CVE-2019-18837

An issue was discovered in crun before 0.10.5. With a crafted image, it doesn't correctly check whether a target is a symlink, resulting in access to files outside of the container. This occurs in libcrun/linux.c and libcrun/chroot_realpath.c.
Link Following
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8.6 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
trellixCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 67%
VendorProductVersion
crun_projectcrun
𝑥
< 0.10.5
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
crun
bullseye
0.17+dfsg-1+deb11u2
fixed
bookworm
1.8.1-1+deb12u1
fixed
sid
1.18.2-1
fixed
trixie
1.18.2-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
crun
eoan
dne
disco
dne
bionic
dne
xenial
dne
trusty
dne
Common Weakness Enumeration
References
https://github.com/containers/crun/pull/173
https://github.com/containers/crun/releases/tag/0.10.5
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DTA5SJUAKQUK6HRY2CZVJUIZP5BO3EOG/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ITB2UNEGHXZUR3ATYHWPSK5LJB36N7AP/
https://github.com/containers/crun/pull/173
https://github.com/containers/crun/releases/tag/0.10.5
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DTA5SJUAKQUK6HRY2CZVJUIZP5BO3EOG/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ITB2UNEGHXZUR3ATYHWPSK5LJB36N7AP/