CVE-2022-23471
published 2022-12-07CVE-2022-23471: containerd is an open source container runtime. A bug was found in containerd's CRI implementation where a user can exhaust memory on the host. In the CRI…
PriorityP335medium6.5CVSS 3.1
AVNACLPRLUINSUCNINAH
EPSS
1.02%
59.1th percentile
containerd is an open source container runtime. A bug was found in containerd's CRI implementation where a user can exhaust memory on the host. In the CRI stream server, a goroutine is launched to handle terminal resize events if a TTY is requested. If the user's process fails to launch due to, for example, a faulty command, the goroutine will be stuck waiting to send without a receiver, resulting in a memory leak. Kubernetes and crictl can both be configured to use containerd's CRI implementation and the stream server is used for handling container IO. This bug has been fixed in containerd 1.6.12 and 1.5.16. Users should update to these versions to resolve the issue. Users unable to upgrade should ensure that only trusted images and commands are used and that only trusted users have permissions to execute commands in running containers.
Affected
16 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| containerd | containerd | < 1.5.16 | 1.5.16 |
| containerd | containerd | — | — |
| containerd | containerd | >= 0 < 1.4.13~ds1-1~deb11u3 | 1.4.13~ds1-1~deb11u3 |
| containerd | containerd | >= 0 < 1.6.12~ds1-1 | 1.6.12~ds1-1 |
| containerd | containerd | >= 0 < 1.6.12~ds1-1 | 1.6.12~ds1-1 |
| containerd | containerd | >= 0 < 1.6.12~ds1-1 | 1.6.12~ds1-1 |
| containerd | containerd | >= 0 < 1.5.9-0ubuntu1~18.04.2 | 1.5.9-0ubuntu1~18.04.2 |
| containerd | containerd | >= 0 < 1.5.9-0ubuntu1~20.04.6 | 1.5.9-0ubuntu1~20.04.6 |
| containerd | containerd | >= 0 < 1.5.9-0ubuntu3.1 | 1.5.9-0ubuntu3.1 |
| debian | containerd | < containerd 1.6.12~ds1-1 (bookworm) | containerd 1.6.12~ds1-1 (bookworm) |
| github.com | containerd_containerd | >= 0 < 1.5.16 | 1.5.16 |
| github.com | containerd_containerd | >= 1.6.0 < 1.6.12 | 1.6.12 |
| linuxfoundation | containerd | < 1.5.16 | 1.5.16 |
| linuxfoundation | containerd | >= 1.6.0 < 1.6.12 | 1.6.12 |
| msrc | cbl2_moby-containerd_1.6.12-3_on_cbl_mariner_2.0 | — | — |
| msrc | cm1_moby-containerd_1.6.6+azure-6_on_cbl_mariner_1.0 | — | — |
CVSS provenance
nvdv3.16.5MEDIUMCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
osv6.5MEDIUM
vendor_msrc6.5MEDIUM
vendor_debian5.7MEDIUM
vendor_ubuntu5.7MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA ICS
Siemens SCALANCE XCM-/XRM-300
cisa_ics·2024-02-15
Siemens SCALANCE XCM-/XRM-300
ICS Advisory
##
Siemens SCALANCE XCM-/XRM-300
Release DateFebruary 15, 2024
Alert CodeICSA-24-046-11
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v3 9.8
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Siemens
- Equipment: SCALANCE XCM-/XRM-300
- Vulnerabilities: Out-of-bounds Write, Incorrect Type Conversion or Cast, Improper Verification of Cryptographic Signature, Improper Access Control, Improper Authentication, Missing Encryption
Ubuntu
containerd vulnerabilities
vendor_ubuntu·2022-12-13·CVSS 5.7
CVE-2022-24778 [MEDIUM] containerd vulnerabilities
Title: containerd vulnerabilities
Summary: Several security issues were fixed in containerd.
It was discovered that containerd incorrectly handled memory
when receiving certain faulty Exec or ExecSync commands. A remote
attacker could possibly use this issue to cause a denial of service
or crash containerd. (CVE-2022-23471, CVE-2022-31030)
It was discovered that containerd incorrectly set up inheritable file
capabilities. An attacker could possibly use this issue to escalate
privileges inside a container. This issue only affected Ubuntu 18.04 LTS,
Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-24769)
It was discovered that containerd incorrectly handled access to encrypted
container images when using imgcrypt library. A remote attacker could
possibly use this issue to access encrypte
Microsoft
containerd CRI stream server: Host memory exhaustion through terminal resize goroutine leak
vendor_msrc·2022-12-13·CVSS 6.5
CVE-2022-23471 [MEDIUM] CWE-401 containerd CRI stream server: Host memory exhaustion through terminal resize goroutine leak
containerd CRI stream server: Host memory exhaustion through terminal resize goroutine leak
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See this blog post for more information. If impact to additional products is identified, we will update the CVE to reflect this.
Mariner: Mariner
GitHub_M: GitHub_M
Customer Action Required: Yes
Remediation: CBL-
Debian
CVE-2022-23471: containerd - containerd is an open source container runtime. A bug was found in containerd's ...
vendor_debian·2022·CVSS 5.7
CVE-2022-23471 [MEDIUM] CVE-2022-23471: containerd - containerd is an open source container runtime. A bug was found in containerd's ...
containerd is an open source container runtime. A bug was found in containerd's CRI implementation where a user can exhaust memory on the host. In the CRI stream server, a goroutine is launched to handle terminal resize events if a TTY is requested. If the user's process fails to launch due to, for example, a faulty command, the goroutine will be stuck waiting to send without a receiver, resulting in a memory leak. Kubernetes and crictl can both be configured to use containerd's CRI implementation and the stream server is used for handling container IO. This bug has been fixed in containerd 1.6.12 and 1.5.16. Users should update to these versions to resolve the issue. Users unable to upgrade should ensure that only trusted images and commands are used and that only trusted users have permi
OSV
containerd CRI stream server vulnerable to host memory exhaustion via terminal in github.com/containerd/containerd
osv·2024-08-21
CVE-2022-23471 containerd CRI stream server vulnerable to host memory exhaustion via terminal in github.com/containerd/containerd
containerd CRI stream server vulnerable to host memory exhaustion via terminal in github.com/containerd/containerd
containerd CRI stream server vulnerable to host memory exhaustion via terminal in github.com/containerd/containerd
OSV
containerd vulnerabilities
osv·2022-12-13·CVSS 6.5
CVE-2022-23471 [MEDIUM] containerd vulnerabilities
containerd vulnerabilities
It was discovered that containerd incorrectly handled memory
when receiving certain faulty Exec or ExecSync commands. A remote
attacker could possibly use this issue to cause a denial of service
or crash containerd. (CVE-2022-23471, CVE-2022-31030)
It was discovered that containerd incorrectly set up inheritable file
capabilities. An attacker could possibly use this issue to escalate
privileges inside a container. This issue only affected Ubuntu 18.04 LTS,
Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-24769)
It was discovered that containerd incorrectly handled access to encrypted
container images when using imgcrypt library. A remote attacker could
possibly use this issue to access encrypted images from other users.
This issue only affected Ubuntu 18.04 LT
OSV
containerd CRI stream server vulnerable to host memory exhaustion via terminal
osv·2022-12-07
CVE-2022-23471 [MEDIUM] containerd CRI stream server vulnerable to host memory exhaustion via terminal
containerd CRI stream server vulnerable to host memory exhaustion via terminal
### Impact
A bug was found in containerd's CRI implementation where a user can exhaust memory on the host. In the CRI stream server, a goroutine is launched to handle terminal resize events if a TTY is requested. If the user's process fails to launch due to, for example, a faulty command, the goroutine will be stuck waiting to send without a receiver, resulting in a memory leak. Kubernetes and crictl can both be configured to use containerd's CRI implementation and the stream server is used for handling container IO.
### Patches
This bug has been fixed in containerd 1.6.12 and 1.5.16. Users should update to these versions to resolve the issue.
### Workarounds
Ensure that only trusted images and commands ar
GHSA
containerd CRI stream server vulnerable to host memory exhaustion via terminal
ghsa·2022-12-07
CVE-2022-23471 [MEDIUM] CWE-400 containerd CRI stream server vulnerable to host memory exhaustion via terminal
containerd CRI stream server vulnerable to host memory exhaustion via terminal
### Impact
A bug was found in containerd's CRI implementation where a user can exhaust memory on the host. In the CRI stream server, a goroutine is launched to handle terminal resize events if a TTY is requested. If the user's process fails to launch due to, for example, a faulty command, the goroutine will be stuck waiting to send without a receiver, resulting in a memory leak. Kubernetes and crictl can both be configured to use containerd's CRI implementation and the stream server is used for handling container IO.
### Patches
This bug has been fixed in containerd 1.6.12 and 1.5.16. Users should update to these versions to resolve the issue.
### Workarounds
Ensure that only trusted images and commands ar
OSV
CVE-2022-23471: containerd is an open source container runtime
osv·2022-12-07·CVSS 6.5
CVE-2022-23471 [MEDIUM] CVE-2022-23471: containerd is an open source container runtime
containerd is an open source container runtime. A bug was found in containerd's CRI implementation where a user can exhaust memory on the host. In the CRI stream server, a goroutine is launched to handle terminal resize events if a TTY is requested. If the user's process fails to launch due to, for example, a faulty command, the goroutine will be stuck waiting to send without a receiver, resulting in a memory leak. Kubernetes and crictl can both be configured to use containerd's CRI implementation and the stream server is used for handling container IO. This bug has been fixed in containerd 1.6.12 and 1.5.16. Users should update to these versions to resolve the issue. Users unable to upgrade should ensure that only trusted images and commands are used and that only trusted users have permi
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://github.com/containerd/containerd/commit/a05d175400b1145e5e6a735a6710579d181e7fb0https://github.com/containerd/containerd/security/advisories/GHSA-2qjp-425j-52j9https://security.gentoo.org/glsa/202401-31https://github.com/containerd/containerd/commit/a05d175400b1145e5e6a735a6710579d181e7fb0https://github.com/containerd/containerd/security/advisories/GHSA-2qjp-425j-52j9https://security.gentoo.org/glsa/202401-31
2022-12-07
Published