CVE-2019-1002101 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2019-1002101 Interim 1 28 2023-02-10T01:19:24Z current 2021-05-30T14:34:39Z 2023-02-10T01:19:24Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2019-1002101 The kubectl cp command allows copying files between containers and the user machine. To copy files from a container, Kubernetes creates a tar inside the container, copies it over the network, and kubectl unpacks it on the user’s machine. If the tar binary in the container is malicious, it could run any code and output unexpected, malicious results. An attacker could use this to write files to any path on the user’s machine when kubectl cp is called, limited only by the system permissions of the local user. The untar function can both create and follow symbolic links. The issue is resolved in kubectl v1.11.9, v1.12.7, v1.13.5, and v1.14.0. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings Magnum Orchestration 7 SUSE Container as a Service Platform 2.0 SUSE Linux Enterprise Module for Public Cloud 12 SUSE Linux Enterprise Module for Public Cloud 12 SUSE Linux Enterprise Module for Public Cloud 12 SUSE Linux Enterprise Module for Public Cloud 12 SUSE Linux Enterprise Module for Public Cloud 12 SUSE Linux Enterprise Module for Public Cloud 12 SUSE Linux Enterprise Module for Public Cloud 12 SUSE Linux Enterprise Module for Public Cloud 12 SUSE Linux Enterprise Module for Public Cloud 12 openSUSE Tumbleweed k3s-1.21.3+k3s1-1.2 kubernetes kubernetes-client k3s-1.21.3+k3s1-1.2 as a component of openSUSE Tumbleweed kubernetes as a component of Magnum Orchestration 7 kubernetes as a component of SUSE Container as a Service Platform 2.0 kubernetes-client as a component of SUSE Linux Enterprise Module for Public Cloud 12 kubernetes as a component of SUSE Linux Enterprise Module for Public Cloud 12 The kubectl cp command allows copying files between containers and the user machine. To copy files from a container, Kubernetes creates a tar inside the container, copies it over the network, and kubectl unpacks it on the user’s machine. If the tar binary in the container is malicious, it could run any code and output unexpected, malicious results. An attacker could use this to write files to any path on the user’s machine when kubectl cp is called, limited only by the system permissions of the local user. The untar function can both create and follow symbolic links. The issue is resolved in kubectl v1.11.9, v1.12.7, v1.13.5, and v1.14.0. CVE-2019-1002101 openSUSE Tumbleweed:k3s-1.21.3+k3s1-1.2 Magnum Orchestration 7:kubernetes SUSE Container as a Service Platform 2.0:kubernetes SUSE Linux Enterprise Module for Public Cloud 12:kubernetes SUSE Linux Enterprise Module for Public Cloud 12:kubernetes-client moderate 5.8 AV:N/AC:M/Au:N/C:N/I:P/A:P 5.3 CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N