CVE-2022-0811
CRI-O: Arbitrary code execution in cri-o via abusing “kernel.core_pattern” kernel parameter
Severity Score
8.8
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
A flaw was found in CRI-O in the way it set kernel options for a pod. This issue allows anyone with rights to deploy a pod on a Kubernetes cluster that uses the CRI-O runtime to achieve a container escape and arbitrary code execution as root on the cluster node, where the malicious pod was deployed.
Se ha encontrado un fallo en CRI-O en la forma de establecer las opciones del kernel para un pod. Este problema permite a cualquier persona con derechos desplegar un pod en un clúster Kubernetes que usa el tiempo de ejecución de CRI-O para lograr un escape del contenedor y la ejecución de código arbitrario como root en el nodo del clúster, donde fue desplegado el pod malicioso
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2022-03-01 CVE Reserved
- 2022-03-16 CVE Published
- 2023-10-07 EPSS Updated
- 2024-08-02 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-94: Improper Control of Generation of Code ('Code Injection')
CAPEC
References (3)
| URL | Tag | Source |
|---|---|---|
| https://github.com/cri-o/cri-o/security/advisories/GHSA-6x2m-w449-qwx7 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=2059475 | 2022-03-22 | |
| https://access.redhat.com/security/cve/CVE-2022-0811 | 2022-03-22 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Kubernetes Search vendor "Kubernetes" | Cri-o Search vendor "Kubernetes" for product "Cri-o" | >= 1.19.0 < 1.19.6 Search vendor "Kubernetes" for product "Cri-o" and version " >= 1.19.0 < 1.19.6" | - |
Affected
| ||||||
| Kubernetes Search vendor "Kubernetes" | Cri-o Search vendor "Kubernetes" for product "Cri-o" | >= 1.20.0 < 1.20.7 Search vendor "Kubernetes" for product "Cri-o" and version " >= 1.20.0 < 1.20.7" | - |
Affected
| ||||||
| Kubernetes Search vendor "Kubernetes" | Cri-o Search vendor "Kubernetes" for product "Cri-o" | >= 1.21.0 < 1.21.6 Search vendor "Kubernetes" for product "Cri-o" and version " >= 1.21.0 < 1.21.6" | - |
Affected
| ||||||
| Kubernetes Search vendor "Kubernetes" | Cri-o Search vendor "Kubernetes" for product "Cri-o" | >= 1.22.0 < 1.22.3 Search vendor "Kubernetes" for product "Cri-o" and version " >= 1.22.0 < 1.22.3" | - |
Affected
| ||||||
| Kubernetes Search vendor "Kubernetes" | Cri-o Search vendor "Kubernetes" for product "Cri-o" | >= 1.23.0 < 1.23.2 Search vendor "Kubernetes" for product "Cri-o" and version " >= 1.23.0 < 1.23.2" | - |
Affected
| ||||||