CVE-2011-4356: Celery local privilege escalation vulnerability
(updated )
Celery 2.1 and 2.2 before 2.2.8, 2.3 before 2.3.4, and 2.4 before 2.4.4 changes the effective id but not the real id during processing of the –uid and –gid arguments to celerybeat, celeryd_detach, celeryd-multi, and celeryev, which allows local users to gain privileges via vectors involving crafted code that is executed by the worker process.
References
- github.com/advisories/GHSA-rpc6-h455-3rx5
- github.com/celery/celery
- github.com/celery/celery/blob/master/docs/sec/CELERYSA-0001.txt
- github.com/celery/celery/commit/53514b158b743678d8993638be5920cd09ccc35c
- github.com/celery/celery/commit/73388921731a0e6feb28ab0d389c4f7dc4d524f6
- github.com/celery/celery/commit/e0767e40994754fe8482bf4ff622c5c6d0b9f671
- github.com/celery/celery/pull/544
- github.com/pypa/advisory-database/tree/main/vulns/celery/PYSEC-2011-17.yaml
- nvd.nist.gov/vuln/detail/CVE-2011-4356
- web.archive.org/web/20140722114447/http://secunia.com/advisories/46973
- web.archive.org/web/20200305001706/http://www.securityfocus.com/bid/50825
Code Behaviors & Features
Detect and mitigate CVE-2011-4356 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →