Rapid7 Vulnerability & Exploit Database

Red Hat: CVE-2020-1726: CVE-2020-1726 podman: incorrectly allows existing files in volumes to be overwritten by a container when it is created (Multiple Advisories)

Free InsightVM Trial No Credit Card Necessary

Watch Demo See how it all works

Back to Search

Red Hat: CVE-2020-1726: CVE-2020-1726 podman: incorrectly allows existing files in volumes to be overwritten by a container when it is created (Multiple Advisories)

Severity

CVSS

(AV:N/AC:M/Au:N/C:N/I:P/A:P)

Published

02/11/2020

Created

05/01/2020

Added

04/29/2020

Modified

12/15/2023

Description

A flaw was discovered in Podman where it incorrectly allows containers when created to overwrite existing files in volumes, even if they are mounted as read-only. When a user runs a malicious container or a container based on a malicious image with an attached volume that is used for the first time, it is possible to trigger the flaw and overwrite files in the volume.This issue was introduced in version 1.6.0.

Solution(s)

redhat-upgrade-buildah
redhat-upgrade-buildah-debuginfo
redhat-upgrade-buildah-debugsource
redhat-upgrade-buildah-tests
redhat-upgrade-buildah-tests-debuginfo
redhat-upgrade-cockpit-podman
redhat-upgrade-conmon
redhat-upgrade-container-selinux
redhat-upgrade-containernetworking-plugins
redhat-upgrade-containernetworking-plugins-debuginfo
redhat-upgrade-containernetworking-plugins-debugsource
redhat-upgrade-containers-common
redhat-upgrade-crit
redhat-upgrade-criu
redhat-upgrade-criu-debuginfo
redhat-upgrade-criu-debugsource
redhat-upgrade-fuse-overlayfs
redhat-upgrade-fuse-overlayfs-debuginfo
redhat-upgrade-fuse-overlayfs-debugsource
redhat-upgrade-podman
redhat-upgrade-podman-debuginfo
redhat-upgrade-podman-debugsource
redhat-upgrade-podman-docker
redhat-upgrade-podman-remote
redhat-upgrade-podman-remote-debuginfo
redhat-upgrade-podman-tests
redhat-upgrade-python-podman-api
redhat-upgrade-python3-criu
redhat-upgrade-runc
redhat-upgrade-runc-debuginfo
redhat-upgrade-runc-debugsource
redhat-upgrade-skopeo
redhat-upgrade-skopeo-debuginfo
redhat-upgrade-skopeo-debugsource
redhat-upgrade-skopeo-tests
redhat-upgrade-slirp4netns
redhat-upgrade-slirp4netns-debuginfo
redhat-upgrade-slirp4netns-debugsource
redhat-upgrade-toolbox
redhat-upgrade-udica

References

CVE-2020-1726
RHSA-2020:0680
RHSA-2020:1650

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;

Rapid7 Vulnerability & Exploit Database

Red Hat: CVE-2020-1726: CVE-2020-1726 podman: incorrectly allows existing files in volumes to be overwritten by a container when it is created (Multiple Advisories)

Red Hat: CVE-2020-1726: CVE-2020-1726 podman: incorrectly allows existing files in volumes to be overwritten by a container when it is created (Multiple Advisories)

Description

Solution(s)

References

Success! Thank you for submission. We will be in touch shortly.

Oops! There was a problem in submission. Please try again.

Submit your information and we will get in touch with you.