CVE-2020-1726

A flaw was discovered in Podman where it incorrectly allows containers when created to overwrite existing files in volumes, even if they are mounted as read-only. When a user runs a malicious container or a container based on a malicious image with an attached volume that is used for the first time, it is possible to trigger the flaw and overwrite files in the volume.This issue was introduced in version 1.6.0.
Configurations

Configuration 1 (hide)

cpe:2.3:a:libpod_project:libpod:1.6.0:-:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:redhat:openshift_container_platform:4.3:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*

History

12 Feb 2023, 23:40

Type Values Removed Values Added
Summary A flaw was discovered in Podman where it incorrectly allows containers when created to overwrite existing files in volumes, even if they are mounted as read-only. When a user runs a malicious container or a container based on a malicious image with an attached volume that is used for the first time, it is possible to trigger the flaw and overwrite files in the volume. A flaw was discovered in Podman where it incorrectly allows containers when created to overwrite existing files in volumes, even if they are mounted as read-only. When a user runs a malicious container or a container based on a malicious image with an attached volume that is used for the first time, it is possible to trigger the flaw and overwrite files in the volume.This issue was introduced in version 1.6.0.
References
  • {'url': 'https://access.redhat.com/errata/RHSA-2020:1650', 'name': 'https://access.redhat.com/errata/RHSA-2020:1650', 'tags': [], 'refsource': 'MISC'}
  • {'url': 'https://access.redhat.com/security/cve/CVE-2020-1726', 'name': 'https://access.redhat.com/security/cve/CVE-2020-1726', 'tags': [], 'refsource': 'MISC'}
  • {'url': 'https://bugzilla.redhat.com/show_bug.cgi?id=1801152', 'name': 'https://bugzilla.redhat.com/show_bug.cgi?id=1801152', 'tags': [], 'refsource': 'MISC'}

02 Feb 2023, 21:20

Type Values Removed Values Added
References
  • (MISC) https://access.redhat.com/errata/RHSA-2020:1650 -
  • (MISC) https://access.redhat.com/security/cve/CVE-2020-1726 -
  • (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=1801152 -
Summary A flaw was discovered in Podman where it incorrectly allows containers when created to overwrite existing files in volumes, even if they are mounted as read-only. When a user runs a malicious container or a container based on a malicious image with an attached volume that is used for the first time, it is possible to trigger the flaw and overwrite files in the volume.This issue was introduced in version 1.6.0. A flaw was discovered in Podman where it incorrectly allows containers when created to overwrite existing files in volumes, even if they are mounted as read-only. When a user runs a malicious container or a container based on a malicious image with an attached volume that is used for the first time, it is possible to trigger the flaw and overwrite files in the volume.

Information

Published : 2020-02-11 20:15

Updated : 2023-12-10 13:13


NVD link : CVE-2020-1726

Mitre link : CVE-2020-1726

CVE.ORG link : CVE-2020-1726


JSON object : View

Products Affected

redhat

  • enterprise_linux
  • openshift_container_platform

libpod_project

  • libpod
CWE
CWE-552

Files or Directories Accessible to External Parties