High severityNVD Advisory· Published Mar 26, 2021· Updated Aug 3, 2024
CVE-2021-20206
CVE-2021-20206
Description
An improper limitation of path name flaw was found in containernetworking/cni in versions before 0.8.1. When specifying the plugin to load in the 'type' field in the network configuration, it is possible to use special elements such as "../" separators to reference binaries elsewhere on the system. This flaw allows an attacker to execute other existing binaries other than the cni plugins/types, such as 'reboot'. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
A path traversal vulnerability in containernetworking/cni before 0.8.1 allows attackers to execute arbitrary binaries by injecting '../' sequences in the network configuration 'type' field.
Vulnerability
Overview
The vulnerability is an improper limitation of path name in the containernetworking/cni library (versions before 0.8.1). When loading a network plugin, the 'type' field in the network configuration is used to specify the plugin binary. The library fails to sanitize path separators such as "../", allowing an attacker to reference binaries outside the intended plugin directory [1][2][3].
Exploitation
An attacker who can modify the network configuration (e.g., a privileged user or via a compromised container) can set the 'type' field to a path like "../../usr/bin/reboot". The CNI library will then execute that binary as a plugin. While adding network definitions is typically a privileged operation, the library's use in various Go binaries means the risk extends to any application that loads network configurations [4].
Impact
Successful exploitation allows execution of arbitrary existing binaries on the system, leading to potential compromise of confidentiality, integrity, and availability. For example, executing 'reboot' could cause denial of service [2][3].
Mitigation
The vulnerability is fixed in version 0.8.1. Users should upgrade to that version or later. Red Hat has acknowledged the issue and created tracking bugs for affected packages [4].
References
AI Insight generated on May 21, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
github.com/containernetworking/cniGo | < 0.8.1 | 0.8.1 |
Affected products
98- containernetworking/cnidescription
- ghsa-coords97 versionspkg:golang/github.com/containernetworking/cnipkg:rpm/opensuse/buildah&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/buildah&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/buildah&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/cni&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/cni&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/cni&distro=openSUSE%20Leap%20Micro%205.2pkg:rpm/opensuse/cni&distro=openSUSE%20Leap%20Micro%205.3pkg:rpm/opensuse/cni&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/cni-plugins&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/cni-plugins&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/cni-plugins&distro=openSUSE%20Leap%20Micro%205.2pkg:rpm/opensuse/cni-plugins&distro=openSUSE%20Leap%20Micro%205.3pkg:rpm/opensuse/cni-plugins&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/libgpg-error&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/libgpg-error&distro=openSUSE%20Leap%20Micro%205.2pkg:rpm/opensuse/podman&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/podman&distro=openSUSE%20Leap%20Micro%205.2pkg:rpm/opensuse/podman&distro=openSUSE%20Leap%20Micro%205.3pkg:rpm/opensuse/podman&distro=openSUSE%20Tumbleweedpkg:rpm/suse/buildah&distro=SUSE%20Enterprise%20Storage%206pkg:rpm/suse/buildah&distro=SUSE%20Enterprise%20Storage%207pkg:rpm/suse/buildah&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-ESPOSpkg:rpm/suse/buildah&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-LTSSpkg:rpm/suse/buildah&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-ESPOSpkg:rpm/suse/buildah&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-LTSSpkg:rpm/suse/buildah&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Containers%2015%20SP3pkg:rpm/suse/buildah&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Containers%2015%20SP4pkg:rpm/suse/buildah&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-BCLpkg:rpm/suse/buildah&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-LTSSpkg:rpm/suse/buildah&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-BCLpkg:rpm/suse/buildah&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-LTSSpkg:rpm/suse/buildah&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP1pkg:rpm/suse/buildah&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP2pkg:rpm/suse/buildah&distro=SUSE%20Manager%20Proxy%204.1pkg:rpm/suse/buildah&distro=SUSE%20Manager%20Retail%20Branch%20Server%204.1pkg:rpm/suse/buildah&distro=SUSE%20Manager%20Server%204.1pkg:rpm/suse/cni&distro=SUSE%20Enterprise%20Storage%206pkg:rpm/suse/cni&distro=SUSE%20Enterprise%20Storage%207pkg:rpm/suse/cni&distro=SUSE%20Enterprise%20Storage%207.1pkg:rpm/suse/cni&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-ESPOSpkg:rpm/suse/cni&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-LTSSpkg:rpm/suse/cni&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-ESPOSpkg:rpm/suse/cni&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-LTSSpkg:rpm/suse/cni&distro=SUSE%20Linux%20Enterprise%20Micro%205.1pkg:rpm/suse/cni&distro=SUSE%20Linux%20Enterprise%20Micro%205.2pkg:rpm/suse/cni&distro=SUSE%20Linux%20Enterprise%20Micro%205.3pkg:rpm/suse/cni&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Containers%2015%20SP3pkg:rpm/suse/cni&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Containers%2015%20SP4pkg:rpm/suse/cni&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015pkg:rpm/suse/cni&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP1pkg:rpm/suse/cni&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP2pkg:rpm/suse/cni&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-BCLpkg:rpm/suse/cni&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-LTSSpkg:rpm/suse/cni&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-BCLpkg:rpm/suse/cni&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-LTSSpkg:rpm/suse/cni&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP1pkg:rpm/suse/cni&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP2pkg:rpm/suse/cni&distro=SUSE%20Manager%20Proxy%204.1pkg:rpm/suse/cni&distro=SUSE%20Manager%20Retail%20Branch%20Server%204.1pkg:rpm/suse/cni&distro=SUSE%20Manager%20Server%204.1pkg:rpm/suse/cni-plugins&distro=SUSE%20Enterprise%20Storage%206pkg:rpm/suse/cni-plugins&distro=SUSE%20Enterprise%20Storage%207pkg:rpm/suse/cni-plugins&distro=SUSE%20Enterprise%20Storage%207.1pkg:rpm/suse/cni-plugins&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-ESPOSpkg:rpm/suse/cni-plugins&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-LTSSpkg:rpm/suse/cni-plugins&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-ESPOSpkg:rpm/suse/cni-plugins&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-LTSSpkg:rpm/suse/cni-plugins&distro=SUSE%20Linux%20Enterprise%20Micro%205.1pkg:rpm/suse/cni-plugins&distro=SUSE%20Linux%20Enterprise%20Micro%205.2pkg:rpm/suse/cni-plugins&distro=SUSE%20Linux%20Enterprise%20Micro%205.3pkg:rpm/suse/cni-plugins&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Containers%2015%20SP3pkg:rpm/suse/cni-plugins&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Containers%2015%20SP4pkg:rpm/suse/cni-plugins&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015pkg:rpm/suse/cni-plugins&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP1pkg:rpm/suse/cni-plugins&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP2pkg:rpm/suse/cni-plugins&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-BCLpkg:rpm/suse/cni-plugins&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-LTSSpkg:rpm/suse/cni-plugins&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-BCLpkg:rpm/suse/cni-plugins&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-LTSSpkg:rpm/suse/cni-plugins&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP1pkg:rpm/suse/cni-plugins&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP2pkg:rpm/suse/cni-plugins&distro=SUSE%20Manager%20Proxy%204.1pkg:rpm/suse/cni-plugins&distro=SUSE%20Manager%20Retail%20Branch%20Server%204.1pkg:rpm/suse/cni-plugins&distro=SUSE%20Manager%20Server%204.1pkg:rpm/suse/libgpg-error&distro=SUSE%20Linux%20Enterprise%20Micro%205.1pkg:rpm/suse/libgpg-error&distro=SUSE%20Linux%20Enterprise%20Micro%205.2pkg:rpm/suse/libgpg-error&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP3pkg:rpm/suse/podman&distro=SUSE%20Enterprise%20Storage%207.1pkg:rpm/suse/podman&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-ESPOSpkg:rpm/suse/podman&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSSpkg:rpm/suse/podman&distro=SUSE%20Linux%20Enterprise%20Micro%205.1pkg:rpm/suse/podman&distro=SUSE%20Linux%20Enterprise%20Micro%205.2pkg:rpm/suse/podman&distro=SUSE%20Linux%20Enterprise%20Micro%205.3pkg:rpm/suse/podman&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Containers%2015%20SP4pkg:rpm/suse/podman&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSSpkg:rpm/suse/podman&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3
< 0.8.1+ 96 more
- (no CPE)range: < 0.8.1
- (no CPE)range: < 1.27.1-150300.8.11.1
- (no CPE)range: < 1.27.1-150400.3.8.1
- (no CPE)range: < 1.23.0-1.1
- (no CPE)range: < 0.7.1-150100.3.8.1
- (no CPE)range: < 0.7.1-150100.3.8.1
- (no CPE)range: < 0.7.1-150100.3.8.1
- (no CPE)range: < 0.7.1-150100.3.8.1
- (no CPE)range: < 1.0.1-3.1
- (no CPE)range: < 0.8.6-150100.3.11.1
- (no CPE)range: < 0.8.6-150100.3.11.1
- (no CPE)range: < 0.8.6-150100.3.11.1
- (no CPE)range: < 0.8.6-150100.3.11.1
- (no CPE)range: < 1.1.1-2.1
- (no CPE)range: < 1.42-150300.9.3.1
- (no CPE)range: < 1.42-150300.9.3.1
- (no CPE)range: < 4.3.1-150400.4.11.1
- (no CPE)range: < 4.3.1-150300.9.15.1
- (no CPE)range: < 4.3.1-150400.4.11.1
- (no CPE)range: < 4.2.0-2.1
- (no CPE)range: < 1.25.1-150100.3.13.12
- (no CPE)range: < 1.25.1-150100.3.13.12
- (no CPE)range: < 1.25.1-150100.3.13.12
- (no CPE)range: < 1.25.1-150100.3.13.12
- (no CPE)range: < 1.25.1-150100.3.13.12
- (no CPE)range: < 1.25.1-150100.3.13.12
- (no CPE)range: < 1.27.1-150300.8.11.1
- (no CPE)range: < 1.27.1-150400.3.8.1
- (no CPE)range: < 1.25.1-150100.3.13.12
- (no CPE)range: < 1.25.1-150100.3.13.12
- (no CPE)range: < 1.25.1-150100.3.13.12
- (no CPE)range: < 1.25.1-150100.3.13.12
- (no CPE)range: < 1.25.1-150100.3.13.12
- (no CPE)range: < 1.25.1-150100.3.13.12
- (no CPE)range: < 1.25.1-150100.3.13.12
- (no CPE)range: < 1.25.1-150100.3.13.12
- (no CPE)range: < 1.25.1-150100.3.13.12
- (no CPE)range: < 0.7.1-150100.3.8.1
- (no CPE)range: < 0.7.1-150100.3.8.1
- (no CPE)range: < 0.7.1-150100.3.8.1
- (no CPE)range: < 0.7.1-150100.3.8.1
- (no CPE)range: < 0.7.1-150100.3.8.1
- (no CPE)range: < 0.7.1-150100.3.8.1
- (no CPE)range: < 0.7.1-150100.3.8.1
- (no CPE)range: < 0.7.1-150100.3.8.1
- (no CPE)range: < 0.7.1-150100.3.8.1
- (no CPE)range: < 0.7.1-150100.3.8.1
- (no CPE)range: < 0.7.1-150100.3.8.1
- (no CPE)range: < 0.7.1-150100.3.8.1
- (no CPE)range: < 0.7.1-150000.1.7.1
- (no CPE)range: < 0.7.1-150100.3.8.1
- (no CPE)range: < 0.7.1-150100.3.8.1
- (no CPE)range: < 0.7.1-150100.3.8.1
- (no CPE)range: < 0.7.1-150100.3.8.1
- (no CPE)range: < 0.7.1-150100.3.8.1
- (no CPE)range: < 0.7.1-150100.3.8.1
- (no CPE)range: < 0.7.1-150100.3.8.1
- (no CPE)range: < 0.7.1-150100.3.8.1
- (no CPE)range: < 0.7.1-150100.3.8.1
- (no CPE)range: < 0.7.1-150100.3.8.1
- (no CPE)range: < 0.7.1-150100.3.8.1
- (no CPE)range: < 0.8.6-150100.3.11.1
- (no CPE)range: < 0.8.6-150100.3.11.1
- (no CPE)range: < 0.8.6-150100.3.11.1
- (no CPE)range: < 0.8.6-150100.3.11.1
- (no CPE)range: < 0.8.6-150100.3.11.1
- (no CPE)range: < 0.8.6-150100.3.11.1
- (no CPE)range: < 0.8.6-150100.3.11.1
- (no CPE)range: < 0.8.6-150100.3.11.1
- (no CPE)range: < 0.8.6-150100.3.11.1
- (no CPE)range: < 0.8.6-150100.3.11.1
- (no CPE)range: < 0.8.6-150100.3.11.1
- (no CPE)range: < 0.8.6-150100.3.11.1
- (no CPE)range: < 0.8.6-150000.1.7.1
- (no CPE)range: < 0.8.6-150100.3.11.1
- (no CPE)range: < 0.8.6-150100.3.11.1
- (no CPE)range: < 0.8.6-150100.3.11.1
- (no CPE)range: < 0.8.6-150100.3.11.1
- (no CPE)range: < 0.8.6-150100.3.11.1
- (no CPE)range: < 0.8.6-150100.3.11.1
- (no CPE)range: < 0.8.6-150100.3.11.1
- (no CPE)range: < 0.8.6-150100.3.11.1
- (no CPE)range: < 0.8.6-150100.3.11.1
- (no CPE)range: < 0.8.6-150100.3.11.1
- (no CPE)range: < 0.8.6-150100.3.11.1
- (no CPE)range: < 1.42-150300.9.3.1
- (no CPE)range: < 1.42-150300.9.3.1
- (no CPE)range: < 1.42-150300.9.3.1
- (no CPE)range: < 4.3.1-150300.9.15.1
- (no CPE)range: < 4.3.1-150300.9.15.1
- (no CPE)range: < 4.3.1-150300.9.15.1
- (no CPE)range: < 4.3.1-150300.9.15.1
- (no CPE)range: < 4.3.1-150300.9.15.1
- (no CPE)range: < 4.3.1-150400.4.11.1
- (no CPE)range: < 4.3.1-150400.4.11.1
- (no CPE)range: < 4.3.1-150300.9.15.1
- (no CPE)range: < 4.3.1-150300.9.15.1
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
6- github.com/advisories/GHSA-xjqr-g762-pxwpghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2021-20206ghsaADVISORY
- bugzilla.redhat.com/show_bug.cgighsax_refsource_MISCWEB
- github.com/containernetworking/cni/pull/808ghsaWEB
- pkg.go.dev/vuln/GO-2022-0230ghsaWEB
- snyk.io/vuln/SNYK-GOLANG-GITHUBCOMCONTAINERNETWORKINGCNIPKGINVOKE-1070549ghsax_refsource_MISCWEB
News mentions
0No linked articles in our index yet.