CVE-2022-29162

CWE-276Incorrect Default Permissions12 documents8 sources
Severity
7.8HIGH
EPSS
0.1%
top 68.05%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
5
Opencontainers RuncYouki-dev YoukiGithub.com Opencontainers/runc+2 more
Timeline
PublishedMay 17
Latest updateMar 21

Description

runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. A bug was found in runc prior to version 1.1.2 where `runc exec --cap` created processes with non-empty inheritable Linux process capabilities, creating an atypical Linux environment and enabling programs with inheritable file capabilities to elevate those capabilities to the permitted set during execve(2). This bug did not affect the container security sandbox as the inheritable set never contain

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:LExploitability: 2.5 | Impact: 3.4

Affected Packages5 packages

CVEListV5opencontainers/runc< 1.1.2
Debianrunc< 1.0.0~rc93+ds1-5+deb11u2+3
CVEListV5youki-dev/youki< 0.5.3

Also affects: Fedora 34, 35, 36

Patches

Patch: github.comPatch: github.com

🔴Vulnerability Details

6
OSV
Default inheritable capabilities for linux container should be empty in github.com/opencontainers/runc2024-08-21
OSV
runc vulnerabilities2023-05-23
GHSA
Default inheritable capabilities for linux container should be empty2022-05-24
OSV
Default inheritable capabilities for linux container should be empty2022-05-24
OSV
CVE-2022-29162: runc is a CLI tool for spawning and running containers on Linux according to the OCI specification2022-05-17

📋Vendor Advisories

5
Red Hat
libcontainer: Libcontainer is affected by capabilities elevation2025-03-21
Ubuntu
runC vulnerabilities2023-05-23
Red Hat
runc: incorrect handling of inheritable capabilities2022-05-13
Microsoft
Incorrect Default Permissions in runc2022-05-10
Debian
CVE-2022-29162: runc - runc is a CLI tool for spawning and running containers on Linux according to the...2022
CVE-2022-29162 (HIGH CVSS 7.8) | runc is a CLI tool for spawning and | cvebase.io