// For flags

CVE-2021-20291

containers/storage: DoS via malicious image

Severity Score

6.5
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

1
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

A deadlock vulnerability was found in 'github.com/containers/storage' in versions before 1.28.1. When a container image is processed, each layer is unpacked using `tar`. If one of those layers is not a valid `tar` archive this causes an error leading to an unexpected situation where the code indefinitely waits for the tar unpacked stream, which never finishes. An attacker could use this vulnerability to craft a malicious image, which when downloaded and stored by an application using containers/storage, would then cause a deadlock leading to a Denial of Service (DoS).

Se encontró una vulnerabilidad de interbloqueo en "github.com/containers/storage" en versiones anteriores a 1.28.1. Cuando se procesa una imagen de contenedor, cada capa se desempaqueta usando un "tar". Si una de esas capas no es un archivo "tar" válido, se produce un error que conlleva a una situación inesperada en la que el código espera indefinidamente el flujo desempaquetado de tar, que nunca termina. Un atacante podría utilizar esta vulnerabilidad para crear una imagen maliciosa, que cuando una aplicación la descarga y almacena mediante contenedores y almacenamiento, provocaría un punto muerto que conduciría a una Denegación de Servicio (DoS).

A deadlock vulnerability was found in `github.com/containers/storage`. When a container image is processed, each layer is unpacked using `tar`. If one of those layers is not a valid `tar` archive this causes an error leading to an unexpected situation where the code indefinitely waits for the tar unpacked stream, which never finishes. An attacker could use this vulnerability to craft a malicious image, which when downloaded and stored by an application using containers/storage, would then cause a deadlock leading to a Denial of Service (DoS).

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High
Attack Vector
Network
Attack Complexity
Medium
Authentication
None
Confidentiality
None
Integrity
None
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2020-12-17 CVE Reserved
  • 2021-04-01 CVE Published
  • 2023-12-16 EPSS Updated
  • 2024-08-03 CVE Updated
  • 2024-08-03 First Exploit
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
  • CWE-667: Improper Locking
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Storage Project
Search vendor "Storage Project"
 Storage
Search vendor "Storage Project" for product "Storage"
 < 1.28.1
Search vendor "Storage Project" for product "Storage" and version " < 1.28.1"
-
Affected
Redhat
Search vendor "Redhat"
 Openshift Container Platform
Search vendor "Redhat" for product "Openshift Container Platform"
 4.0
Search vendor "Redhat" for product "Openshift Container Platform" and version "4.0"
-
Affected
Redhat
Search vendor "Redhat"
 Enterprise Linux
Search vendor "Redhat" for product "Enterprise Linux"
 8.0
Search vendor "Redhat" for product "Enterprise Linux" and version "8.0"
-
Affected
Fedoraproject
Search vendor "Fedoraproject"
 Fedora
Search vendor "Fedoraproject" for product "Fedora"
 33
Search vendor "Fedoraproject" for product "Fedora" and version "33"
-
Affected
Fedoraproject
Search vendor "Fedoraproject"
 Fedora
Search vendor "Fedoraproject" for product "Fedora"
 34
Search vendor "Fedoraproject" for product "Fedora" and version "34"
-
Affected