REDHAT-BUG-2339405: Path Traversal
First published: Wed Jan 22 2025(Updated: )
The UnMountPodLogs and LinkContainerLogs functions in CRI-O do not properly validate the emptyDirVolName parameter, making them vulnerable to a path traversal attack. An attacker can exploit this to unmount arbitrary paths on the host system, potentially causing denial of service or compromising system integrity.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| CRI-O |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of REDHAT-BUG-2339405?
The severity of REDHAT-BUG-2339405 is classified as a high vulnerability due to its potential for path traversal attacks.
How do I fix REDHAT-BUG-2339405?
To fix REDHAT-BUG-2339405, ensure you validate the emptyDirVolName parameter in the UnMountPodLogs and LinkContainerLogs functions to prevent path traversal.
What are the potential impacts of REDHAT-BUG-2339405?
The potential impacts of REDHAT-BUG-2339405 include denial of service and the ability to unmount arbitrary paths on the host system.
Which software is affected by REDHAT-BUG-2339405?
The software affected by REDHAT-BUG-2339405 is CRI-O.
Who can exploit REDHAT-BUG-2339405?
An attacker with access to the CRI-O environment can exploit REDHAT-BUG-2339405 due to the improper validation of the emptyDirVolName parameter.
- agent/weakness
- agent/severity
- agent/last-modified-date
- agent/source
- agent/references
- agent/type
- agent/description
- agent/first-publish-date
- agent/event
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- agent/softwarecombine
- agent/tags
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2025-0750
- vendor/cri-o
- canonical/cri-o