Sandbox Escape Vulnerabilities in Judge0 Expose Systems to Complete Takeover

Multiple critical security flaws have been disclosed in the Judge0 open-source online code execution system that could be exploited to obtain code execution on the target system. The three flaws, all critical in nature, allow an “adversary with sufficient access to perform a sandbox escape and obtain root permissions on the host machine,” Australian

Multiple critical security flaws have been disclosed in the Judge0 open-source online code execution system that could be exploited to obtain code execution on the target system.

The three flaws, all critical in nature, allow an “adversary with sufficient access to perform a sandbox escape and obtain root permissions on the host machine,” Australian cybersecurity firm Tanto Security said in a reportreport published today.

Judge0 (pronounced “judge zero”) is described by its maintainers as a “robust, scalable, and open-source online code execution system” that can be used to build applications that require online code execution features such as candidate assessment, e-learning, and online code editors and IDEs.

According to its website, the service is used by 23 customers like AlgoDaily, CodeChum, and PYnative, among others. The project has been forked 412 times on GitHub to date.

The flaws, discovered and reported by Daniel Cooper in March 2024, are listed below –

CVE-2024-28185 (CVSS score: 10.0) – The application does not account for symlinks placed inside the sandbox directory, which can be leveraged by an attacker to write to arbitrary files and gain code execution outside of the sandbox.
CVE-2024-28189 (CVSS score: 10.0) – A patch bypass for CVE-2024-28185 that stems from the use of the UNIX chown command on an untrusted file within the sandbox. An attacker can abuse this by creating a symbolic link (symlink) to a file outside the sandbox, allowing the attacker to run chown on arbitrary files outside of the sandbox.
CVE-2024-29021 (CVSS score: 9.1) – The default configuration of Judge0 leaves the service vulnerable to a sandbox escape via Server-Side Request Forgery (SSRF). This allows an attacker with sufficient access to the Judge0 API to obtain unsandboxed code execution as root on the target machine.

The problem is rooted in a Ruby script named “isolate_job.rb,” which is responsible for setting up the sandbox, as well running the code and storing the results of the execution.

Specifically, it entails creating a symbolic link in the directory before a bash script is set up to execute the program based on the submission language such that it allows writing to an arbitrary file on the unsandboxed system.

A threat actor could leverage this flaw to overwrite scripts on the system and gain code execution outside of the sandbox and on the Docker container running the submission job.

What’s more, the attacker could escalate their privileges outside of the Docker container due to it being run using the privileged flag as specified in docker-compose.yml.

“This will allow the attacker to mount the Linux host filesystem and the attacker can then write files (for example a malicious cron job) to gain access to the system,” Judge0’s Herman Došilović said.

“From this point the attacker will have complete access to the Judge0 system including the database, internal networks, the Judge0 web server, and any other applications running on the Linux host.”

CVE-2024-29021, on the other hand, has to do with a configuration that permits communicating with Judge0’s PostgreSQL database available inside the internal Docker network, thus enabling the adversary to weaponize the SSRF to connect to the database and change the datatype of relevant columns and ultimately gain command injection.

Following responsible disclosure, the shortcomings have been addressed in version 1.13.1 released on April 18, 2024. Users of Judge0 are advised to update to the latest version to mitigate potential threats.

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.

“}]] The Hacker News 

Leave a Reply

Your email address will not be published. Required fields are marked *

Previous Post

Okta Warns of Unprecedented Surge in Proxy-Driven Credential Stuffing Attacks

Next Post

China-Linked ‘Muddling Meerkat’ Hijacks DNS to Map Internet on Global Scale

Related Posts

EC to grill Meta on Facebook ‘subscription for no ads’ plan

The European Commission (EC) on Friday said it needs more information from Facebook and Instagram parent company Meta to assess its compliance with applicable privacy and security laws in the European Union (EU).The EC, in a statement, said Meta also needs to speed up its responses to requests in December for information, which centered on election information, terrorism and the protection of minors. The company has until March 15 to provide that information, with the new info about Meta’s pay-to-opt-out-of-tracking program due March 22.To read this article in full, please click here
Read More

LockBit Ransomware Hacker Ordered to Pay $860,000 After Guilty Plea in Canada

A 34-year-old Russian-Canadian national has been sentenced to nearly four years in jail in Canada for his participation in the LockBit global ransomware operation. Mikhail Vasiliev, an Ontario resident, was originally arrested in November 2022 and charged by the U.S. Department of Justice (DoJ) with "conspiring with others to intentionally damage protected computers and to transmit
Read More