9.7

CVSS Score

3.1

Basic Information

CVE ID

CVE-2021-39159

GHSA ID

GHSA-9jjr-qqfp-ppwx

EPSS Score

0.78965%

CWE

CWE-78

Published

8/30/2021

Updated

9/13/2024

KEV Status

Technology

Python

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2021-39159

CVE-2021-39159:
remote code execution via git repo provider

Impact

A remote code execution vulnerability has been identified in BinderHub, where providing BinderHub with maliciously crafted input could execute code in the BinderHub context, with the potential to egress credentials of the BinderHub deployment, including JupyterHub API tokens, kubernetes service accounts, and docker registry credentials. This may provide the ability to manipulate images and other user created pods in the deployment, with the potential to escalate to the host depending on the underlying kubernetes configuration.

Patches

Patch below, or on GitHub

From 9f4043d9dddc1174920e687773f27b7933f48ab6 Mon Sep 17 00:00:00 2001
From: Riccardo Castellotti <rcastell@cern.ch>
Date: Thu, 19 Aug 2021 15:49:43 +0200
Subject: [PATCH] Explicitly separate git-ls-remote options from positional
 arguments

---
 binderhub/repoproviders.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/binderhub/repoproviders.py b/binderhub/repoproviders.py
index f33347b..5d4b87c 100755
--- a/binderhub/repoproviders.py
+++ b/binderhub/repoproviders.py
@@ -484,7 +484,7 @@ class GitRepoProvider(RepoProvider):
             self.sha1_validate(self.unresolved_ref)
         except ValueError:
             # The ref is a head/tag and we resolve it using `git ls-remote`
-            command = ["git", "ls-remote", self.repo, self.unresolved_ref]
+            command = ["git", "ls-remote", "--", self.repo, self.unresolved_ref]
             result = subprocess.run(command, universal_newlines=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
             if result.returncode:
                 raise RuntimeError("Unable to run git ls-remote to get the `resolved_ref`: {}".format(result.stderr))
-- 
2.25.1

Workarounds

Disable the git repo provider by specifying the BinderHub.repo_providers config, e.g.:

from binderhub.repoproviders import (GitHubRepoProvider,
                            GitLabRepoProvider, GistRepoProvider,
                            ZenodoProvider, FigshareProvider, HydroshareProvider,
                            DataverseProvider)

c.BinderHub.repo_providers =  {
            'gh': GitHubRepoProvider,
            'gist': GistRepoProvider,
            'gl': GitLabRepoProvider,
            'zenodo': ZenodoProvider,
            'figshare': FigshareProvider,
            'hydroshare': HydroshareProvider,
            'dataverse': DataverseProvider,
        }

References

Credit: Jose Carlos Luna Duran (CERN) and Riccardo Castellotti (CERN).

For more information

If you have any questions or comments about this advisory:

Email us at security@ipython.org

(GitHub Advisory)

9.7

CVSS Score

3.1

Basic Information

CVE ID

CVE-2021-39159

GHSA ID

GHSA-9jjr-qqfp-ppwx

EPSS Score

0.78965%

CWE

CWE-78

Published

8/30/2021

Updated

9/13/2024

KEV Status

Technology

Python

Technical Details

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
binderhub	pip	< 0.2.0	0.2.0

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability stems from improper argument handling in the git ls-remote command construction. The original code lacked the '--' separator between options and positional arguments, allowing user-controlled input to be interpreted as command options. The patched version adds '--' to mitigate this. The function get_resolved_ref in GitRepoProvider is directly responsible for this insecure command construction, making it the clear vulnerable entry point. The confidence is high as the patch explicitly addresses this specific code location with a well-known command injection prevention technique.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

### Imp**t * r*mot* *o** *x**ution vuln*r**ility **s ***n i**nti*i** in *in**r*u*, w**r* provi*in* *in**r*u* wit* m*li*iously *r**t** input *oul* *x**ut* *o** in t** *in**r*u* *ont*xt, wit* t** pot*nti*l to **r*ss *r***nti*ls o* t** *in**r*u* **ploy

Reasoning

T** vuln*r**ility st*ms *rom improp*r *r*um*nt **n*lin* in t** *it ls-r*mot* *omm*n* *onstru*tion. T** ori*in*l *o** l**k** t** '--' s*p*r*tor **tw**n options *n* position*l *r*um*nts, *llowin* us*r-*ontroll** input to ** int*rpr*t** *s *omm*n* optio

9.7

Basic Information

Concerned about an active attack path?

CVE-2021-39159: remote code execution via git repo provider

Impact

Patches

Workarounds

References

For more information

9.7

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

CVE-2021-39159:
remote code execution via git repo provider

Vulnerability Intelligence
Miggo AI