runc mount destinations can be swapped via symlink-exchange to cause mounts outside the rootfs (CVE-2021-30465)
Tags
| attack-pattern: | Model Ssh - T1021.004 |
Common Information
| Type | Value |
|---|---|
| UUID | 59419f7e-47aa-4c92-9f98-0267a6fac482 |
| Fingerprint | a22d49086a4533b |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | May 19, 2021, midnight |
| Added to db | Jan. 18, 2023, 7:33 p.m. |
| Last updated | Nov. 15, 2024, 5:39 p.m. |
| Headline | blog.champtar.fr |
| Title | runc mount destinations can be swapped via symlink-exchange to cause mounts outside the rootfs (CVE-2021-30465) |
| Detected Hints/Tags/Attributes | 38/1/7 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | http://blog.champtar.fr/runc-symlink-CVE-2021-30465/ |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | CVE | 2 | cve-2021-30465 |
|
| Details | Domain | 1 | donotexists.com |
|
| Details | Domain | 71 | kubernetes.io |
|
| Details | Domain | 5 | k8s.io |
|
| Details | Domain | 2 | opencontainers.org |
|
| Details | 2 | security@opencontainers.org |
||
| Details | Url | 1 | https://www.googleapis.com/auth/devstorage.read_only","https://www.googleapis.com/auth/logging.write","https://www.googleapis.com/auth/monitoring","https://www.googleapis.com/auth/servicecontrol","https://www.googleapis.com/auth/service.management.readonly","https://www.googleapis.com/auth/trace.append |