exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 5 of 5 RSS Feed

CVE-2022-29162

Status Candidate

Overview

runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. A bug was found in runc prior to version 1.1.2 where `runc exec --cap` created processes with non-empty inheritable Linux process capabilities, creating an atypical Linux environment and enabling programs with inheritable file capabilities to elevate those capabilities to the permitted set during execve(2). This bug did not affect the container security sandbox as the inheritable set never contained more capabilities than were included in the container's bounding set. This bug has been fixed in runc 1.1.2. This fix changes `runc exec --cap` behavior such that the additional capabilities granted to the process being executed (as specified via `--cap` arguments) do not include inheritable capabilities. In addition, `runc spec` is changed to not set any inheritable capabilities in the created example OCI spec (`config.json`) file.

Related Files

Ubuntu Security Notice USN-6088-2
Posted May 24, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6088-2 - USN-6088-1 fixed vulnerabilities in runC. This update provides the corresponding updates for Ubuntu 16.04 LTS. It was discovered that runC incorrectly performed access control when mounting /proc to non-directories. An attacker could possibly use this issue to escalate privileges. Felix Wilhelm discovered that runC incorrecly handled netlink messages. An attacker could possibly use this issue to escalate privileges.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2019-19921, CVE-2021-43784, CVE-2022-29162, CVE-2023-25809, CVE-2023-27561, CVE-2023-28642
SHA-256 | 228e4e8430141c4a888658c04e39158326161025cc9773182744d3522bc81a9d
Download | Favorite | View
Red Hat Security Advisory 2022-8090-01
Posted Nov 16, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-8090-01 - The runC tool is a lightweight, portable implementation of the Open Container Format that provides container runtime.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-29162
SHA-256 | ebee58a0a0eb4b2cf465cb8a4325fa5974ab0a63610d838738ce312acb65668c
Download | Favorite | View
Red Hat Security Advisory 2022-7457-01
Posted Nov 8, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-7457-01 - The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Issues addressed include information leakage and memory exhaustion vulnerabilities.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2021-36221, CVE-2021-41190, CVE-2022-1708, CVE-2022-27191, CVE-2022-29162, CVE-2022-2990
SHA-256 | 72c93ef5fad8294ebe3afa3b48f3853ab0bb3fb7dd60c2174498a5cadd63ae36
Download | Favorite | View
Red Hat Security Advisory 2022-7469-01
Posted Nov 8, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-7469-01 - The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Issues addressed include a memory exhaustion vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-1708, CVE-2022-27191, CVE-2022-29162
SHA-256 | e6a17dcd0f6d748520404bfaf18470bd2497aa1b2b9102c241c9bab13ebee020
Download | Favorite | View
Red Hat Security Advisory 2022-5068-01
Posted Aug 10, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-5068-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2022-1706, CVE-2022-21698, CVE-2022-23772, CVE-2022-23773, CVE-2022-23806, CVE-2022-24675, CVE-2022-24921, CVE-2022-27191, CVE-2022-28327, CVE-2022-29162
SHA-256 | 30e00d08c07434f6fc92069d48ab3c33166cfe75f5097f3b4aae5ca92fe1476e
Download | Favorite | View
Page 1 of 1
Back1Next

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    30 Files
  • 16
    Apr 16th
    10 Files
  • 17
    Apr 17th
    22 Files
  • 18
    Apr 18th
    45 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Services
Security Services
Hosting By
Rokasec
close