VDB

GCVE-110-CLOUD-2022-0015

GCVE-110-CLOUD-2022-0015
Advisory Published
Vulnetix · Advisory published September 1, 2022
Azure Synapse Analytics is an analytics service for processing data using various runtimes, among them Apache Spark. Synapse provided users the capability to mount Azure File Shares to their Apache Spark Pools via a script called filesharemount.sh that would execute with elevated privileges. This script would mount the File Share to the /synfs directory. There was a race condition in the script where, if successfully exploited, a user could execute the chown command to change the ownership of any directory—including the one containing the filesharemount.sh itself. This enabled a user to execute additional code with root privileges. On its own, the impact of this vulnerability was limited to the user’s own Spark pool, and did not permit cross-tenant access. Following disclosure, Microsoft disabled the ability to mount Azure File Shares to Spark pools, and recommended mounting Data Lake Storage Gen2 or Azure Blob Storage instead.

Affected Products

VendorProductVersionsPlatforms
AzureSynapse Analytics
AzureSynapse
AzureStorage

References

advisory
advisory

Browse GCVE Records

73,834 records in the GCVE database · Updated July 19, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›