A vulnerability was found in CRI-O that causes memory or disk space exhaustion on the node for anyone with access to the Kube API. The ExecSync request runs commands in a container and logs the output of the command. This output is then read by CRI-O after command execution and it is read in a manner where the entire file corresponding to the output of the command is read in. Thus if the output of the command is large it is possible to exhaust the memory or the disk space of the node when CRI-O reads the output of the command. The highest threat from this vulnerability is system availability. — CVE-2022-1708

Zusammenfassung

Sicherheitshinweis CVE-2022-1708. A vulnerability was found in CRI-O that causes memory or disk space exhaustion on the node for anyone with access to the Kube API. The… Hersteller: Microsoft. Quelle: MSRC. Risiko: high. CVSS 7.5. Details…

Was tun?

Allgemeine, vorsichtige Schritte (bitte prüfe die offizielle Quelle für Details):

• Priorisiere sofort Patches oder Mitigations (hohes akutes Risiko).
• Identifiziere betroffene Produktversionen und prüfe, ob du betroffen bist.
• Spiele Hersteller-Updates/Patches ein oder setze empfohlene Mitigations um.
• Lies das offizielle Advisory für betroffene Versionen und konkrete Schritte.

Offizielles Advisory

Zur offiziellen Quelle

Mehr dazu

• A Denial of Service flaw was discovered in Elasticsearch. Using this vulnerability an unauthenticated attacker could forcibly shut down an Elasticsearch node with a specifically formatted network request. CVE-2022-23712
• A flaw out of bounds memory write in the Linux kernel UDF file system functionality was found in the way user triggers some file operation which triggers udf_write_fi(). A local user could use this flaw to crash the system or potentially CVE-2022-1943
• A memory leak (out-of-memory) in gif2rgb in util/gif2rgb.c in giflib 5.1.4 allows remote attackers trigger an out of memory exception or denial of service via a gif format file. CVE-2021-40633
• A use after free in the Linux kernel File System notify functionality was found in the way user triggers copy_info_records_to_user() call to fail in copy_event_to_user(). A local user could use this flaw to crash the system or potentially escalate their privileges on the system. CVE-2022-1998
• A use of incorrectly resolved name vulnerability fixed in 7.83.1 might remove the wrong file when `--no-clobber` is used together with `--remove-on-error`. CVE-2022-27778
• An information disclosure vulnerability exists in curl 7.65.0 to 7.82.0 are vulnerable that by using an IPv6 address that was in the connection pool but with a different zone id it could reuse a connection instead. CVE-2022-27775
• An issue was discovered in the Linux kernel through 5.18.3 on powerpc 32-bit platforms. There is a buffer overflow in ptrace PEEKUSER and POKEUSER (aka PEEKUSR and POKEUSR) when accessing floating point registers. CVE-2022-32981
• AV1 Video Extension Remote Code Execution Vulnerability CVE-2022-30167
• AV1 Video Extension Remote Code Execution Vulnerability CVE-2022-30193
• Azure RTOS GUIX Studio Information Disclosure Vulnerability CVE-2022-30180
• Azure RTOS GUIX Studio Remote Code Execution Vulnerability CVE-2022-30177
• Azure RTOS GUIX Studio Remote Code Execution Vulnerability CVE-2022-30178