[USN-5315-1] Ansible vulnerabilities
Several security issues were fixed in Ansible.
It was discovered that Ansible did not properly manage directory
permissions when running playbooks with an unprivileged become user. A
local attacker could possibly use this issue to cause a race condition,
escalate privileges and execute arbitrary code. This issue only affected
Ubuntu 16.04 ESM, Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. (CVE-2020-1733)
It was discovered that the fix to address CVE-2020-1733 in Ansible was
incomplete on systems using ACLs and FUSE filesystems. A local attacker
could possibly use this issue to cause a race condition, escalate
privileges and execute arbitrary code. This issue only affected
Ubuntu 16.04 ESM, Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. (CVE-2020-10744)
It was discovered that Ansible did not properly manage multi-line YAML
strings and special template characters. A local attacker could possibly
use this issue to cause a template injection, resulting in the
disclosure of sensitive information or other unspecified impact.
(CVE-2021-3583)
It was discovered that the ansible-connection module in Ansible did
not properly manage certain error messages. A local attacker could
possibly use this issue to expose sensitive information. This issue
only affected Ubuntu 20.04 ESM and Ubuntu 22.04 ESM. (CVE-2021-3620)
Package | Affected Version |
---|---|
pkg:deb/ubuntu/ansible?distro=xenial | < 2.0.0.2-2ubuntu1.3+esm1 |
pkg:deb/ubuntu/ansible?distro=jammy | < 2.10.7+merged+base+2.10.8+dfsg-1ubuntu0.1~esm1 |
pkg:deb/ubuntu/ansible?distro=focal | < 2.9.6+dfsg-1ubuntu0.1~esm1 |
pkg:deb/ubuntu/ansible?distro=bionic | < 2.5.1+dfsg-1ubuntu0.1+esm1 |
pkg:deb/ubuntu/ansible-node-fireball?distro=xenial | < 2.0.0.2-2ubuntu1.3+esm1 |
pkg:deb/ubuntu/ansible-fireball?distro=xenial | < 2.0.0.2-2ubuntu1.3+esm1 |
pkg:deb/ubuntu/ansible-doc?distro=focal | < 2.9.6+dfsg-1ubuntu0.1~esm1 |
- ID
- USN-5315-1
- Severity
- high
- Severity from
- CVE-2021-3583
- URL
- https://ubuntu.com/security/notices/USN-5315-1
- Published
-
2022-06-07T14:43:08
(2 years ago) - Modified
-
2022-06-07T14:43:08
(2 years ago) - Other Advisories
-
- ALPINE:CVE-2020-1733
- DSA-4950-1
- FEDORA-2020-1b6ce91e37
- FEDORA-2020-3990f03ba3
- FEDORA-2020-f80154b5b4
- FEDORA-2021-0397bb2ccc
- FEDORA-2021-0e7910e389
- FEDORA-2021-4ad7c70d71
- FEDORA-2021-574ee4dd30
- FEDORA-2021-71ff867094
- FREEBSD:4C9159EA-D4C9-11EB-AEEE-8C164582FBAC
- FREEBSD:50EC3A01-AD77-11EB-8528-8C164582FBAC
- FREEBSD:9A8514F3-2AB8-11EC-B3A1-8C164582FBAC
- GLSA-202006-11
- MS:CVE-2020-10744
- MS:CVE-2021-3583
- MS:CVE-2021-3620
- openSUSE-SU-2022:0081-1
- PYSEC-2020-208
- PYSEC-2020-5
- PYSEC-2021-358
- PYSEC-2022-164
- SUSE-SU-2020:2911-1
- SUSE-SU-2020:3309-1
- SUSE-SU-2021:4152-1
- SUSE-SU-2022:3178-1
- SUSE-SU-2024:0196-1
- SUSE-SU-2024:1509-1
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:deb/ubuntu/ansible?distro=xenial | ubuntu | ansible | < 2.0.0.2-2ubuntu1.3+esm1 | xenial | ||
Affected | pkg:deb/ubuntu/ansible?distro=jammy | ubuntu | ansible | < 2.10.7+merged+base+2.10.8+dfsg-1ubuntu0.1~esm1 | jammy | ||
Affected | pkg:deb/ubuntu/ansible?distro=focal | ubuntu | ansible | < 2.9.6+dfsg-1ubuntu0.1~esm1 | focal | ||
Affected | pkg:deb/ubuntu/ansible?distro=bionic | ubuntu | ansible | < 2.5.1+dfsg-1ubuntu0.1+esm1 | bionic | ||
Affected | pkg:deb/ubuntu/ansible-node-fireball?distro=xenial | ubuntu | ansible-node-fireball | < 2.0.0.2-2ubuntu1.3+esm1 | xenial | ||
Affected | pkg:deb/ubuntu/ansible-fireball?distro=xenial | ubuntu | ansible-fireball | < 2.0.0.2-2ubuntu1.3+esm1 | xenial | ||
Affected | pkg:deb/ubuntu/ansible-doc?distro=focal | ubuntu | ansible-doc | < 2.9.6+dfsg-1ubuntu0.1~esm1 | focal |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |