01

Vulnerability identifier: #VU61797

Vulnerability risk: Medium

CVSSv4.0: 1.7 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2022-27651

CWE-ID: CWE-276

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
buildah
Client/Desktop applications / Software for system administration

Vendor: Container Projects

Description

The vulnerability allows a remote attacker to escalate privileges on the system.

The vulnerability exists due to incorrect default permissions for files and folders that are set by the application. A remote attacker can view contents of files and directories or modify them.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

buildah: 1.24.0 - 1.24.2

External links
https://github.com/containers/buildah/releases/tag/v1.25.0
https://github.com/containers/buildah/releases/tag/v1.24.3

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

SUSE update for buildah

Red Hat Enterprise Linux 8.4 Extended Update Support update for the container-tools:3.0 module

Red Hat Enterprise Linux 8.2 update for the container-tools:2.0 module

Anolis OS update for container-tools:3.0 module

Anolis OS update for container-tools:2.0 module

Red Hat Enterprise Linux 8 update for the container-tools:2.0 module

Red Hat Enterprise Linux 8 update for the container-tools:3.0 module

SUSE update for buildah

Red Hat Enterprise Linux 8.4 update for the container-tools:2.0 module