Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2022-23648

containerd is a container runtime available as a daemon for Linux and Windows. A bug was found in containerd prior to versions 1.6.1, 1.5.10, and 1.14.12 where containers launched through containerd’s CRI implementation on Linux with a specially-crafted image configuration could gain access to read-only copies of arbitrary files and directories on the host. This may bypass any policy-based enforcement on container setup (including a Kubernetes Pod Security Policy) and expose potentially sensitive information. Kubernetes and crictl can both be configured to use containerd’s CRI implementation. This bug has been fixed in containerd 1.6.1, 1.5.10, and 1.4.12. Users should update to these versions to resolve the issue.

Published

2022-03-03T14:15:07.973

Last Modified

2024-11-21T06:49:00.957

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.5 (HIGH)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: PARTIAL
Integrity Impact: NONE
Availability Impact: NONE

Exploitability Score

10.0

Impact Score

2.9

Weaknesses

Type: Secondary
CWE-200
Type: Primary
NVD-CWE-noinfo

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	linuxfoundation	containerd	< 1.4.13	Yes
Application	linuxfoundation	containerd	< 1.5.10	Yes
Application	linuxfoundation	containerd	< 1.6.1	Yes
Operating System	debian	debian_linux	11.0	Yes
Operating System	fedoraproject	fedora	34	Yes
Operating System	fedoraproject	fedora	35	Yes
Operating System	fedoraproject	fedora	36	Yes

References

http://packetstormsecurity.com/files/166421/containerd-Image-Volume-Insecure-Handling.html Exploit, Third Party Advisory, VDB Entry ([email protected])
https://github.com/containerd/containerd/commit/10f428dac7cec44c864e1b830a4623af27a9fc70 Patch, Third Party Advisory ([email protected])
https://github.com/containerd/containerd/releases/tag/v1.4.13 Patch, Release Notes, Third Party Advisory ([email protected])
https://github.com/containerd/containerd/releases/tag/v1.5.10 Patch, Release Notes, Third Party Advisory ([email protected])
https://github.com/containerd/containerd/releases/tag/v1.6.1 Patch, Release Notes, Third Party Advisory ([email protected])
https://github.com/containerd/containerd/security/advisories/GHSA-crp2-qrr5-8pq7 Third Party Advisory ([email protected])
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AUDQUQBZJGBWJPMRVB6QCCCRF7O3O4PA/ ([email protected])
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HFTS2EF3S7HNYSNZSEJZIJHPRU7OPUV3/ ([email protected])
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OCCARJ6FU4MWBTXHZNMS7NELPDBIX2VO/ ([email protected])
https://security.gentoo.org/glsa/202401-31 ([email protected])
https://www.debian.org/security/2022/dsa-5091 Mailing List, Third Party Advisory ([email protected])
http://packetstormsecurity.com/files/166421/containerd-Image-Volume-Insecure-Handling.html Exploit, Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
https://github.com/containerd/containerd/commit/10f428dac7cec44c864e1b830a4623af27a9fc70 Patch, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://github.com/containerd/containerd/releases/tag/v1.4.13 Patch, Release Notes, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://github.com/containerd/containerd/releases/tag/v1.5.10 Patch, Release Notes, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://github.com/containerd/containerd/releases/tag/v1.6.1 Patch, Release Notes, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://github.com/containerd/containerd/security/advisories/GHSA-crp2-qrr5-8pq7 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AUDQUQBZJGBWJPMRVB6QCCCRF7O3O4PA/ (af854a3a-2127-422b-91ae-364da2661108)
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HFTS2EF3S7HNYSNZSEJZIJHPRU7OPUV3/ (af854a3a-2127-422b-91ae-364da2661108)
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OCCARJ6FU4MWBTXHZNMS7NELPDBIX2VO/ (af854a3a-2127-422b-91ae-364da2661108)
https://security.gentoo.org/glsa/202401-31 (af854a3a-2127-422b-91ae-364da2661108)
https://www.debian.org/security/2022/dsa-5091 Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)