Plataforma
go
Componente
github.com/containers/podman
Corrigido em
1.4.1
1.4.0
CVE-2019-10152 represents a Path Traversal vulnerability discovered in Podman, a daemonless container engine. This flaw allows attackers to potentially read or write arbitrary files on the host system, compromising the security of containerized workloads. Versions of Podman prior to 1.4.0 are affected, and a fix has been released. Promptly upgrading is crucial to address this risk.
The Path Traversal vulnerability in Podman (CVE-2019-10152) enables an attacker to bypass intended access controls and interact with files outside of the intended container environment. Successful exploitation could lead to the disclosure of sensitive data, modification of system files, or even remote code execution if the attacker can leverage the file access to execute malicious code. The blast radius extends to the entire host system, as the vulnerability bypasses container isolation mechanisms. This is particularly concerning in multi-tenant environments or systems hosting critical infrastructure.
CVE-2019-10152 was publicly disclosed on August 20, 2024. The vulnerability's severity is rated HIGH (CVSS 7.2). Currently, there are no known active campaigns targeting this specific vulnerability, but the availability of a public proof-of-concept increases the risk of exploitation. It is not listed on the CISA KEV catalog as of this writing.
Organizations heavily reliant on containerization technologies, particularly those using Podman for development, testing, or production deployments, are at risk. Environments with shared hosting or multi-tenant container setups are especially vulnerable, as a compromise of one container could potentially impact others. Legacy Podman installations running older, unpatched versions are also at heightened risk.
• go / container: Inspect Podman container configurations for unusual file paths or access permissions.
ps aux | grep podman• linux / server: Monitor system logs for suspicious file access attempts, particularly those involving traversal sequences (e.g., '../').
journalctl -u podman -f | grep "../"• generic web: Examine Podman API endpoints for potential vulnerabilities related to file handling. Use curl to test for directory traversal.
curl 'http://localhost:8080/v1/containers/json?name=mycontainer&path=../../../../etc/passwd' #Example - adjust URLdisclosure
Status do Exploit
EPSS
0.36% (percentil 58%)
Vetor CVSS
The primary mitigation for CVE-2019-10152 is to upgrade Podman to version 1.4.0 or later, which includes the necessary fix. If an immediate upgrade is not feasible due to compatibility issues or system downtime constraints, consider implementing stricter access controls within the container environment to limit the potential impact of a successful exploit. While not a complete solution, restricting file system access for containers can reduce the attacker's ability to read or write sensitive files. Review and harden container configurations to minimize the attack surface. After upgrade, confirm by attempting to access files outside the intended container directory and verifying access is denied.
Actualice Podman a la versión 1.4.0 o superior. Esta versión corrige la vulnerabilidad de path traversal al manejar enlaces simbólicos dentro de los contenedores, evitando que un atacante comprometido pueda leer o escribir archivos arbitrarios en el sistema host.
Análise de vulnerabilidades e alertas críticos diretamente no seu e-mail.
CVE-2019-10152 is a Path Traversal vulnerability in Podman, allowing attackers to potentially read or write arbitrary files on the host system. It affects versions prior to 1.4.0.
You are affected if you are running Podman versions prior to 1.4.0. Check your version and upgrade immediately if necessary.
Upgrade Podman to version 1.4.0 or later to address the vulnerability. Consider stricter access controls as a temporary mitigation if an upgrade is not immediately possible.
While there are no confirmed active campaigns targeting this specific vulnerability, the availability of a public proof-of-concept increases the risk of exploitation.
Refer to the Podman project's official website and security advisories for the latest information and updates regarding CVE-2019-10152.
Envie seu arquivo de dependências e descubra na hora se esta e outras CVEs te atingem.
Envie seu arquivo go.mod e descubra na hora se você está afetado.