CVE-2017-14388

Name of the Vulnerable Software and Affected Versions Cloud Foundry Foundation GrootFS versions prior to 0.30.0

Description The issue allows specially crafted images to poison the grootfs volume cache due to a lack of validation of DiffIDs. This could enable an attacker to provide an image layer that would be considered as the Ubuntu base layer by GrootFS.

Recommendations For versions prior to 0.30.0, update to version 0.30.0 or later to resolve the issue. As a temporary workaround, consider restricting the use of specially crafted images to minimize the risk of exploitation.