Vulnerability Name:

CVE-2022-0811 (CCN-221989)

Assigned:2022-03-15
Published:2022-03-15
Updated:2022-03-28
Summary:A flaw was found in CRI-O in the way it set kernel options for a pod. This issue allows anyone with rights to deploy a pod on a Kubernetes cluster that uses the CRI-O runtime to achieve a container escape and arbitrary code execution as root on the cluster node, where the malicious pod was deployed.
CVSS v3 Severity:8.8 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
7.7 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): Low
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
8.8 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
7.7 High (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): Low
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:9.0 High (CVSS v2 Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
9.0 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-94
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2022-0811

Source: CCN
Type: Red Hat Bugzilla - Bug 2059475
CVE-2022-0811 CRI-O: Arbitrary code execution in cri-o via abusing “kernel.core_pattern” kernel parameter

Source: MISC
Type: Issue Tracking, Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2059475

Source: XF
Type: UNKNOWN
crio-cve20220811-code-exec(221989)

Source: CCN
Type: CRI-O GIT Repository
cri-o: Arbitrary code execution in cri-o via abusing “kernel.core_pattern” kernel parameter

Source: MISC
Type: Third Party Advisory
https://github.com/cri-o/cri-o/security/advisories/GHSA-6x2m-w449-qwx7

Source: CCN
Type: IBM Security Bulletin 6601143 (Netezza as a Service)
IBM Netezza as a Service is vulnerable to CVE-2022-0811

Source: CCN
Type: IBM Security Bulletin 6611151 (Netezza for Cloud Pak for Data)
IBM Netezza for Cloud Pak for Data is vulnerable to CVE-2022-0811

Vulnerable Configuration:Configuration 1:
  • cpe:/a:kubernetes:cri-o:*:*:*:*:*:*:*:* (Version >= 1.19.0 and < 1.19.6)
  • OR cpe:/a:kubernetes:cri-o:*:*:*:*:*:*:*:* (Version >= 1.20.0 and < 1.20.7)
  • OR cpe:/a:kubernetes:cri-o:*:*:*:*:*:*:*:* (Version >= 1.21.0 and < 1.21.6)
  • OR cpe:/a:kubernetes:cri-o:*:*:*:*:*:*:*:* (Version >= 1.22.0 and < 1.22.3)
  • OR cpe:/a:kubernetes:cri-o:*:*:*:*:*:*:*:* (Version >= 1.23.0 and < 1.23.2)

    • Configuration CCN 1:
  • cpe:/a:kubernetes:cri-o:1.19.0:-:*:*:*:*:*:*
  • OR cpe:/a:kubernetes:cri-o:1.19.5:*:*:*:*:*:*:*
  • OR cpe:/a:kubernetes:cri-o:1.20.6:*:*:*:*:*:*:*
  • OR cpe:/a:kubernetes:cri-o:1.21.5:*:*:*:*:*:*:*
  • OR cpe:/a:kubernetes:cri-o:1.22.2:*:*:*:*:*:*:*
  • OR cpe:/a:kubernetes:cri-o:1.23.1:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    kubernetes cri-o *
    kubernetes cri-o *
    kubernetes cri-o *
    kubernetes cri-o *
    kubernetes cri-o *
    kubernetes cri-o 1.19.0 -
    kubernetes cri-o 1.19.5
    kubernetes cri-o 1.20.6
    kubernetes cri-o 1.21.5
    kubernetes cri-o 1.22.2
    kubernetes cri-o 1.23.1