Kusagadzikana CVE-2024-21626 yakawanikwa murunc toolkit yekutangisa midziyo yakasarudzika, inoshandiswa muDocker neKubernetes. Inobvumira kuwana iyo host environment file system kubva kune yakasarudzika mudziyo. Munguva yekurwiswa, munhu anorwisa anogona kunyora pasi mamwe mafaera anogona kuitiswa munzvimbo inotambira uye nekudaro anowana kuurayiwa kwekodhi yavo kunze kwemudziyo. Iyo nyaya haiitike muruntime crun uye youki, iyo inoshandisa runc, pamwe neLXC. Kusagadzikana kwakagadziriswa murunc 1.1.12.
Panyaya yekushandisa Docker kana Kubernetes maturusi, kurwiswa kunogona kuitwa nekugadzirira yakanyatsogadzirirwa mudziyo mufananidzo, mushure mekuisa uye kuvhurwa kwayo iyo yekunze faira system inogona kuwanikwa kubva mumudziyo. Paunenge uchishandisa Docker, zvinokwanisika kuishandisa kuburikidza neyakagadzirwa Dockerfile. Kusagadzikana kunogonawo kushandiswa kana maitiro akatangwa mumudziyo uchishandisa "runc exec" kuraira nekusunga dhairekitori rekushanda kune iyo nzvimbo yenzvimbo yezita.
Kusagadzikana kunokonzerwa nekudonha kwemukati faira descriptors. Usati washandisa kodhi mukati memudziyo, runc inovhara zvese zvinotsanangura faira uchishandisa O_CLOEXEC mureza. Nekudaro, mushure mekuzoitwa kweiyo setcwd () basa, faira inotsanangura inonongedza kudhairekitori rekushanda inoramba yakavhurika uye inoramba ichiwanikwa mushure mekunge mudziyo watanga. Zviitiko zvakati wandei zvekurwiswa zvakarongwa kune iyo nzvimbo yekutambira uchishandisa yasara faira descriptor.
Semuyenzaniso, munhu anorwisa anogona kuseta process.cwd parameter mumufananidzo wemudziyo kuti anongedze ku "/proc/self/fd/7/", iyo inosunga pid1 maitiro mumudziyo kune dhairekitori rekushanda riri munzvimbo inokwirisa nzvimbo. Saka, mufananidzo wemudziyo unogona kugadzirwa kuti utange "/proc/self/fd/7/../../../bin/bash" uye, kuburikidza nekuita script yegobolondo, nyora pamusoro zvirimo zve "/proc/self/exe", inonongedza kune iyo host kopi ye /bin/bash.
Imwe nzira yekurwisa inobvumira anorwisa, anovharirwa mukati memudziyo, kuti awane mukana kune iyo nharaunda dhairekitori kana akasarudzika maitiro akatangwa mugaba rakatsanangurwa uchishandisa "runc exec" kuraira ne "--cwd" sarudzo. Anorwisa anogona kutsiva gwara rehurongwa hwakatangwa nechiratidzo chinonongedza ku "/proc/self/fd/7/" uye kuwana kuvhurwa kwe "/proc/$exec_pid/cwd" kuti uwane iyo faira system padivi rekugamuchira. Anorwisa anogonawo kuwana kudhindwa kwemafaira anogona kuitiswa padivi renzvimbo inotambira nekuronga kuvhurwa kwefaira rinogoneka kubva munzvimbo inotambira ("/proc/self/fd/7/../../../bin/bash") uye wozonyora faira "/proc/$pid/exe" zvichireva faira rakatangwa.
Uye zvakare, humwe hunyoro hushanu hwakaonekwa muDocker toolkit zvikamu:
- CVE-2024-23651 - Mamiriro emujaho muBuildKit, pasuru inoshandiswa naDocker kushandura kodhi sosi kuita zvigadzirwa zvekugadzira, inokonzerwa nekushandiswa kwenzvimbo imwechete yakagovaniswa yekumisikidza ine cache ("--gomo = mhando = cache, source = ") mumatanho ekuvaka akafanana, ayo anobvumira kuwana mafaera munzvimbo inotambira kubva mumudziyo wekuvaka kana uchigadzira DoKicker yakakosha. Kusagadzikana kwakagadziriswa muBuildKit 0.12.5.
- CVE-2024-23652 - Chikanganiso mukudzima mafaira asina chinhu akagadzirirwa nzvimbo yekukwira kana uchishandisa "--mount" sarudzo inobvumira kudzima faira kunze kwemudziyo paunenge uchigadzira yakanyatso gadzirwa Dockerfile. Kusagadzikana uku kwakagadziriswa muBuildKit 0.12.5.
- CVE-2024-23653 -Kukanganisa kwekushandisa API muBuildKit inobvumira mudziyo kuti uitwe neropafadzo dzakakwirira, zvisinei nechengetedzo.insecure setting. Kusagadzikana uku kwakagadziriswa muBuildKit 0.12.5.
- CVE-2024-23650 - Iyo ine hutsinye BuildKit mutengi kana kumberi kunogona kukonzera BuildKit yekumashure maitiro kuparara. Nyaya iyi yakagadziriswa muBuildKit 0.12.5.
- CVE-2024-24557 - Cache chepfu kusagadzikana muMoby, chikamu chekuvaka akasarudzika ega ega masisitimu. Paunenge uchigadzira mufananidzo wakagadzirwa wakanyatsogadzirwa, zvinokwanisika kuchengetedza data rinogona kushandiswa mumatanho anotevera ekuvaka. Kusagadzikana kwakagadziriswa muMoby 25.0.2 uye 24.0.9.
Source: opennet.ru
