6.9 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
9.3 High
CVSS4
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/SC:H/VI:H/SI:H/VA:H/SA:H
0.001 Low
EPSS
Percentile
33.3%
A vulnerability in Google Cloud Platform’s guest-oslogin versions between
20190304 and 20200507 allows a user that is only granted the role
“roles/compute.osLogin” to escalate privileges to root. Using the
membership to the “lxd” group, an attacker can attach host devices and
filesystems. Within an lxc container, it is possible to attach the host OS
filesystem and modify /etc/sudoers to then gain administrative privileges.
All images created after 2020-May-07 (20200507) are fixed, and if you
cannot update, we recommend you edit /etc/group/security.conf and remove
the “lxd” user from the OS Login entry.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 18.04 | noarch | gce-compute-image-packages | < 20190801-0ubuntu1~18.04.1 | UNKNOWN |
ubuntu | 19.10 | noarch | gce-compute-image-packages | < 20190801-0ubuntu1.1 | UNKNOWN |
ubuntu | 20.04 | noarch | gce-compute-image-packages | < 20190801-0ubuntu4.1 | UNKNOWN |
ubuntu | 20.10 | noarch | gce-compute-image-packages | < 20190801-0ubuntu5 | UNKNOWN |
ubuntu | 21.04 | noarch | gce-compute-image-packages | < 20190801-0ubuntu5 | UNKNOWN |
ubuntu | 21.10 | noarch | gce-compute-image-packages | < 20190801-0ubuntu5 | UNKNOWN |
ubuntu | 22.04 | noarch | gce-compute-image-packages | < 20190801-0ubuntu5 | UNKNOWN |
ubuntu | 22.10 | noarch | gce-compute-image-packages | < 20190801-0ubuntu5 | UNKNOWN |
ubuntu | 23.04 | noarch | gce-compute-image-packages | < 20190801-0ubuntu5 | UNKNOWN |
ubuntu | 23.10 | noarch | gce-compute-image-packages | < 20190801-0ubuntu5 | UNKNOWN |
cloud.google.com/support/bulletins/#gcp-2020-008
github.com/GoogleCloudPlatform/guest-oslogin/pull/29
gitlab.com/gitlab-com/gl-security/gl-redteam/red-team-tech-notes/-/tree/master/oslogin-privesc-june-2020
launchpad.net/bugs/cve/CVE-2020-8933
nvd.nist.gov/vuln/detail/CVE-2020-8933
security-tracker.debian.org/tracker/CVE-2020-8933
www.cve.org/CVERecord?id=CVE-2020-8933
6.9 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
9.3 High
CVSS4
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/SC:H/VI:H/SI:H/VA:H/SA:H
0.001 Low
EPSS
Percentile
33.3%