Security researchers from Cisco revealed that Alpine Linux Docker images distributed via the official Docker Hub portal since December 2015 have been using a NULL password for the root account,
The NULL password for the root account was included in the Official Alpine Linux Docker images since v3.3. The bug received a CVSS score of 9.8, it affects Alpine Docker versions 3.3 to 3.9, including Alpine Docker Edge.
“Versions of the Official Alpine Linux Docker images (since v3
The NULL passoword is present in the /etc/shadow file of the affected builds of the Alpine Docker Image.
“In builds of the Alpine Docker Image (>=3.3) the /etc/shadow file contains a blank field in place of the encrypted password (sp_pwdp in the context of the spwd struct returned by getspent.” continues Talos.
$ for i in seq 1 9; do echo -n "date - Alpine Docker 3.$i - "; docker run -it alpine:3.$i head -n 1 /etc/shadow ; done"
Talos reported the flaw to Alpine Linux in February, experts explained that
Anyway, the good news is that the root account should be explicitly disabled in Docker images that are based on the vulnerable versions.
“The likelihood of exploitation of this vulnerability is environment-dependent, as successful exploitation requires that an exposed service or application utilise Linux PAM, or some other mechanism which uses the system shadow file as an authentication database,” Talos concludes.
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.