Multiple vulnerabilities in containerd



Published: 2023-03-10
Risk Medium
Patch available YES
Number of vulnerabilities 6
CVE-ID CVE-2022-2879
CVE-2022-2880
CVE-2022-41715
CVE-2022-27664
CVE-2022-32190
CVE-2022-24921
CWE-ID CWE-399
CWE-20
CWE-400
CWE-22
CWE-185
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe 		containerd
Other software / Other software solutions

Vendor containerd

Security Bulletin

This security bulletin contains information about 6 vulnerabilities.

1) Resource management error

EUVDB-ID: #VU68387

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-2879

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to absent limits on the maximum size of file headers within the Reader.Read method in archive/tar. A remote attacker can pass a specially crafted file to the application and perform a denial of service (DoS) attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions before 1.7.0
CPE2.3 External links

http://github.com/containerd/containerd/releases/tag/v1.7.0


Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

2) Input validation error

EUVDB-ID: #VU68389

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-2880

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform parameter smuggling attacks.

The vulnerability exists due to incorrect handling of requests forwarded by ReverseProxy in net/http/httputil. A remote attacker can supply specially crafted parameters that cannot be parsed and are rejected by net/http and force the application to include these parameters into the forwarding request. As a result, a remote attacker can smuggle potentially dangerous HTTP parameters into the request.

Mitigation

Install update from vendor's website.

Vulnerable software versions before 1.7.0
CPE2.3 External links

http://github.com/containerd/containerd/releases/tag/v1.7.0


Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

3) Resource exhaustion

EUVDB-ID: #VU68390

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-41715

CWE-ID: CWE-400 - Resource exhaustion

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to application does not properly control consumption of internal resources in regexp/syntax when handling regular expressions. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions before 1.7.0
CPE2.3 External links

http://github.com/containerd/containerd/releases/tag/v1.7.0


Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

4) Input validation error

EUVDB-ID: #VU67396

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-27664

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions before 1.7.0
CPE2.3 External links

http://github.com/containerd/containerd/releases/tag/v1.7.0


Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

5) Path traversal

EUVDB-ID: #VU67556

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-32190

CWE-ID: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform directory traversal attacks.

The vulnerability exists due to input validation error when processing directory traversal sequences within JoinPath and URL.JoinPath. A remote attacker can send a specially crafted HTTP request and read arbitrary files on the system.

Mitigation

Install update from vendor's website.

Vulnerable software versions before 1.7.0
CPE2.3 External links

http://github.com/containerd/containerd/releases/tag/v1.7.0


Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

6) Incorrect Regular Expression

EUVDB-ID: #VU61227

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-24921

CWE-ID: CWE-185 - Incorrect Regular Expression

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to an error in regexp.Compile in Go. A remote attacker can pass specially crafted input to the application and perform regular expression denial of service (ReDoS) attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions before 1.7.0
CPE2.3 External links

http://github.com/containerd/containerd/releases/tag/v1.7.0


Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?



###SIDEBAR###