CVE-2021-20199: Infoleak
First published: Fri Jan 01 2021(Updated: )
A flaw was found in podman. Rootless containers receive all traffic with a source IP address of 127.0.0.1 (including from remote hosts) which impact containerized applications that trust localhost (127.0.01) connections by default and do not require authentication. The highest threat from this vulnerability is to data integrity.
Credit: secalert@redhat.com secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| go/github.com/containers/podman/v3 | <3.0.0 | 3.0.0 |
| redhat/podman | <3.0 | 3.0 |
| redhat/podman | <2:4.2.0-3.el9 | 2:4.2.0-3.el9 |
| Podman Project Podman | >=1.8.0<3.0.0 |
Remedy
Configure containerized applications to require authentication for connections from all sources, including localhost.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://nvd.nist.gov/vuln/detail/CVE-2021-20199
- https://github.com/containers/podman/issues/5138
- https://github.com/containers/podman/pull/9052
- https://github.com/containers/podman/pull/9225
- https://github.com/rootless-containers/rootlesskit/pull/206
- https://bugzilla.redhat.com/show_bug.cgi?id=1919050
- https://github.com/containers/podman/releases/tag/v3.0.0-rc3
- https://github.com/advisories/GHSA-grh6-q6m2-rh72 (Advisory)
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1922865
- https://access.redhat.com/security/cve/cve-2021-20199
- https://access.redhat.com/errata/RHSA-2021:1796
- https://access.redhat.com/errata/RHSA-2022:7954
- https://www.cve.org/CVERecord?id=CVE-2021-20199 https://nvd.nist.gov/vuln/detail/CVE-2021-20199
Frequently Asked Questions
What is the vulnerability ID?
The vulnerability ID is CVE-2021-20199.
What is the severity of CVE-2021-20199?
The severity of CVE-2021-20199 is medium with a CVSS score of 5.9.
How does CVE-2021-20199 impact rootless containers running with Podman?
CVE-2021-20199 impacts rootless containers running with Podman by causing them to receive all traffic with a source IP address of 127.0.0.1, including from remote hosts.
Which containerized applications are affected by CVE-2021-20199?
Containerized applications that trust localhost (127.0.0.1) connections by default and do not require authentication are affected by CVE-2021-20199.
How can I fix CVE-2021-20199?
To fix CVE-2021-20199, you should update your Podman package to version 2.4.2-3.el9 or later.
- collector/github-advisory-latest
- alias/GHSA-grh6-q6m2-rh72
- alias/CVE-2021-20199
- collector/github-advisory
- collector/redhat-cve
- collector/nvd-index
- collector/nvd-cve
- agent/author
- agent/type
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/references
- agent/remedy
- agent/severity
- agent/weakness
- agent/description
- collector/redhat-bugzilla
- source/Red Hat
- agent/software-canonical-lookup
- agent/tags
- agent/event
- collector/mitre-cve
- source/MITRE
- package-manager/go
- package-manager/redhat
- vendor/podman project
- canonical/podman project podman
- version/podman project podman/1.8.0