Showing 1 - 3 of 3

CVE-2022-23648

Status Candidate

Overview

containerd is a container runtime available as a daemon for Linux and Windows. A bug was found in containerd prior to versions 1.6.1, 1.5.10, and 1.14.12 where containers launched through containerd’s CRI implementation on Linux with a specially-crafted image configuration could gain access to read-only copies of arbitrary files and directories on the host. This may bypass any policy-based enforcement on container setup (including a Kubernetes Pod Security Policy) and expose potentially sensitive information. Kubernetes and crictl can both be configured to use containerd’s CRI implementation. This bug has been fixed in containerd 1.6.1, 1.5.10, and 1.4.12. Users should update to these versions to resolve the issue.

Related Files

Ubuntu Security Notice USN-5311-2: Posted May 17, 2022; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 5311-2 - USN-5311-1 released updates for contained. Unfortunately, a subsequent update reverted the fix for thisCVE by mistake. This update corrects the problem. It was discovered that containerd allows attackers to gain access to read- only copies of arbitrary files and directories on the host via a specially- crafted image configuration. An attacker could possibly use this issue to obtain sensitive information.; tags | advisory, arbitrary; systems | linux, ubuntu; advisories | CVE-2022-23648; SHA-256 | bf0c845e991aeba0eca65f4b23d29f729ad0f1896214182e1ae0fa304a019039; Download | Favorite | View

containerd Image Volume Insecure Handling: Posted Mar 24, 2022; Authored by Google Security Research, Felix Wilhelm; containerd suffers from an insecure handling vulnerability related to image volumes.; tags | exploit; advisories | CVE-2022-23648; SHA-256 | b48bfd4366814227d48303e9535b5ccfe89e805d02c9e299e3b73f9fe15bbda5; Download | Favorite | View

Ubuntu Security Notice USN-5311-1: Posted Mar 3, 2022; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 5311-1 - It was discovered that containerd allows attackers to gain access to read- only copies of arbitrary files and directories on the host via a specially- crafted image configuration. An attacker could possibly use this issue to obtain sensitive information.; tags | advisory, arbitrary; systems | linux, ubuntu; advisories | CVE-2022-23648; SHA-256 | 5efeeadac5a6cfae3bf4bb56fe44a99d061fa7f74da141e96f22e6b9dcf626d5; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 160 files
Ubuntu 45 files
Matthias Deeg 17 files
malvuln 12 files
Google Security Research 5 files
Yvan Genuer 5 files
Steffen Robertz 4 files
T. Weber 3 files
Jeremy Brown 3 files
nu11secur1ty 3 files

File Archives

Systems

AIX (426)
Apple (1,883)
BSD (368)
CentOS (55)
Cisco (1,913)
Debian (5,948)
Fedora (1,690)
FreeBSD (1,241)
Gentoo (4,152)
HPUX (878)
iOS (318)
iPhone (108)
IRIX (220)
Juniper (67)
Linux (42,395)
Mac OS X (683)
Mandriva (3,105)
NetBSD (255)
OpenBSD (478)
RedHat (11,712)
Slackware (941)
Solaris (1,607)
SUSE (1,444)
Ubuntu (7,860)
UNIX (9,079)
UnixWare (185)
Windows (6,424)
Other

CVE-2022-23648

Overview

Related Files

File Archive:

July 2022

Top Authors In Last 30 Days

File Tags

File Archives

Systems