Anolis OS update for container-tools:3.0 module
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2022-1227 |
| CWE-ID | CWE-264 |
| Exploitation vector | Network |
| Public exploit | Public exploit code for vulnerability #1 is available. |
| Vulnerable software |
Anolis OS Operating systems & Components / Operating system podman-docker Operating systems & Components / Operating system package or component container-selinux Operating systems & Components / Operating system package or component podman-tests Operating systems & Components / Operating system package or component podman-remote Operating systems & Components / Operating system package or component podman-plugins Operating systems & Components / Operating system package or component podman-catatonit Operating systems & Components / Operating system package or component podman Operating systems & Components / Operating system package or component crun Operating systems & Components / Operating system package or component buildah-tests Operating systems & Components / Operating system package or component buildah Operating systems & Components / Operating system package or component toolbox-tests Operating systems & Components / Operating system package or component toolbox Operating systems & Components / Operating system package or component skopeo-tests Operating systems & Components / Operating system package or component skopeo Operating systems & Components / Operating system package or component runc Operating systems & Components / Operating system package or component oci-seccomp-bpf-hook Operating systems & Components / Operating system package or component containers-common Operating systems & Components / Operating system package or component fuse-overlayfs Operating systems & Components / Operating system package or component conmon Operating systems & Components / Operating system package or component udica Operating systems & Components / Operating system package or component cockpit-podman Operating systems & Components / Operating system package or component slirp4netns Operating systems & Components / Operating system package or component python3-criu Operating systems & Components / Operating system package or component libslirp-devel Operating systems & Components / Operating system package or component libslirp Operating systems & Components / Operating system package or component criu Operating systems & Components / Operating system package or component crit Operating systems & Components / Operating system package or component containernetworking-plugins Operating systems & Components / Operating system package or component |
| Vendor | OpenAnolis |
Security Bulletin
This security bulletin contains one medium risk vulnerability.
1) Security restrictions bypass
EUVDB-ID: #VU62468
Risk: Medium
CVSSv4.0: 7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Green]
CVE-ID: CVE-2022-1227
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to escalate privileges on the system.
The vulnerability exists due to improper privilege management when running podman top on a container made from a maliciously-crafted image and using a user namespace. An attacker with full access to the container can execute arbitrary code in the host context.
Install updates from vendor's repository.
Vulnerable software versionsAnolis OS: 8
podman-docker: before 3.0.1-9
container-selinux: before 2.178.0-2
podman-tests: before 3.0.1-9
podman-remote: before 3.0.1-9
podman-plugins: before 3.0.1-9
podman-catatonit: before 3.0.1-9
podman: before 3.0.1-9
crun: before 0.18-3
buildah-tests: before 1.19.9-3
buildah: before 1.19.9-3
toolbox-tests: before 0.0.99.3-1
toolbox: before 0.0.99.3-1
skopeo-tests: before 1.2.4-1
skopeo: before 1.2.4-1
runc: before 1.0.0-73.rc95
oci-seccomp-bpf-hook: before 1.2.0-3
containers-common: before 1.2.4-1
fuse-overlayfs: before 1.4.0-2
conmon: before 2.0.26-1
udica: before 0.2.4-1
cockpit-podman: before 29-2
slirp4netns: before 1.1.8-1
python3-criu: before 3.15-1
libslirp-devel: before 4.3.1-1
libslirp: before 4.3.1-1
criu: before 3.15-1
crit: before 3.15-1
containernetworking-plugins: before 0.9.1-1
CPE2.3- cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
- cpe:2.3:a:openanolis:podman-docker:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:a:openanolis:container-selinux:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:a:openanolis:podman-tests:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:a:openanolis:podman-remote:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:a:openanolis:podman-plugins:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:a:openanolis:podman-catatonit:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:a:openanolis:podman:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:a:openanolis:crun:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:a:openanolis:buildah-tests:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:a:openanolis:buildah:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:a:openanolis:toolbox-tests:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:a:openanolis:toolbox:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:a:openanolis:skopeo-tests:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:a:openanolis:skopeo:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:a:openanolis:runc:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:a:openanolis:oci-seccomp-bpf-hook:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:a:openanolis:containers-common:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:a:openanolis:fuse-overlayfs:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:a:openanolis:conmon:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:a:openanolis:udica:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:a:openanolis:cockpit-podman:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:a:openanolis:slirp4netns:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:a:openanolis:python3-criu:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:a:openanolis:libslirp-devel:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:a:openanolis:libslirp:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:a:openanolis:criu:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:a:openanolis:crit:*:*:*:*:*:anolis_os:*:*
- cpe:2.3:a:openanolis:containernetworking-plugins:*:*:*:*:*:anolis_os:*:*
https://anas.openanolis.cn/errata/detail/ANSA-2022:0441
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
