csaf_suse - suse-su-2022:3333-1

suse-su-2022:3333-1

Vulnerability from csaf_suse

Published

2022-09-22 06:46

Modified

2022-09-22 06:46

Summary

Security update for kubevirt, virt-api-container, virt-controller-container, virt-handler-container, virt-launcher-container, virt-libguestfs-tools-container, virt-operator-container

Notes

Title of the patch

Security update for kubevirt, virt-api-container, virt-controller-container, virt-handler-container, virt-launcher-container, virt-libguestfs-tools-container, virt-operator-container

Description of the patch

This update for kubevirt, virt-api-container, virt-controller-container, virt-handler-container, virt-launcher-container, virt-libguestfs-tools-container, virt-operator-container fixes the following issues: The kubevirt stack was updated to version 0.54.0 Release notes https://github.com/kubevirt/kubevirt/releases/tag/v0.54.0 Security fixes: - CVE-2022-1798: Fix arbitrary file read on the host from KubeVirt VMs (bsc#1202516) Security fixes in vendored dependencies: - CVE-2022-1996: Fixed go-restful CORS bypass bsc#1200528) - CVE-2022-29162: Fixed runc incorrect handling of inheritable capabilities in default configuration (bsc#1199460) - Fix containerdisk unmount logic - Support topology spread constraints - Update libvirt-go to fix memory leak - Pack nft rules and nsswitch.conf for virt-handler - Only create 1MiB-aligned disk images (bsc#1199603) - Avoid to return nil failure message - Use semantic equality comparison - Drop kubevirt-psp-caasp.yaml - Allow to configure utility containers for update test - Symlink nsswitch.conf and nft rules to proper locations - Drop unused package libvirt-client - Install vim-small instead of vim - Remove unneeded libvirt-daemon-driver-storage-core - Install missing packages ethtool and gawk. Fixes bsc#1199392

Patchnames

SUSE-2022-3333,SUSE-SLE-Module-Containers-15-SP4-2022-3333,openSUSE-SLE-15.4-2022-3333

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for kubevirt, virt-api-container, virt-controller-container, virt-handler-container, virt-launcher-container, virt-libguestfs-tools-container, virt-operator-container",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for kubevirt, virt-api-container, virt-controller-container, virt-handler-container, virt-launcher-container, virt-libguestfs-tools-container, virt-operator-container fixes the following issues:\n\nThe kubevirt stack was updated to version 0.54.0\n\nRelease notes https://github.com/kubevirt/kubevirt/releases/tag/v0.54.0\n\nSecurity fixes:\n\n- CVE-2022-1798: Fix arbitrary file read on the host from KubeVirt VMs (bsc#1202516)\n\nSecurity fixes in vendored dependencies:\n\n- CVE-2022-1996: Fixed go-restful CORS bypass bsc#1200528)\n- CVE-2022-29162: Fixed runc incorrect handling of inheritable capabilities in default configuration (bsc#1199460)\n\n- Fix containerdisk unmount logic\n- Support topology spread constraints\n- Update libvirt-go to fix memory leak\n- Pack nft rules and nsswitch.conf for virt-handler\n- Only create 1MiB-aligned disk images (bsc#1199603)\n- Avoid to return nil failure message\n- Use semantic equality comparison\n- Drop kubevirt-psp-caasp.yaml\n- Allow to configure utility containers for update test\n- Symlink nsswitch.conf and nft rules to proper locations\n- Drop unused package libvirt-client\n- Install vim-small instead of vim\n- Remove unneeded libvirt-daemon-driver-storage-core\n- Install missing packages ethtool and gawk. Fixes bsc#1199392\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-2022-3333,SUSE-SLE-Module-Containers-15-SP4-2022-3333,openSUSE-SLE-15.4-2022-3333",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_3333-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2022:3333-1",
        "url": "https://www.suse.com/support/update/announcement/2022/suse-su-20223333-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2022:3333-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-September/012328.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1199392",
        "url": "https://bugzilla.suse.com/1199392"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1199460",
        "url": "https://bugzilla.suse.com/1199460"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1199603",
        "url": "https://bugzilla.suse.com/1199603"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200528",
        "url": "https://bugzilla.suse.com/1200528"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1202516",
        "url": "https://bugzilla.suse.com/1202516"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-1798 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-1798/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-1996 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-1996/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-29162 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-29162/"
      }
    ],
    "title": "Security update for kubevirt, virt-api-container, virt-controller-container, virt-handler-container, virt-launcher-container, virt-libguestfs-tools-container, virt-operator-container",
    "tracking": {
      "current_release_date": "2022-09-22T06:46:45Z",
      "generator": {
        "date": "2022-09-22T06:46:45Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2022:3333-1",
      "initial_release_date": "2022-09-22T06:46:45Z",
      "revision_history": [
        {
          "date": "2022-09-22T06:46:45Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kubevirt-container-disk-0.54.0-150400.3.3.2.x86_64",
                "product": {
                  "name": "kubevirt-container-disk-0.54.0-150400.3.3.2.x86_64",
                  "product_id": "kubevirt-container-disk-0.54.0-150400.3.3.2.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kubevirt-manifests-0.54.0-150400.3.3.2.x86_64",
                "product": {
                  "name": "kubevirt-manifests-0.54.0-150400.3.3.2.x86_64",
                  "product_id": "kubevirt-manifests-0.54.0-150400.3.3.2.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kubevirt-tests-0.54.0-150400.3.3.2.x86_64",
                "product": {
                  "name": "kubevirt-tests-0.54.0-150400.3.3.2.x86_64",
                  "product_id": "kubevirt-tests-0.54.0-150400.3.3.2.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kubevirt-virt-api-0.54.0-150400.3.3.2.x86_64",
                "product": {
                  "name": "kubevirt-virt-api-0.54.0-150400.3.3.2.x86_64",
                  "product_id": "kubevirt-virt-api-0.54.0-150400.3.3.2.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kubevirt-virt-controller-0.54.0-150400.3.3.2.x86_64",
                "product": {
                  "name": "kubevirt-virt-controller-0.54.0-150400.3.3.2.x86_64",
                  "product_id": "kubevirt-virt-controller-0.54.0-150400.3.3.2.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kubevirt-virt-handler-0.54.0-150400.3.3.2.x86_64",
                "product": {
                  "name": "kubevirt-virt-handler-0.54.0-150400.3.3.2.x86_64",
                  "product_id": "kubevirt-virt-handler-0.54.0-150400.3.3.2.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kubevirt-virt-launcher-0.54.0-150400.3.3.2.x86_64",
                "product": {
                  "name": "kubevirt-virt-launcher-0.54.0-150400.3.3.2.x86_64",
                  "product_id": "kubevirt-virt-launcher-0.54.0-150400.3.3.2.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kubevirt-virt-operator-0.54.0-150400.3.3.2.x86_64",
                "product": {
                  "name": "kubevirt-virt-operator-0.54.0-150400.3.3.2.x86_64",
                  "product_id": "kubevirt-virt-operator-0.54.0-150400.3.3.2.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kubevirt-virtctl-0.54.0-150400.3.3.2.x86_64",
                "product": {
                  "name": "kubevirt-virtctl-0.54.0-150400.3.3.2.x86_64",
                  "product_id": "kubevirt-virtctl-0.54.0-150400.3.3.2.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "obs-service-kubevirt_containers_meta-0.54.0-150400.3.3.2.x86_64",
                "product": {
                  "name": "obs-service-kubevirt_containers_meta-0.54.0-150400.3.3.2.x86_64",
                  "product_id": "obs-service-kubevirt_containers_meta-0.54.0-150400.3.3.2.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Module for Containers 15 SP4",
                "product": {
                  "name": "SUSE Linux Enterprise Module for Containers 15 SP4",
                  "product_id": "SUSE Linux Enterprise Module for Containers 15 SP4",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-module-containers:15:sp4"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "openSUSE Leap 15.4",
                "product": {
                  "name": "openSUSE Leap 15.4",
                  "product_id": "openSUSE Leap 15.4",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:leap:15.4"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kubevirt-manifests-0.54.0-150400.3.3.2.x86_64 as component of SUSE Linux Enterprise Module for Containers 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Containers 15 SP4:kubevirt-manifests-0.54.0-150400.3.3.2.x86_64"
        },
        "product_reference": "kubevirt-manifests-0.54.0-150400.3.3.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kubevirt-virtctl-0.54.0-150400.3.3.2.x86_64 as component of SUSE Linux Enterprise Module for Containers 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Containers 15 SP4:kubevirt-virtctl-0.54.0-150400.3.3.2.x86_64"
        },
        "product_reference": "kubevirt-virtctl-0.54.0-150400.3.3.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kubevirt-container-disk-0.54.0-150400.3.3.2.x86_64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kubevirt-container-disk-0.54.0-150400.3.3.2.x86_64"
        },
        "product_reference": "kubevirt-container-disk-0.54.0-150400.3.3.2.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kubevirt-manifests-0.54.0-150400.3.3.2.x86_64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kubevirt-manifests-0.54.0-150400.3.3.2.x86_64"
        },
        "product_reference": "kubevirt-manifests-0.54.0-150400.3.3.2.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kubevirt-tests-0.54.0-150400.3.3.2.x86_64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kubevirt-tests-0.54.0-150400.3.3.2.x86_64"
        },
        "product_reference": "kubevirt-tests-0.54.0-150400.3.3.2.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kubevirt-virt-api-0.54.0-150400.3.3.2.x86_64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kubevirt-virt-api-0.54.0-150400.3.3.2.x86_64"
        },
        "product_reference": "kubevirt-virt-api-0.54.0-150400.3.3.2.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kubevirt-virt-controller-0.54.0-150400.3.3.2.x86_64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kubevirt-virt-controller-0.54.0-150400.3.3.2.x86_64"
        },
        "product_reference": "kubevirt-virt-controller-0.54.0-150400.3.3.2.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kubevirt-virt-handler-0.54.0-150400.3.3.2.x86_64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kubevirt-virt-handler-0.54.0-150400.3.3.2.x86_64"
        },
        "product_reference": "kubevirt-virt-handler-0.54.0-150400.3.3.2.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kubevirt-virt-launcher-0.54.0-150400.3.3.2.x86_64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kubevirt-virt-launcher-0.54.0-150400.3.3.2.x86_64"
        },
        "product_reference": "kubevirt-virt-launcher-0.54.0-150400.3.3.2.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kubevirt-virt-operator-0.54.0-150400.3.3.2.x86_64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kubevirt-virt-operator-0.54.0-150400.3.3.2.x86_64"
        },
        "product_reference": "kubevirt-virt-operator-0.54.0-150400.3.3.2.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kubevirt-virtctl-0.54.0-150400.3.3.2.x86_64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:kubevirt-virtctl-0.54.0-150400.3.3.2.x86_64"
        },
        "product_reference": "kubevirt-virtctl-0.54.0-150400.3.3.2.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "obs-service-kubevirt_containers_meta-0.54.0-150400.3.3.2.x86_64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:obs-service-kubevirt_containers_meta-0.54.0-150400.3.3.2.x86_64"
        },
        "product_reference": "obs-service-kubevirt_containers_meta-0.54.0-150400.3.3.2.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2022-1798",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-1798"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A path traversal vulnerability in KubeVirt versions up to 0.56 (and 0.55.1) on all platforms allows a user able to configure the kubevirt to read arbitrary files on the host filesystem which are publicly readable or which are readable for UID 107 or GID 107. /proc/self/\u003c\u003e is not accessible.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Containers 15 SP4:kubevirt-manifests-0.54.0-150400.3.3.2.x86_64",
          "SUSE Linux Enterprise Module for Containers 15 SP4:kubevirt-virtctl-0.54.0-150400.3.3.2.x86_64",
          "openSUSE Leap 15.4:kubevirt-container-disk-0.54.0-150400.3.3.2.x86_64",
          "openSUSE Leap 15.4:kubevirt-manifests-0.54.0-150400.3.3.2.x86_64",
          "openSUSE Leap 15.4:kubevirt-tests-0.54.0-150400.3.3.2.x86_64",
          "openSUSE Leap 15.4:kubevirt-virt-api-0.54.0-150400.3.3.2.x86_64",
          "openSUSE Leap 15.4:kubevirt-virt-controller-0.54.0-150400.3.3.2.x86_64",
          "openSUSE Leap 15.4:kubevirt-virt-handler-0.54.0-150400.3.3.2.x86_64",
          "openSUSE Leap 15.4:kubevirt-virt-launcher-0.54.0-150400.3.3.2.x86_64",
          "openSUSE Leap 15.4:kubevirt-virt-operator-0.54.0-150400.3.3.2.x86_64",
          "openSUSE Leap 15.4:kubevirt-virtctl-0.54.0-150400.3.3.2.x86_64",
          "openSUSE Leap 15.4:obs-service-kubevirt_containers_meta-0.54.0-150400.3.3.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-1798",
          "url": "https://www.suse.com/security/cve/CVE-2022-1798"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1202516 for CVE-2022-1798",
          "url": "https://bugzilla.suse.com/1202516"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Containers 15 SP4:kubevirt-manifests-0.54.0-150400.3.3.2.x86_64",
            "SUSE Linux Enterprise Module for Containers 15 SP4:kubevirt-virtctl-0.54.0-150400.3.3.2.x86_64",
            "openSUSE Leap 15.4:kubevirt-container-disk-0.54.0-150400.3.3.2.x86_64",
            "openSUSE Leap 15.4:kubevirt-manifests-0.54.0-150400.3.3.2.x86_64",
            "openSUSE Leap 15.4:kubevirt-tests-0.54.0-150400.3.3.2.x86_64",
            "openSUSE Leap 15.4:kubevirt-virt-api-0.54.0-150400.3.3.2.x86_64",
            "openSUSE Leap 15.4:kubevirt-virt-controller-0.54.0-150400.3.3.2.x86_64",
            "openSUSE Leap 15.4:kubevirt-virt-handler-0.54.0-150400.3.3.2.x86_64",
            "openSUSE Leap 15.4:kubevirt-virt-launcher-0.54.0-150400.3.3.2.x86_64",
            "openSUSE Leap 15.4:kubevirt-virt-operator-0.54.0-150400.3.3.2.x86_64",
            "openSUSE Leap 15.4:kubevirt-virtctl-0.54.0-150400.3.3.2.x86_64",
            "openSUSE Leap 15.4:obs-service-kubevirt_containers_meta-0.54.0-150400.3.3.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Containers 15 SP4:kubevirt-manifests-0.54.0-150400.3.3.2.x86_64",
            "SUSE Linux Enterprise Module for Containers 15 SP4:kubevirt-virtctl-0.54.0-150400.3.3.2.x86_64",
            "openSUSE Leap 15.4:kubevirt-container-disk-0.54.0-150400.3.3.2.x86_64",
            "openSUSE Leap 15.4:kubevirt-manifests-0.54.0-150400.3.3.2.x86_64",
            "openSUSE Leap 15.4:kubevirt-tests-0.54.0-150400.3.3.2.x86_64",
            "openSUSE Leap 15.4:kubevirt-virt-api-0.54.0-150400.3.3.2.x86_64",
            "openSUSE Leap 15.4:kubevirt-virt-controller-0.54.0-150400.3.3.2.x86_64",
            "openSUSE Leap 15.4:kubevirt-virt-handler-0.54.0-150400.3.3.2.x86_64",
            "openSUSE Leap 15.4:kubevirt-virt-launcher-0.54.0-150400.3.3.2.x86_64",
            "openSUSE Leap 15.4:kubevirt-virt-operator-0.54.0-150400.3.3.2.x86_64",
            "openSUSE Leap 15.4:kubevirt-virtctl-0.54.0-150400.3.3.2.x86_64",
            "openSUSE Leap 15.4:obs-service-kubevirt_containers_meta-0.54.0-150400.3.3.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-09-22T06:46:45Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-1798"
    },
    {
      "cve": "CVE-2022-1996",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-1996"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Authorization Bypass Through User-Controlled Key in GitHub repository emicklei/go-restful prior to v3.8.0.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Containers 15 SP4:kubevirt-manifests-0.54.0-150400.3.3.2.x86_64",
          "SUSE Linux Enterprise Module for Containers 15 SP4:kubevirt-virtctl-0.54.0-150400.3.3.2.x86_64",
          "openSUSE Leap 15.4:kubevirt-container-disk-0.54.0-150400.3.3.2.x86_64",
          "openSUSE Leap 15.4:kubevirt-manifests-0.54.0-150400.3.3.2.x86_64",
          "openSUSE Leap 15.4:kubevirt-tests-0.54.0-150400.3.3.2.x86_64",
          "openSUSE Leap 15.4:kubevirt-virt-api-0.54.0-150400.3.3.2.x86_64",
          "openSUSE Leap 15.4:kubevirt-virt-controller-0.54.0-150400.3.3.2.x86_64",
          "openSUSE Leap 15.4:kubevirt-virt-handler-0.54.0-150400.3.3.2.x86_64",
          "openSUSE Leap 15.4:kubevirt-virt-launcher-0.54.0-150400.3.3.2.x86_64",
          "openSUSE Leap 15.4:kubevirt-virt-operator-0.54.0-150400.3.3.2.x86_64",
          "openSUSE Leap 15.4:kubevirt-virtctl-0.54.0-150400.3.3.2.x86_64",
          "openSUSE Leap 15.4:obs-service-kubevirt_containers_meta-0.54.0-150400.3.3.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-1996",
          "url": "https://www.suse.com/security/cve/CVE-2022-1996"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200528 for CVE-2022-1996",
          "url": "https://bugzilla.suse.com/1200528"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Containers 15 SP4:kubevirt-manifests-0.54.0-150400.3.3.2.x86_64",
            "SUSE Linux Enterprise Module for Containers 15 SP4:kubevirt-virtctl-0.54.0-150400.3.3.2.x86_64",
            "openSUSE Leap 15.4:kubevirt-container-disk-0.54.0-150400.3.3.2.x86_64",
            "openSUSE Leap 15.4:kubevirt-manifests-0.54.0-150400.3.3.2.x86_64",
            "openSUSE Leap 15.4:kubevirt-tests-0.54.0-150400.3.3.2.x86_64",
            "openSUSE Leap 15.4:kubevirt-virt-api-0.54.0-150400.3.3.2.x86_64",
            "openSUSE Leap 15.4:kubevirt-virt-controller-0.54.0-150400.3.3.2.x86_64",
            "openSUSE Leap 15.4:kubevirt-virt-handler-0.54.0-150400.3.3.2.x86_64",
            "openSUSE Leap 15.4:kubevirt-virt-launcher-0.54.0-150400.3.3.2.x86_64",
            "openSUSE Leap 15.4:kubevirt-virt-operator-0.54.0-150400.3.3.2.x86_64",
            "openSUSE Leap 15.4:kubevirt-virtctl-0.54.0-150400.3.3.2.x86_64",
            "openSUSE Leap 15.4:obs-service-kubevirt_containers_meta-0.54.0-150400.3.3.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Containers 15 SP4:kubevirt-manifests-0.54.0-150400.3.3.2.x86_64",
            "SUSE Linux Enterprise Module for Containers 15 SP4:kubevirt-virtctl-0.54.0-150400.3.3.2.x86_64",
            "openSUSE Leap 15.4:kubevirt-container-disk-0.54.0-150400.3.3.2.x86_64",
            "openSUSE Leap 15.4:kubevirt-manifests-0.54.0-150400.3.3.2.x86_64",
            "openSUSE Leap 15.4:kubevirt-tests-0.54.0-150400.3.3.2.x86_64",
            "openSUSE Leap 15.4:kubevirt-virt-api-0.54.0-150400.3.3.2.x86_64",
            "openSUSE Leap 15.4:kubevirt-virt-controller-0.54.0-150400.3.3.2.x86_64",
            "openSUSE Leap 15.4:kubevirt-virt-handler-0.54.0-150400.3.3.2.x86_64",
            "openSUSE Leap 15.4:kubevirt-virt-launcher-0.54.0-150400.3.3.2.x86_64",
            "openSUSE Leap 15.4:kubevirt-virt-operator-0.54.0-150400.3.3.2.x86_64",
            "openSUSE Leap 15.4:kubevirt-virtctl-0.54.0-150400.3.3.2.x86_64",
            "openSUSE Leap 15.4:obs-service-kubevirt_containers_meta-0.54.0-150400.3.3.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-09-22T06:46:45Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2022-1996"
    },
    {
      "cve": "CVE-2022-29162",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-29162"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. A bug was found in runc prior to version 1.1.2 where `runc exec --cap` created processes with non-empty inheritable Linux process capabilities, creating an atypical Linux environment and enabling programs with inheritable file capabilities to elevate those capabilities to the permitted set during execve(2). This bug did not affect the container security sandbox as the inheritable set never contained more capabilities than were included in the container\u0027s bounding set. This bug has been fixed in runc 1.1.2. This fix changes `runc exec --cap` behavior such that the additional capabilities granted to the process being executed (as specified via `--cap` arguments) do not include inheritable capabilities. In addition, `runc spec` is changed to not set any inheritable capabilities in the created example OCI spec (`config.json`) file.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Containers 15 SP4:kubevirt-manifests-0.54.0-150400.3.3.2.x86_64",
          "SUSE Linux Enterprise Module for Containers 15 SP4:kubevirt-virtctl-0.54.0-150400.3.3.2.x86_64",
          "openSUSE Leap 15.4:kubevirt-container-disk-0.54.0-150400.3.3.2.x86_64",
          "openSUSE Leap 15.4:kubevirt-manifests-0.54.0-150400.3.3.2.x86_64",
          "openSUSE Leap 15.4:kubevirt-tests-0.54.0-150400.3.3.2.x86_64",
          "openSUSE Leap 15.4:kubevirt-virt-api-0.54.0-150400.3.3.2.x86_64",
          "openSUSE Leap 15.4:kubevirt-virt-controller-0.54.0-150400.3.3.2.x86_64",
          "openSUSE Leap 15.4:kubevirt-virt-handler-0.54.0-150400.3.3.2.x86_64",
          "openSUSE Leap 15.4:kubevirt-virt-launcher-0.54.0-150400.3.3.2.x86_64",
          "openSUSE Leap 15.4:kubevirt-virt-operator-0.54.0-150400.3.3.2.x86_64",
          "openSUSE Leap 15.4:kubevirt-virtctl-0.54.0-150400.3.3.2.x86_64",
          "openSUSE Leap 15.4:obs-service-kubevirt_containers_meta-0.54.0-150400.3.3.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-29162",
          "url": "https://www.suse.com/security/cve/CVE-2022-29162"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199460 for CVE-2022-29162",
          "url": "https://bugzilla.suse.com/1199460"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Containers 15 SP4:kubevirt-manifests-0.54.0-150400.3.3.2.x86_64",
            "SUSE Linux Enterprise Module for Containers 15 SP4:kubevirt-virtctl-0.54.0-150400.3.3.2.x86_64",
            "openSUSE Leap 15.4:kubevirt-container-disk-0.54.0-150400.3.3.2.x86_64",
            "openSUSE Leap 15.4:kubevirt-manifests-0.54.0-150400.3.3.2.x86_64",
            "openSUSE Leap 15.4:kubevirt-tests-0.54.0-150400.3.3.2.x86_64",
            "openSUSE Leap 15.4:kubevirt-virt-api-0.54.0-150400.3.3.2.x86_64",
            "openSUSE Leap 15.4:kubevirt-virt-controller-0.54.0-150400.3.3.2.x86_64",
            "openSUSE Leap 15.4:kubevirt-virt-handler-0.54.0-150400.3.3.2.x86_64",
            "openSUSE Leap 15.4:kubevirt-virt-launcher-0.54.0-150400.3.3.2.x86_64",
            "openSUSE Leap 15.4:kubevirt-virt-operator-0.54.0-150400.3.3.2.x86_64",
            "openSUSE Leap 15.4:kubevirt-virtctl-0.54.0-150400.3.3.2.x86_64",
            "openSUSE Leap 15.4:obs-service-kubevirt_containers_meta-0.54.0-150400.3.3.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Containers 15 SP4:kubevirt-manifests-0.54.0-150400.3.3.2.x86_64",
            "SUSE Linux Enterprise Module for Containers 15 SP4:kubevirt-virtctl-0.54.0-150400.3.3.2.x86_64",
            "openSUSE Leap 15.4:kubevirt-container-disk-0.54.0-150400.3.3.2.x86_64",
            "openSUSE Leap 15.4:kubevirt-manifests-0.54.0-150400.3.3.2.x86_64",
            "openSUSE Leap 15.4:kubevirt-tests-0.54.0-150400.3.3.2.x86_64",
            "openSUSE Leap 15.4:kubevirt-virt-api-0.54.0-150400.3.3.2.x86_64",
            "openSUSE Leap 15.4:kubevirt-virt-controller-0.54.0-150400.3.3.2.x86_64",
            "openSUSE Leap 15.4:kubevirt-virt-handler-0.54.0-150400.3.3.2.x86_64",
            "openSUSE Leap 15.4:kubevirt-virt-launcher-0.54.0-150400.3.3.2.x86_64",
            "openSUSE Leap 15.4:kubevirt-virt-operator-0.54.0-150400.3.3.2.x86_64",
            "openSUSE Leap 15.4:kubevirt-virtctl-0.54.0-150400.3.3.2.x86_64",
            "openSUSE Leap 15.4:obs-service-kubevirt_containers_meta-0.54.0-150400.3.3.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-09-22T06:46:45Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-29162"
    }
  ]
}

CVE-2022-1798 (GCVE-0-2022-1798)

Vulnerability from cvelistv5

Published

2022-09-15 15:45

Modified

2025-04-21 13:49

Severity ?

8.7 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:H

CWE

CWE-20 - Improper Input Validation

Summary

A path traversal vulnerability in KubeVirt versions up to 0.56 (and 0.55.1) on all platforms allows a user able to configure the kubevirt to read arbitrary files on the host filesystem which are publicly readable or which are readable for UID 107 or GID 107. /proc/self/<> is not accessible.

References

►

URL

Tags

https://github.com/kubevirt/kubevirt/security/advisories/GHSA-qv98-3369-g364

x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	Google LLC	Kubevirt	Version: unspecified < 0.55.1 Version: unspecified < 0.56.0

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T00:17:00.704Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/kubevirt/kubevirt/security/advisories/GHSA-qv98-3369-g364"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-1798",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-21T13:39:15.451210Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-21T13:49:58.573Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "platforms": [
            "all"
          ],
          "product": "Kubevirt",
          "vendor": "Google LLC",
          "versions": [
            {
              "lessThan": "0.55.1",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThan": "0.56.0",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Oliver Brooks and James Klopchic of NCC Group"
        },
        {
          "lang": "en",
          "value": "Diane Dubois and Roman Mohr of Google"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A path traversal vulnerability in KubeVirt versions up to 0.56 (and 0.55.1) on all platforms allows a user able to configure the kubevirt to read arbitrary files on the host filesystem which are publicly readable or which are readable for UID 107 or GID 107. /proc/self/\u003c\u003e is not accessible."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 8.7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20 Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-09-15T15:45:12.000Z",
        "orgId": "14ed7db2-1595-443d-9d34-6215bf890778",
        "shortName": "Google"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/kubevirt/kubevirt/security/advisories/GHSA-qv98-3369-g364"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Path Traversal vulnerability in Kubevirt",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@google.com",
          "ID": "CVE-2022-1798",
          "STATE": "PUBLIC",
          "TITLE": "Path Traversal vulnerability in Kubevirt"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Kubevirt",
                      "version": {
                        "version_data": [
                          {
                            "platform": "all",
                            "version_affected": "\u003c",
                            "version_value": "0.55.1"
                          },
                          {
                            "platform": "all",
                            "version_affected": "\u003c",
                            "version_value": "0.56.0"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Google LLC"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Oliver Brooks and James Klopchic of NCC Group"
          },
          {
            "lang": "eng",
            "value": "Diane Dubois and Roman Mohr of Google"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A path traversal vulnerability in KubeVirt versions up to 0.56 (and 0.55.1) on all platforms allows a user able to configure the kubevirt to read arbitrary files on the host filesystem which are publicly readable or which are readable for UID 107 or GID 107. /proc/self/\u003c\u003e is not accessible."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 8.7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-20 Improper Input Validation"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/kubevirt/kubevirt/security/advisories/GHSA-qv98-3369-g364",
              "refsource": "CONFIRM",
              "url": "https://github.com/kubevirt/kubevirt/security/advisories/GHSA-qv98-3369-g364"
            }
          ]
        },
        "source": {
          "discovery": "EXTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "14ed7db2-1595-443d-9d34-6215bf890778",
    "assignerShortName": "Google",
    "cveId": "CVE-2022-1798",
    "datePublished": "2022-09-15T15:45:12.000Z",
    "dateReserved": "2022-05-19T00:00:00.000Z",
    "dateUpdated": "2025-04-21T13:49:58.573Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-29162 (GCVE-0-2022-29162)

Vulnerability from cvelistv5

Published

2022-05-17 00:00

Modified

2025-04-23 18:25

Severity ?

5.9 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CWE

CWE-276 - Incorrect Default Permissions

Summary

runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. A bug was found in runc prior to version 1.1.2 where `runc exec --cap` created processes with non-empty inheritable Linux process capabilities, creating an atypical Linux environment and enabling programs with inheritable file capabilities to elevate those capabilities to the permitted set during execve(2). This bug did not affect the container security sandbox as the inheritable set never contained more capabilities than were included in the container's bounding set. This bug has been fixed in runc 1.1.2. This fix changes `runc exec --cap` behavior such that the additional capabilities granted to the process being executed (as specified via `--cap` arguments) do not include inheritable capabilities. In addition, `runc spec` is changed to not set any inheritable capabilities in the created example OCI spec (`config.json`) file.

References

►

URL

Tags

	https://github.com/opencontainers/runc/security/advisories/GHSA-f3fp-gc8g-vw66
	https://github.com/opencontainers/runc/commit/d04de3a9b72d7a2455c1885fc75eb36d02cd17b5
	https://github.com/opencontainers/runc/releases/tag/v1.1.2
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D77CKD3AXPMU4PMQIQI5Q74SI4JATNND/	vendor-advisory
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GPQU4YC4AAY54JDXGDQHJEYKSXXG5T2Y/	vendor-advisory
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AVPZBV7ISA7QKRPTC7ZXWKMIQI2HZEBB/	vendor-advisory
	https://lists.debian.org/debian-lts-announce/2023/03/msg00023.html	mailing-list

Impacted products

	Vendor	Product	Version
	opencontainers	runc	Version: < 1.1.2

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T06:10:59.359Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/opencontainers/runc/security/advisories/GHSA-f3fp-gc8g-vw66"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/opencontainers/runc/commit/d04de3a9b72d7a2455c1885fc75eb36d02cd17b5"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/opencontainers/runc/releases/tag/v1.1.2"
          },
          {
            "name": "FEDORA-2022-91b747a0d7",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D77CKD3AXPMU4PMQIQI5Q74SI4JATNND/"
          },
          {
            "name": "FEDORA-2022-e980dc71b1",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GPQU4YC4AAY54JDXGDQHJEYKSXXG5T2Y/"
          },
          {
            "name": "FEDORA-2022-d1f55f8fd0",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AVPZBV7ISA7QKRPTC7ZXWKMIQI2HZEBB/"
          },
          {
            "name": "[debian-lts-announce] 20230327 [SECURITY] [DLA 3369-1] runc security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00023.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-29162",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-23T14:07:31.141979Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-23T18:25:42.249Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "runc",
          "vendor": "opencontainers",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 1.1.2"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. A bug was found in runc prior to version 1.1.2 where `runc exec --cap` created processes with non-empty inheritable Linux process capabilities, creating an atypical Linux environment and enabling programs with inheritable file capabilities to elevate those capabilities to the permitted set during execve(2). This bug did not affect the container security sandbox as the inheritable set never contained more capabilities than were included in the container\u0027s bounding set. This bug has been fixed in runc 1.1.2. This fix changes `runc exec --cap` behavior such that the additional capabilities granted to the process being executed (as specified via `--cap` arguments) do not include inheritable capabilities. In addition, `runc spec` is changed to not set any inheritable capabilities in the created example OCI spec (`config.json`) file."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "LOW",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-276",
              "description": "CWE-276: Incorrect Default Permissions",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-03-27T00:00:00.000Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "url": "https://github.com/opencontainers/runc/security/advisories/GHSA-f3fp-gc8g-vw66"
        },
        {
          "url": "https://github.com/opencontainers/runc/commit/d04de3a9b72d7a2455c1885fc75eb36d02cd17b5"
        },
        {
          "url": "https://github.com/opencontainers/runc/releases/tag/v1.1.2"
        },
        {
          "name": "FEDORA-2022-91b747a0d7",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D77CKD3AXPMU4PMQIQI5Q74SI4JATNND/"
        },
        {
          "name": "FEDORA-2022-e980dc71b1",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GPQU4YC4AAY54JDXGDQHJEYKSXXG5T2Y/"
        },
        {
          "name": "FEDORA-2022-d1f55f8fd0",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AVPZBV7ISA7QKRPTC7ZXWKMIQI2HZEBB/"
        },
        {
          "name": "[debian-lts-announce] 20230327 [SECURITY] [DLA 3369-1] runc security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00023.html"
        }
      ],
      "source": {
        "advisory": "GHSA-f3fp-gc8g-vw66",
        "discovery": "UNKNOWN"
      },
      "title": "Incorrect Default Permissions in runc"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2022-29162",
    "datePublished": "2022-05-17T00:00:00.000Z",
    "dateReserved": "2022-04-13T00:00:00.000Z",
    "dateUpdated": "2025-04-23T18:25:42.249Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-1996 (GCVE-0-2022-1996)

Vulnerability from cvelistv5

Published

2022-06-06 00:00

Modified

2024-08-03 00:24

Severity ?

9.3 (Critical) - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N

CWE

CWE-639 - Authorization Bypass Through User-Controlled Key

Summary

Authorization Bypass Through User-Controlled Key in GitHub repository emicklei/go-restful prior to v3.8.0.

References

►

URL

Tags

	https://huntr.dev/bounties/be837427-415c-4d8c-808b-62ce20aa84f1
	https://github.com/emicklei/go-restful/commit/fd3c327a379ce08c68ef18765bdc925f5d9bad10
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OBDD3Q23RCGAGHIXUCWBU6N3S4RNAKXB/	vendor-advisory
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/575BLJ3Y2EQBRNTFR2OSQQ6L2W6UCST3/	vendor-advisory
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/	vendor-advisory
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/	vendor-advisory
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/	vendor-advisory
	https://security.netapp.com/advisory/ntap-20220923-0005/
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W56PP46JVZEKCANBKXFKRVSBBRRMCY6V/	vendor-advisory
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZGQKWD6SE75PFBPFVSZYAKAVXKBZXKWS/	vendor-advisory
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SO5QC2JFW2PXBWAE27OYYYL5SPFUBHTY/	vendor-advisory

Impacted products

	Vendor	Product	Version
	emicklei	emicklei/go-restful	Version: unspecified < v3.8.0

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T00:24:43.677Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://huntr.dev/bounties/be837427-415c-4d8c-808b-62ce20aa84f1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/emicklei/go-restful/commit/fd3c327a379ce08c68ef18765bdc925f5d9bad10"
          },
          {
            "name": "FEDORA-2022-185697ef56",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OBDD3Q23RCGAGHIXUCWBU6N3S4RNAKXB/"
          },
          {
            "name": "FEDORA-2022-589a0ad690",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/575BLJ3Y2EQBRNTFR2OSQQ6L2W6UCST3/"
          },
          {
            "name": "FEDORA-2022-fae3ecee19",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/"
          },
          {
            "name": "FEDORA-2022-ba365d3703",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/"
          },
          {
            "name": "FEDORA-2022-30c5ed5625",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20220923-0005/"
          },
          {
            "name": "FEDORA-2023-6550d9323b",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W56PP46JVZEKCANBKXFKRVSBBRRMCY6V/"
          },
          {
            "name": "FEDORA-2023-4e2068ba5d",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZGQKWD6SE75PFBPFVSZYAKAVXKBZXKWS/"
          },
          {
            "name": "FEDORA-2023-c9b2182a4e",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SO5QC2JFW2PXBWAE27OYYYL5SPFUBHTY/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "emicklei/go-restful",
          "vendor": "emicklei",
          "versions": [
            {
              "lessThan": "v3.8.0",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Authorization Bypass Through User-Controlled Key in GitHub repository emicklei/go-restful prior to v3.8.0."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 9.3,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-639",
              "description": "CWE-639 Authorization Bypass Through User-Controlled Key",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-02-23T00:00:00",
        "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
        "shortName": "@huntrdev"
      },
      "references": [
        {
          "url": "https://huntr.dev/bounties/be837427-415c-4d8c-808b-62ce20aa84f1"
        },
        {
          "url": "https://github.com/emicklei/go-restful/commit/fd3c327a379ce08c68ef18765bdc925f5d9bad10"
        },
        {
          "name": "FEDORA-2022-185697ef56",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OBDD3Q23RCGAGHIXUCWBU6N3S4RNAKXB/"
        },
        {
          "name": "FEDORA-2022-589a0ad690",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/575BLJ3Y2EQBRNTFR2OSQQ6L2W6UCST3/"
        },
        {
          "name": "FEDORA-2022-fae3ecee19",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/"
        },
        {
          "name": "FEDORA-2022-ba365d3703",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/"
        },
        {
          "name": "FEDORA-2022-30c5ed5625",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20220923-0005/"
        },
        {
          "name": "FEDORA-2023-6550d9323b",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W56PP46JVZEKCANBKXFKRVSBBRRMCY6V/"
        },
        {
          "name": "FEDORA-2023-4e2068ba5d",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZGQKWD6SE75PFBPFVSZYAKAVXKBZXKWS/"
        },
        {
          "name": "FEDORA-2023-c9b2182a4e",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SO5QC2JFW2PXBWAE27OYYYL5SPFUBHTY/"
        }
      ],
      "source": {
        "advisory": "be837427-415c-4d8c-808b-62ce20aa84f1",
        "discovery": "EXTERNAL"
      },
      "title": "Authorization Bypass Through User-Controlled Key in emicklei/go-restful"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
    "assignerShortName": "@huntrdev",
    "cveId": "CVE-2022-1996",
    "datePublished": "2022-06-06T00:00:00",
    "dateReserved": "2022-06-06T00:00:00",
    "dateUpdated": "2024-08-03T00:24:43.677Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

suse-su-2022:3333-1

Vulnerability from csaf_suse

CVE-2022-1798 (GCVE-0-2022-1798)

Vulnerability from cvelistv5

CVE-2022-29162 (GCVE-0-2022-29162)

Vulnerability from cvelistv5

CVE-2022-1996 (GCVE-0-2022-1996)

Vulnerability from cvelistv5

Tags

Sightings

Nomenclature