CVE-2022-0811Code Injection in Kubernetes Cri-o

CWE-94Code Injection9 documents8 sources
Severity
8.8HIGHNVD
EPSS
21.3%
top 4.30%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Github.com Cri-o Cri-oKubernetes Cri-o
Timeline
PublishedMar 16
Latest updateAug 21

Description

A flaw was found in CRI-O in the way it set kernel options for a pod. This issue allows anyone with rights to deploy a pod on a Kubernetes cluster that uses the CRI-O runtime to achieve a container escape and arbitrary code execution as root on the cluster node, where the malicious pod was deployed.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages3 packages

NVDkubernetes/cri-o1.19.01.19.6+4
CVEListV5kubernetes/cri-ocri-o 1.24.0, cri-o 1.23.2, cri-o 1.22.3, cri-o 1.21.6, cri-o 1.20.7, cri-o 1.19.6
Gogithub.com/cri-o_cri-o1.19.01.19.6+4

🔴Vulnerability Details

4
OSV
Code Injection in CRI-O in github.com/cri-o/cri-o2024-08-21
CVEList
CVE-2022-0811: A flaw was found in CRI-O in the way it set kernel options for a pod2022-03-16
OSV
Code Injection in CRI-O2022-03-15
GHSA
Code Injection in CRI-O2022-03-15

📋Vendor Advisories

2
Red Hat
CRI-O: Arbitrary code execution in cri-o via abusing “kernel.core_pattern” kernel parameter2022-03-15
Microsoft
A flaw was found in CRI-O in the way it set kernel options for a pod. This issue allows anyone with rights to deploy a pod on a Kubernetes cluster that uses the CRI-O runtime to achieve a container es2022-03-08

🕵️Threat Intelligence

1
Crowdstrike
cr8escape: New Vulnerability in CRI-O Container Engine (CVE-2022-0811)
CVE-2022-0811 — Code Injection in Kubernetes Cri-o | cvebase