OCP cri-o execve Capability Elevation via Missing CVE-2022-27652 Fix (OCP<4.9.48)
CVE-2022-3466 Published on September 15, 2023
Cri-o: security regression of cve-2022-27652
The version of cri-o as released for Red Hat OpenShift Container Platform 4.9.48, 4.10.31, and 4.11.6 via RHBA-2022:6316, RHBA-2022:6257, and RHBA-2022:6658, respectively, included an incorrect version of cri-o missing the fix for CVE-2022-27652, which was previously fixed in OCP 4.9.41 and 4.10.12 via RHBA-2022:5433 and RHSA-2022:1600. This issue could allow an attacker with access to programs with inheritable file capabilities to elevate those capabilities to the permitted set when execve(2) runs. For more details, see https://access.redhat.com/security/cve/CVE-2022-27652.
Vulnerability Analysis
CVE-2022-3466 is exploitable with local system access, requires user interaction and a small amount of user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to be low. considered to have a small impact on confidentiality and integrity and availability.
Timeline
Reported to Red Hat.
Made public. 5 days later.
Weakness Type
Incorrect Default Permissions
During installation, installed file permissions are set to allow anyone to modify those files.
Products Associated with CVE-2022-3466
stack.watch emails you whenever new vulnerabilities are published in Kubernetes Cri O or Red Hat Openshift Container Platform. Just hit a watch button to start following.
Affected Versions
Red Hat OpenShift Container Platform 4.12:- Version 0:1.25.1-5.rhaos4.12.git6005903.el9 and below * is unaffected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.