Published: 07/06/2022 Updated: 24/07/2023

CVSS v2 Base Score: 7.8 | Impact Score: 6.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 694

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C

A vulnerability was found in CRI-O that causes memory or disk space exhaustion on the node for anyone with access to the Kube API. The ExecSync request runs commands in a container and logs the output of the command. This output is then read by CRI-O after command execution, and it is read in a manner where the entire file corresponding to the output of the command is read in. Thus, if the output of the command is large it is possible to exhaust the memory or the disk space of the node when CRI-O reads the output of the command. The highest threat from this vulnerability is system availability.

Vulnerable Product	Search on Vulmon	Subscribe to Product
kubernetes cri-o
kubernetes cri-o 1.24.0
fedoraproject fedora 36
redhat enterprise linux 7.0
redhat openshift container platform 3.11
redhat enterprise linux 8.0
redhat openshift container platform 4.0
redhat enterprise linux 9.0
redhat openshift container platform 4.10
redhat openshift container platform 4.9

概述 Moderate: OpenShift Container Platform 4753 packages and security update 类型/严重性 Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems 标题 Red Hat OpenShift Container Platform release 4753 is now available withupdates to pack ...

Synopsis Moderate: OpenShift Container Platform 4843 packages and security update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic Red Hat OpenShift Container Platform release 4843 is now available withupdates to packag ...

Synopsis Important: OpenShift Container Platform 4659 security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic Red Hat OpenShift Container Platform release 4659 is now available withupdates to packages and imag ...

Synopsis Moderate: container-tools:30 security update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for the container-tools:30 module is now available for Red Hat Enterprise Linux 8Red Hat Product Security h ...

Synopsis Moderate: OpenShift Container Platform 4938 packages and security update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic Red Hat OpenShift Container Platform release 4938 is now available withupdates to packag ...

Synopsis Moderate: OpenShift Container Platform 41018 packages and security update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic Red Hat OpenShift Container Platform release 41018 is now available withupdates to pack ...

Synopsis Moderate: OpenShift Container Platform 311715 packages and security update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic Red Hat OpenShift Container Platform release 311715 is now available withupdates to pa ...

Synopsis Moderate: container-tools:40 security and bug fix update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for the container-tools:40 module is now available for Red Hat Enterprise Linux 8Red Hat Produc ...

概述 Moderate: Red Hat Advanced Cluster Management 2311 security updates and bug fixes 类型/严重性 Security Advisory: Moderate 标题 Red Hat Advanced Cluster Management for Kubernetes 2311 generalavailability release images, which provide security updates and bug fixesRed Hat Product Security has rated this update as having a sec ...

Synopsis Moderate: container-tools:rhel8 security, bug fix, and enhancement update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for the container-tools:rhel8 module is now available for Red Hat Enterprise Linu ...

A vulnerability was found in CRI-O that causes memory or disk space exhaustion on the node for anyone with access to the Kube API The ExecSync request runs commands in a container and logs the output of the command This output is then read by CRI-O after command execution, and it is read in a manner where the entire file corresponding to the outp ...

CWE-770 https://github.com/cri-o/cri-o/commit/f032cf649ecc7e0c46718bd9e7814bfb317cb544 https://bugzilla.redhat.com/show_bug.cgi?id=2085361 https://github.com/cri-o/cri-o/security/advisories/GHSA-fcm2-6c3h-pg6j https://nvd.nist.gov https://access.redhat.com/errata/RHSA-2022:4965 https://access.redhat.com/security/cve/cve-2022-1708

Get Started

CVE-2022-1708

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect