Last week, Michael Hanselmann published details of a remote code execution vulnerability (CVE-2018-8115) that impacts Docker for Windows. As he described it: “Docker for Windows uses the Windows Host Compute Service Shim published and maintained by Microsoft. Its use of Go's “filepath.Join” function with unsanitized input allowed to create, remove and replace files in the host file system, leading to remote code execution…”
Michael has disclosed this to Microsoft (who maintain the shim), and they have issued a fix (hcsshim 0.6.10). Docker has also updated its Enterprise (latest patch releases of Docker EE 17.06) and Community editions (Docker CE 18.03.1 and Docker CE 17.05.0-rc1). So if you are running those versions, you’re protected against this CVE, and if not you should update your versions as soon as you can.
Today, Michael published a POC with the details. The essence of the vulnerability is that in the “image pull” process, files from a malicious image can be extracted into any directory on the host file system. This happens as part of the image ‘unpacking’ process, where the code that process tar archive, joins the destination directory with the file path specified in an archive.
The vulnerability is that this file path is not sanitized - a file in the image can include directory traversal (e.x. ../../../), links etc. the destination file can be written to arbitrary location on victim’s host.
As to exploiting, a simple “docker pull” of specially crafted malicious image will do the trick. I want to emphasize this - one cannot ‘docker pull’ an image and then check whether it safe, it’s too late! By then, the proverbial Jack is out of the box.
To help the community stay safe, we at Aqua created an open-source tool that tests images as to whether they are clear of this vulnerability. You should use this if you have older versions and can’t, for some reason, upgrade them right now.
To do so, it downloads an image from a registry, without extracting it, and checks the tar archives for bad paths, links etc.
The project is available on GitHub: https://github.com/aquasecurity/scan-cve-2018-8115
This is what the output looks like:
[~] Fetching evil/image metadata... [+] Checking layer bce2fbc256ea [==================================================] 100% [+] Checking layer cb1aafb71473 [==================================================] 100% [+] Checking layer 782ba98a8cac [==================================================] 100% Found 5 malicious files Layer: 782ba98a8cac, File: ../../../../../../../../fromimage.txt Layer: 782ba98a8cac, File: Files\../../../../../../../../Users/All Users/Application Data/Start Menu/Programs/StartUp/evil.bat Layer: 782ba98a8cac, File: Files\../../../../../../../../Users/All Users/Application Data/Start Menu/Programs/StartUp/Files\script.bat Layer: 782ba98a8cac, File: Files\../../../../../../../Resume.txt Layer: 782ba98a8cac, File: Files\../../../../../../../Files\text.txt === IMAGE IS NOT SAFE! ===
Beyond the specific vulnerability, it’s an interesting concept that exploits the unpacking of images, something many users and tools do without giving it a second thought — including, ironically, vulnerability scanners!
Something we will continue to investigate in order to prevent it in the future.
Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and accelerate their digital transformations. The Aqua Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads, wherever they are deployed.
Aqua customers are among the world’s largest enterprises in financial services, software, media, manufacturing and retail, with implementations across a broad range of cloud providers and modern technology stacks spanning containers, serverless functions and cloud VMs.