Bug 1143409 (CVE-2019-14271)

Summary: VUL-1: CVE-2019-14271: docker: code injection can occur when the nsswitch facility dynamically loads a library inside a chroot that contains the contents of the container
Product: [openSUSE] openSUSE Tumbleweed Reporter: Alexandros Toptsoglou <atoptsoglou>
Component: SecurityAssignee: Containers Team <containers-bugowner>
Status: RESOLVED FIXED QA Contact: Security Team bot <security-team>
Severity: Normal    
Priority: P4 - Low CC: asarai
Version: Current   
Target Milestone: ---   
Hardware: Other   
OS: Other   
URL: https://smash.suse.de/issue/238236/
Whiteboard:
Found By: Security Response Team Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Alexandros Toptsoglou 2019-07-30 09:55:54 UTC 
CVE-2019-14271

In Docker 19.03.x before 19.03.1 linked against the GNU C Library (aka glibc),
code injection can occur when the nsswitch facility dynamically loads a library
inside a chroot that contains the contents of the container.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-14271
http://www.cvedetails.com/cve/CVE-2019-14271/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14271
https://docs.docker.com/engine/release-notes/
https://github.com/moby/moby/issues/39449
Comment 1 Alexandros Toptsoglou 2019-07-30 09:58:06 UTC 
Affects only version 19.03.0
Comment 2 Aleksa Sarai 2019-07-31 06:59:41 UTC 
I've already submitted the v19.03.1 update to Factory (and it's been merged already) as well as SLE. Since this bug was opened after submission, I'll add the reference for future package updates (since the CVE is referenced in the changelog already).
Comment 3 Swamp Workflow Management 2019-08-13 16:11:29 UTC 
SUSE-SU-2019:2117-1: An update that solves four vulnerabilities and has three fixes is now available.

Category: security (important)
Bug References: 1100331,1121967,1138920,1139649,1142160,1142413,1143409
CVE References: CVE-2018-10892,CVE-2019-13509,CVE-2019-14271,CVE-2019-5736
Sources used:
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1 (src):    containerd-1.2.6-5.16.1, containerd-kubic-1.2.6-5.16.1, docker-19.03.1_ce-6.26.2, docker-kubic-19.03.1_ce-6.26.2, docker-runc-kubic-1.0.0rc8+gitr3826_425e105d5a03-6.21.2, golang-github-docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1, golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 (src):    containerd-1.2.6-5.16.1, docker-19.03.1_ce-6.26.2, golang-github-docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1
SUSE Linux Enterprise Module for Containers 15-SP1 (src):    containerd-1.2.6-5.16.1, docker-19.03.1_ce-6.26.2, docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2, golang-github-docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1
SUSE Linux Enterprise Module for Containers 15 (src):    containerd-1.2.6-5.16.1, docker-19.03.1_ce-6.26.2, docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2, golang-github-docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 4 Swamp Workflow Management 2019-08-13 16:13:52 UTC 
SUSE-SU-2019:2119-1: An update that solves four vulnerabilities and has one errata is now available.

Category: security (important)
Bug References: 1100331,1121967,1142160,1142413,1143409
CVE References: CVE-2018-10892,CVE-2019-13509,CVE-2019-14271,CVE-2019-5736
Sources used:
SUSE OpenStack Cloud 6-LTSS (src):    containerd-1.2.6-16.23.1, docker-19.03.1_ce-98.46.1, docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1, golang-github-docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1
SUSE Linux Enterprise Module for Containers 12 (src):    containerd-1.2.6-16.23.1, docker-19.03.1_ce-98.46.1, docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1, golang-github-docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1
SUSE CaaS Platform 3.0 (src):    containerd-kubic-1.2.6-16.23.1, docker-kubic-19.03.1_ce-98.46.1, docker-runc-kubic-1.0.0rc8+gitr3826_425e105d5a03-1.29.1, golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2800_fc5a7d91d54c-25.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 5 Swamp Workflow Management 2019-08-29 22:14:24 UTC 
openSUSE-SU-2019:2021-1: An update that solves four vulnerabilities and has three fixes is now available.

Category: security (important)
Bug References: 1100331,1121967,1138920,1139649,1142160,1142413,1143409
CVE References: CVE-2018-10892,CVE-2019-13509,CVE-2019-14271,CVE-2019-5736
Sources used:
openSUSE Leap 15.1 (src):    containerd-1.2.6-lp151.2.6.1, docker-19.03.1_ce-lp151.2.12.1, docker-runc-1.0.0rc8+gitr3826_425e105d5a03-lp151.3.6.1, golang-github-docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-lp151.2.6.1
openSUSE Leap 15.0 (src):    containerd-1.2.6-lp150.4.17.1, docker-19.03.1_ce-lp150.5.27.1, docker-runc-1.0.0rc8+gitr3826_425e105d5a03-lp150.5.25.1, golang-github-docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-lp150.3.18.1
Comment 6 Marcus Meissner 2019-09-04 06:19:13 UTC 
released