VYPR
Moderate severityNVD Advisory· Published Feb 2, 2021· Updated Aug 3, 2024

privilege escalation in Moby

CVE-2021-21284

Description

In Docker before versions 9.03.15, 20.10.3 there is a vulnerability involving the --userns-remap option in which access to remapped root allows privilege escalation to real root. When using "--userns-remap", if the root user in the remapped namespace has access to the host filesystem they can modify files under "/var/lib/docker/" that cause writing files with extended privileges. Versions 20.10.3 and 19.03.15 contain patches that prevent privilege escalation from remapped user.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
github.com/moby/mobyGo
< 19.3.1519.3.15
github.com/moby/mobyGo
>= 20.10.0-beta1, < 20.10.320.10.3

Affected products

120

Patches

Vulnerability mechanics

References

11

News mentions

0

No linked articles in our index yet.