CVE-2022-23648
moderate-risk
Published 2022-03-03
containerd is a container runtime available as a daemon for Linux and Windows. A bug was found in containerd prior to versions 1.6.1, 1.5.10, and 1.14.12 where containers launched through containerd’s CRI implementation on Linux with a specially-crafted image configuration could gain access to read-only copies of arbitrary files and directories on the host. This may bypass any policy-based enforcement on container setup (including a Kubernetes Pod Security Policy) and expose potentially sensitive information. Kubernetes and crictl can both be configured to use containerd’s CRI implementation. This bug has been fixed in containerd 1.6.1, 1.5.10, and 1.4.12. Users should update to these versions to resolve the issue.
Do I need to act?
~
5.8% chance of exploitation in next 30 days
EPSS score — moderate exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.5/10
High
NETWORK
/ LOW complexity
Affected Products (5)
Affected Vendors
References (22)
Third Party Advisory
https://github.com/containerd/containerd/security/advisories/GHSA-crp2-qrr5-8pq7
Mailing List
https://www.debian.org/security/2022/dsa-5091
Third Party Advisory
https://github.com/containerd/containerd/security/advisories/GHSA-crp2-qrr5-8pq7
and 2 more references
47
/ 100
moderate-risk
Severity
26/34 · High
Exploitability
9/34 · Low
Exposure
12/34 · Low