You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When combined with an attack of JUJU_CONTEXT_ID, any user on the local system with access to the default network namespace may connect to the @/var/lib/juju/agents/unit-xxxx-yyyy/agent.socket and perform actions that are normally reserved to a juju charm.
Impact
When combined with an attack of
JUJU_CONTEXT_ID
, any user on the local system with access to the default network namespace may connect to the@/var/lib/juju/agents/unit-xxxx-yyyy/agent.socket
and perform actions that are normally reserved to a juju charm.Patches
Patch: juju/juju@2f2ec12
Patched in:
Workarounds
No workarounds available.
References
GHSA-mh98-763h-m9v4
https://github.com/juju/juju/blob/725800953aaa29dbeda4f806097bf838e61644dd/worker/uniter/paths.go#L222
References