Skip to content

CVE-2018-1002101: smb mount security issue #65750

New issue
New issue
Closed
#65751
Closed
CVE-2018-1002101: smb mount security issue#65750
#65751
Assignees
andyzhangx
Labels
area/securitykind/bugCategorizes issue or PR as related to a bug.official-cve-feedIssues or PRs related to CVEs officially announced by Security Response Committee (SRC)sig/storageCategorizes an issue or PR as relevant to SIG Storage.sig/windowsCategorizes an issue or PR as relevant to SIG Windows.
@andyzhangx

Description

@andyzhangx
andyzhangx
opened on Jul 3, 2018

This issue is tracked under CVE-2018-1002101

Is this a BUG REPORT or FEATURE REQUEST?:
/kind bug

Uncomment only one, leave it on its own line:

/kind bug
/kind feature

What happened:
user PowerShell Environment Variables to store user input string to prevent command line injection, the env var in PowerShell would be taken as literal values and not as executable vulnerable code, this kind of fix is common for command line injection issue (called: parameterized way)

What you expected to happen:

How to reproduce it (as minimally and precisely as possible):

Anything else we need to know?:

Environment:

  • Kubernetes version (use kubectl version):
  • Cloud provider or hardware configuration:
  • OS (e.g. from /etc/os-release):
  • Kernel (e.g. uname -a):
  • Install tools:
  • Others:

/sig windows
/sig storage
/assign

Metadata

Metadata

Assignees

Labels

area/securitykind/bugCategorizes issue or PR as related to a bug.official-cve-feedIssues or PRs related to CVEs officially announced by Security Response Committee (SRC)sig/storageCategorizes an issue or PR as relevant to SIG Storage.sig/windowsCategorizes an issue or PR as relevant to SIG Windows.

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions