Impact
An abstract UNIX domain socket responsible for introspection is available without authentication locally to any user with access to the network namespace where the local juju agent is running.
On a juju controller agent, denial of service can be performed by using the /leases/revoke endpoint. Revoking leases in juju can cause availability issues.
On a juju machine agent that is hosting units, disabling the unit component can be performed using the /units endpoint with a "stop" action.
Patches
Patch: 43f0fc5
Patched in:
- 3.5.4
- 3.4.6
- 3.3.7
- 3.1.10
- 2.9.51
Workarounds
No workaround.
References
|
path := "@" + config.SocketName |
hpidcock Finder
Impact
An abstract UNIX domain socket responsible for introspection is available without authentication locally to any user with access to the network namespace where the local juju agent is running.
On a juju controller agent, denial of service can be performed by using the
/leases/revokeendpoint. Revoking leases in juju can cause availability issues.On a juju machine agent that is hosting units, disabling the unit component can be performed using the
/unitsendpoint with a "stop" action.Patches
Patch: 43f0fc5
Patched in:
Workarounds
No workaround.
References
juju/worker/introspection/worker.go
Line 125 in 7258009