Permissions, Privileges, and Access Controls in containerd

#VU61600 Permissions, Privileges, and Access Controls in containerd

Published: 2022-03-24

Vulnerability identifier: #VU61600

Vulnerability risk: Medium

CVSSv3.1: 6.4 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-24769

CWE-ID: CWE-264

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
containerd
Other software / Other software solutions

Vendor: containerd

Description

The vulnerability allows a remote attacker to escalate privileges on the system.

The vulnerability exists due to containers are incorrectly started with non-empty inheritable Linux process capabilities, which leads to security restrictions bypass and privilege escalation.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

containerd: 1.5.0 - 1.5.10, 1.6.0 - 1.6.1

External links
http://github.com/containerd/containerd/security/advisories/GHSA-c9cp-9c75-9v8c

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Gentoo update for containerd

Multiple vulnerabilities in Dell PowerStore Family

Multiple vulnerabilities in IBM Edge Application Manager

Multiple vulnerabilities in Dell VxRail Appliance components

Ubuntu update for containerd

Multiple vulnerabilities in Dell VxRail

openEuler update for docker

Debian update for containerd

Multiple vulnerabilities in OpenShift Container Platform 4.6