Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 812440 (CVE-2021-21996, CVE-2021-31607) - <app-admin/salt-3003.3: multiple vulnerabilities (CVE-2021-{21996,31607})
Summary: <app-admin/salt-3003.3: multiple vulnerabilities (CVE-2021-{21996,31607})
Status: CONFIRMED
Alias: CVE-2021-21996, CVE-2021-31607
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal major (vote)
Assignee: Gentoo Security
URL: https://saltproject.io/security_annou...
Whiteboard: B1 [stable]
Keywords:
Depends on:
Blocks:
 
Reported: 2021-09-10 11:48 UTC by John Helmert III
Modified: 2021-09-10 11:49 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description John Helmert III gentoo-dev Security 2021-09-10 11:48:49 UTC
CVE-2021-21996:

An issue was discovered in SaltStack Salt before 3003.3. A user who has control of the source, and source_hash URLs can gain full file system access as root on a salt minion.

CVE-2021-31607:

In SaltStack Salt 2016.9 through 3002.6, a command injection vulnerability exists in the snapper module that allows for local privilege escalation on a minion. The attack requires that a file is created with a pathname that is backed up by snapper, and that the master calls the snapper.diff function (which executes popen unsafely).
Comment 1 John Helmert III gentoo-dev Security 2021-09-10 11:49:20 UTC
Please stabilize 3003.3.