#VU67071 Permissions, Privileges, and Access Controls in OpenShift Virtualization


Published: 2022-09-07

Vulnerability identifier: #VU67071

Vulnerability risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-1798

CWE-ID: CWE-264

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
OpenShift Virtualization
Server applications / Virtualization software

Vendor: Red Hat Inc.

Description

The vulnerability allows a remote user to read arbitrary files on the system.

The vulnerability exists due to a logic issue in kubeVirt API. A remote user can use the kubeVirt API to provide access to host files (like /etc/passwd, for example) in a KubeVirt VM as a disk device that can be written to and read from.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

OpenShift Virtualization: 4.10.0 - 4.10.4

External links
http://bugzilla.redhat.com/show_bug.cgi?id=2117872

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Multiple vulnerabilities in OpenShift Virtualization 4.12
Multiple vulnerabilities in OpenShift Virtualization 4.8
Multiple vulnerabilities in OpenShift Virtualization 4.9
SUSE update for kubevirt, virt-api-container, virt-controller-container, virt-handler-container, virt-launcher-container, virt-libguestfs-tools-container, virt-operator-container
SUSE update for kubevirt, virt-api-container, virt-controller-container, virt-handler-container, virt-launcher-container, virt-libguestfs-tools-container, virt-operator-container
Multiple vulnerabilities in OpenShift Virtualization
Multiple vulnerabilities in OpenShift Virtualization 4.10