isula-build before 0.9.5-6 can cause a program crash, when building container images, some functions for processing external data do not remove spaces when processing data.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| openeuler | isula-build | * |
iSulad uses the lcr+lxc runtime (default) to run malicious images, which can cause DOS.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H | 1.8 | 3.6 |
| securities@openeuler.org | 6.3 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:H | 1.8 | 4.0 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| openeuler | icr | * |
When malicious images are pulled by isula pull, attackers can execute arbitrary code.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
| securities@openeuler.org | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| openeuler | isula | 2.0.8-20210518.144540 |
| openeuler | isula | 2.0.18-10 |
| openeuler | isula | 2.1.2 |
When the isula load command is used to load malicious images, attackers can execute arbitrary code.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| securities@openeuler.org | 8.4 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 2.5 | 5.9 |
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| openeuler | isula | 2.0.8-20210518.144540 |
| openeuler | isula | 2.0.18-10 |
| openeuler | isula | 2.1.2 |
When the isula export command is used to export a container to an image and the container is controlled by an attacker, the attacker can escape the container.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| securities@openeuler.org | 8.4 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 2.5 | 5.9 |
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N | 2.0 | 4.0 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| openeuler | isula | 2.0.8-20210518.144540 |
| openeuler | isula | 2.0.18-10 |
| openeuler | isula | 2.1.2 |
When the isula cp command is used to copy files from a container to a host machine and the container is controlled by an attacker, the attacker can escape the container.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| securities@openeuler.org | 8.4 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 2.5 | 5.9 |
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N | 2.0 | 4.0 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| openeuler | isula | 2.0.8-20210518.144540 |
| openeuler | isula | 2.0.18-10 |
| openeuler | isula | 2.1.2 |
When processing files, malloc stores the data of the current line. When processing comments, malloc incorrectly accesses the released memory (use after free).
Products Affected
| Vendor | Product | Version |
|---|---|---|
| openeuler | byacc | * |
When a file is processed, an infinite loop occurs in next_inline() of the more_curly() function.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| openeuler | byacc | * |