CVE-2022-2995
published 2022-09-19CVE-2022-2995: Incorrect handling of the supplementary groups in the CRI-O container engine might lead to sensitive information disclosure or possible data modification if an…
PriorityP432high7.1CVSS 3.1
AVLACLPRLUINSUCHIHAN
EPSS
0.37%
28.9th percentile
Incorrect handling of the supplementary groups in the CRI-O container engine might lead to sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to execute a binary code in that container.
Affected
9 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| github.com | containerd_containerd | >= 0 < 1.5.18 | 1.5.18 |
| github.com | containerd_containerd | >= 1.6.0 < 1.6.18 | 1.6.18 |
| github.com | cri-o_cri-o | >= 0 < 1.25.0 | 1.25.0 |
| kubernetes | cri-o | — | — |
| kubernetes | cri-o | — | — |
| msrc | cbl2_cri-o_1.21.7-2_on_cbl_mariner_2.0 | — | — |
| msrc | cbl2_cri-o_1.22.3-14_on_cbl_mariner_2.0 | — | — |
| msrc | cbl_mariner_2.0_arm | — | — |
| msrc | cbl_mariner_2.0_x64 | — | — |
CVSS provenance
nvdv3.17.1HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
ghsa7.1HIGH
osv7.1HIGH
vendor_msrc7.1HIGH
vendor_redhat7.1HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
CRI-O incorrect handling of supplementary groups may lead to sensitive information disclosure in github.com/cri-o/cri-o
osv·2024-08-21
CVE-2022-2995 CRI-O incorrect handling of supplementary groups may lead to sensitive information disclosure in github.com/cri-o/cri-o
CRI-O incorrect handling of supplementary groups may lead to sensitive information disclosure in github.com/cri-o/cri-o
CRI-O incorrect handling of supplementary groups may lead to sensitive information disclosure in github.com/cri-o/cri-o
OSV
Supplementary groups are not set up properly in github.com/containerd/containerd
osv·2023-02-16·CVSS 7.1
CVE-2023-25173 [HIGH] Supplementary groups are not set up properly in github.com/containerd/containerd
Supplementary groups are not set up properly in github.com/containerd/containerd
### Impact
A bug was found in containerd where supplementary groups are not set up properly inside a container. If an attacker has direct access to a container and manipulates their supplementary group access, they may be able to use supplementary group access to bypass primary group restrictions in some cases, potentially gaining access to sensitive information or gaining the ability to execute code in that container.
Downstream applications that use the containerd client library may be affected as well.
### Patches
This bug has been fixed in containerd v1.6.18 and v.1.5.18. Users should update to these versions and recreate containers to resolve this issue. Users who rely on a downstream application that
GHSA
Supplementary groups are not set up properly in github.com/containerd/containerd
ghsa·2023-02-16·CVSS 7.1
CVE-2023-25173 [HIGH] CWE-269 Supplementary groups are not set up properly in github.com/containerd/containerd
Supplementary groups are not set up properly in github.com/containerd/containerd
### Impact
A bug was found in containerd where supplementary groups are not set up properly inside a container. If an attacker has direct access to a container and manipulates their supplementary group access, they may be able to use supplementary group access to bypass primary group restrictions in some cases, potentially gaining access to sensitive information or gaining the ability to execute code in that container.
Downstream applications that use the containerd client library may be affected as well.
### Patches
This bug has been fixed in containerd v1.6.18 and v.1.5.18. Users should update to these versions and recreate containers to resolve this issue. Users who rely on a downstream application that
GHSA
CRI-O incorrect handling of supplementary groups may lead to sensitive information disclosure
ghsa·2022-09-20
CVE-2022-2995 [HIGH] CWE-284 CRI-O incorrect handling of supplementary groups may lead to sensitive information disclosure
CRI-O incorrect handling of supplementary groups may lead to sensitive information disclosure
Incorrect handling of the supplementary groups in the CRI-O container engine might lead to sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to execute a binary code in that container.
OSV
CRI-O incorrect handling of supplementary groups may lead to sensitive information disclosure
osv·2022-09-20
CVE-2022-2995 [HIGH] CRI-O incorrect handling of supplementary groups may lead to sensitive information disclosure
CRI-O incorrect handling of supplementary groups may lead to sensitive information disclosure
Incorrect handling of the supplementary groups in the CRI-O container engine might lead to sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to execute a binary code in that container.
Red Hat
kernel: bnxt_en: Avoid order-5 memory allocation for TPA data
vendor_redhat·2025-05-02·CVSS 5.5
CVE-2023-53134 [MEDIUM] kernel: bnxt_en: Avoid order-5 memory allocation for TPA data
kernel: bnxt_en: Avoid order-5 memory allocation for TPA data
In the Linux kernel, the following vulnerability has been resolved:
bnxt_en: Avoid order-5 memory allocation for TPA data
The driver needs to keep track of all the possible concurrent TPA (GRO/LRO)
completions on the aggregation ring. On P5 chips, the maximum number
of concurrent TPA is 256 and the amount of memory we allocate is order-5
on systems using 4K pages. Memory allocation failure has been reported:
NetworkManager: page allocation failure: order:5, mode:0x40dc0(GFP_KERNEL|__GFP_COMP|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
CPU: 15 PID: 2995 Comm: NetworkManager Kdump: loaded Not tainted 5.10.156 #1
Hardware name: Dell Inc. PowerEdge R660/0M1CC5, BIOS 0.2.25 08/12/2022
Call Trace:
dump_stack+0x57/0x6e
warn
Microsoft
Incorrect handling of the supplementary groups in the CRI-O container engine might lead to sensitive information disclosure or possible data modification if an attacker has direct access to the affect
vendor_msrc·2022-09-13·CVSS 7.1
CVE-2022-2995 [HIGH] CWE-732 Incorrect handling of the supplementary groups in the CRI-O container engine might lead to sensitive information disclosure or possible data modification if an attacker has direct access to the affect
Incorrect handling of the supplementary groups in the CRI-O container engine might lead to sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to execute a binary code in that container.
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSA
Red Hat
cri-o: incorrect handling of the supplementary groups
vendor_redhat·2022-08-25·CVSS 7.1
CVE-2022-2995 [HIGH] CWE-284 cri-o: incorrect handling of the supplementary groups
cri-o: incorrect handling of the supplementary groups
Incorrect handling of the supplementary groups in the CRI-O container engine might lead to sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to execute a binary code in that container.
Incorrect handling of the supplementary groups in the CRI-O container engine might lead to sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to execute a binary code in that container.
Package: cri-o (Red Hat OpenShift Container Platform 3.11) - Out of support scope
No detection rules found.
No public exploits indexed.
2022-09-19
Published