exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 11 of 11 RSS Feed

CVE-2023-25173

Status Candidate

Overview

containerd is an open source container runtime. A bug was found in containerd prior to versions 1.6.18 and 1.5.18 where supplementary groups are not set up properly inside a container. If an attacker has direct access to a container and manipulates their supplementary group access, they may be able to use supplementary group access to bypass primary group restrictions in some cases, potentially gaining access to sensitive information or gaining the ability to execute code in that container. Downstream applications that use the containerd client library may be affected as well. This bug has been fixed in containerd v1.6.18 and v.1.5.18. Users should update to these versions and recreate containers to resolve this issue. Users who rely on a downstream application that uses containerd's client library should check that application for a separate advisory and instructions. As a workaround, ensure that the `"USER $USERNAME"` Dockerfile instruction is not used. Instead, set the container entrypoint to a value similar to `ENTRYPOINT ["su", "-", "user"]` to allow `su` to properly set up supplementary groups.

Related Files

Red Hat Security Advisory 2023-5314-01
Posted Sep 21, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-5314-01 - OpenShift API for Data Protection enables you to back up and restore application resources, persistent volume data, and internal container images to external backup storage. OADP enables both file system-based and snapshot-based backups for persistent volumes. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2020-24736, CVE-2022-21698, CVE-2022-41723, CVE-2022-48281, CVE-2023-1667, CVE-2023-2253, CVE-2023-2283, CVE-2023-24532, CVE-2023-25173, CVE-2023-2602, CVE-2023-2603, CVE-2023-26604, CVE-2023-27536, CVE-2023-28321
SHA-256 | 8cf8572f470b3beefb5a0e9b9113eb0f47bd25024311177330838258f83c2573
Red Hat Security Advisory 2023-4671-01
Posted Aug 24, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4671-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.12.30.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-25173
SHA-256 | ed14c54c0dcb242c5472de4d8937781210cd32a78805d4c4caf4ca0fb8d98f2e
Red Hat Security Advisory 2023-4488-01
Posted Aug 7, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4488-01 - Red Hat OpenShift support for Windows Containers allows you to deploy Windows container workloads running on Windows Server containers.

tags | advisory
systems | linux, redhat, windows
advisories | CVE-2020-24736, CVE-2022-27191, CVE-2022-30629, CVE-2022-35252, CVE-2022-36227, CVE-2022-43552, CVE-2023-0361, CVE-2023-1667, CVE-2023-2283, CVE-2023-25173, CVE-2023-26604, CVE-2023-27535
SHA-256 | 252acb6439c37d57d435d183f3aa4787523afbcaecc3e6fbfba5f267fd67ba49
Red Hat Security Advisory 2023-4226-01
Posted Jul 27, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4226-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.13.6.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-41723, CVE-2022-46663, CVE-2023-0464, CVE-2023-0465, CVE-2023-0466, CVE-2023-1255, CVE-2023-1260, CVE-2023-24329, CVE-2023-24534, CVE-2023-24536, CVE-2023-24537, CVE-2023-24538, CVE-2023-24539, CVE-2023-25173
SHA-256 | ce4492864dcb382a006d5197438c039f97330f652c6c8aed7cc631262735dfe7
Red Hat Security Advisory 2023-4025-01
Posted Jul 18, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4025-01 - Red Hat OpenShift support for Windows Containers allows you to deploy Windows container workloads running on Windows Server containers. Issues addressed include a bypass vulnerability.

tags | advisory, bypass
systems | linux, redhat, windows
advisories | CVE-2022-36227, CVE-2023-0361, CVE-2023-25173, CVE-2023-27535
SHA-256 | 44df9bd2f76286c5413fd65a278a9ce79e084219d6e99cacaf86f41a1b126c63
Ubuntu Security Notice USN-6202-1
Posted Jul 5, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6202-1 - David Korczynski and Adam Korczynski discovered that containerd incorrectly processed certain images with large files. An attacker could possibly use this issue to cause containerd to crash, resulting in a denial of service. It was discovered that containerd incorrectly set up supplementary groups inside a container. An attacker with direct access to the container could possibly use this issue to obtain sensitive information or execute code with higher privileges.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2023-25153, CVE-2023-25173
SHA-256 | e823ee1989c015b6a3a78bab272a96fe9d1b6c3c47bcc98a5f571ddfb1e8ba56
Red Hat Security Advisory 2023-3537-01
Posted Jun 15, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3537-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.13.3.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-41723, CVE-2023-25173, CVE-2023-26054
SHA-256 | 1be5005d772c89ecf209c65a2f808ab383266ecef2cd9954695556ccd7b0f997
Red Hat Security Advisory 2023-3450-01
Posted Jun 6, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3450-01 - OpenShift Serverless 1.29.0 has been released. The References section contains CVE links providing detailed severity ratings for each vulnerability. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2022-41723, CVE-2022-41724, CVE-2022-41725, CVE-2023-24534, CVE-2023-24536, CVE-2023-24537, CVE-2023-24538, CVE-2023-25173
SHA-256 | da7236d0f2323c0684fbb3d6fc94e6e005e11ba6da118b55eaf878f9f6e2b5e0
Red Hat Security Advisory 2023-2029-01
Posted May 11, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-2029-01 - The OpenShift Security Profiles Operator v0.7.0 is now available. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2023-0475, CVE-2023-25173
SHA-256 | 008bf2df386754638ecc3c84d787cc47a38a29c366656c0ad077a162138cdb5c
Red Hat Security Advisory 2023-1372-01
Posted May 10, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1372-01 - Red Hat OpenShift support for Windows Containers allows you to deploy Windows container workloads running on Windows Server containers. Issues addressed include a bypass vulnerability.

tags | advisory, bypass
systems | linux, redhat, windows
advisories | CVE-2022-41717, CVE-2023-25173
SHA-256 | 90f9e40ef64431731006b57dee187d9656b1f6d15df0e8be50a81f1dbbc854b9
Red Hat Security Advisory 2023-2107-01
Posted May 4, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-2107-01 - The Migration Toolkit for Containers (MTC) 1.7.9 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2022-41724, CVE-2022-41725, CVE-2022-4304, CVE-2022-4450, CVE-2023-0215, CVE-2023-0286, CVE-2023-0361, CVE-2023-23916, CVE-2023-25173, CVE-2023-28617
SHA-256 | 4e5916017cd2c38d0dbb46d07a4b6c5a15d545e4b934c30942abd25556065af8
Page 1 of 1
Back1Next

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    28 Files
  • 16
    Jul 16th
    6 Files
  • 17
    Jul 17th
    34 Files
  • 18
    Jul 18th
    6 Files
  • 19
    Jul 19th
    34 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    19 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close