CVE-2022-29162
Description
runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. A bug was found in runc prior to version 1.1.2 where runc exec --cap created processes with non-empty inheritable Linux process capabilities, creating an atypical Linux environment and enabling programs with inheritable file capabilities to elevate those capabilities to the permitted set during execve(2). This bug did not affect the container security sandbox as the inheritable set never contained more capabilities than were included in the containers bounding set. This bug has been fixed in runc 1.1.2. This fix changes runc exec --cap behavior such that the additional capabilities granted to the process being executed (as specified via --cap arguments) do not include inheritable capabilities. In addition, runc spec is changed to not set any inheritable capabilities in the created example OCI spec (config.json) file.
Risk Information
Base Score
7.8
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.127
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| (RHSA-2022:7457) container-tools:rhel8 security, bug fix, and enhancement update aardvark-dns-1.1.0-4.module+el8.7.0+16772+33343656.x86_64.rpm | Linux |
| (RHSA-2022:7457) container-tools:rhel8 security, bug fix, and enhancement update buildah-1.27.0-2.module+el8.7.0+16772+33343656.x86_64.rpm | Linux |
| (RHSA-2022:7457) container-tools:rhel8 security, bug fix, and enhancement update buildah-debugsource-1.27.0-2.module+el8.7.0+16772+33343656.x86_64.rpm | Linux |
| (RHSA-2022:7457) container-tools:rhel8 security, bug fix, and enhancement update buildah-tests-1.27.0-2.module+el8.7.0+16772+33343656.x86_64.rpm | Linux |
| (RHSA-2022:7457) container-tools:rhel8 security, bug fix, and enhancement update cockpit-podman-53-1.module+el8.7.0+16772+33343656.noarch.rpm | Linux |
| (RHSA-2022:7457) container-tools:rhel8 security, bug fix, and enhancement update conmon-2.1.4-1.module+el8.7.0+16772+33343656.x86_64.rpm | Linux |
| (RHSA-2022:7457) container-tools:rhel8 security, bug fix, and enhancement update conmon-debugsource-2.1.4-1.module+el8.7.0+16772+33343656.x86_64.rpm | Linux |
| (RHSA-2022:7457) container-tools:rhel8 security, bug fix, and enhancement update container-selinux-2.189.0-1.module+el8.7.0+16772+33343656.noarch.rpm | Linux |
| (RHSA-2022:7457) container-tools:rhel8 security, bug fix, and enhancement update containernetworking-plugins-1.1.1-3.module+el8.7.0+16772+33343656.x86_64.rpm | Linux |
| (RHSA-2022:7457) container-tools:rhel8 security, bug fix, and enhancement update containernetworking-plugins-debugsource-1.1.1-3.module+el8.7.0+16772+33343656.x86_64.rpm | Linux |
| (RHSA-2022:7457) container-tools:rhel8 security, bug fix, and enhancement update containers-common-1-40.module+el8.7.0+16772+33343656.x86_64.rpm | Linux |
| (RHSA-2022:7457) container-tools:rhel8 security, bug fix, and enhancement update crit-3.15-3.module+el8.7.0+16772+33343656.x86_64.rpm | Linux |
| (RHSA-2022:7457) container-tools:rhel8 security, bug fix, and enhancement update criu-3.15-3.module+el8.7.0+16772+33343656.x86_64.rpm | Linux |
| (RHSA-2022:7457) container-tools:rhel8 security, bug fix, and enhancement update criu-debugsource-3.15-3.module+el8.7.0+16772+33343656.x86_64.rpm | Linux |
| (RHSA-2022:7457) container-tools:rhel8 security, bug fix, and enhancement update criu-devel-3.15-3.module+el8.7.0+16772+33343656.x86_64.rpm | Linux |
| (RHSA-2022:7457) container-tools:rhel8 security, bug fix, and enhancement update criu-libs-3.15-3.module+el8.7.0+16772+33343656.x86_64.rpm | Linux |
| (RHSA-2022:7457) container-tools:rhel8 security, bug fix, and enhancement update crun-1.5-1.module+el8.7.0+16772+33343656.x86_64.rpm | Linux |
| (RHSA-2022:7457) container-tools:rhel8 security, bug fix, and enhancement update crun-debugsource-1.5-1.module+el8.7.0+16772+33343656.x86_64.rpm | Linux |
| (RHSA-2022:7457) container-tools:rhel8 security, bug fix, and enhancement update fuse-overlayfs-1.9-1.module+el8.7.0+16772+33343656.x86_64.rpm | Linux |
| (RHSA-2022:7457) container-tools:rhel8 security, bug fix, and enhancement update fuse-overlayfs-debugsource-1.9-1.module+el8.7.0+16772+33343656.x86_64.rpm | Linux |
| (RHSA-2022:7457) container-tools:rhel8 security, bug fix, and enhancement update libslirp-4.4.0-1.module+el8.7.0+16772+33343656.x86_64.rpm | Linux |
| (RHSA-2022:7457) container-tools:rhel8 security, bug fix, and enhancement update libslirp-debugsource-4.4.0-1.module+el8.7.0+16772+33343656.x86_64.rpm | Linux |
| (RHSA-2022:7457) container-tools:rhel8 security, bug fix, and enhancement update libslirp-devel-4.4.0-1.module+el8.7.0+16772+33343656.x86_64.rpm | Linux |
| (RHSA-2022:7457) container-tools:rhel8 security, bug fix, and enhancement update netavark-1.1.0-6.module+el8.7.0+16772+33343656.x86_64.rpm | Linux |
| (RHSA-2022:7457) container-tools:rhel8 security, bug fix, and enhancement update oci-seccomp-bpf-hook-1.2.6-1.module+el8.7.0+16772+33343656.x86_64.rpm | Linux |
| (RHSA-2022:7457) container-tools:rhel8 security, bug fix, and enhancement update oci-seccomp-bpf-hook-debugsource-1.2.6-1.module+el8.7.0+16772+33343656.x86_64.rpm | Linux |
| (RHSA-2022:7457) container-tools:rhel8 security, bug fix, and enhancement update podman-4.2.0-1.module+el8.7.0+16772+33343656.x86_64.rpm | Linux |
| (RHSA-2022:7457) container-tools:rhel8 security, bug fix, and enhancement update podman-catatonit-4.2.0-1.module+el8.7.0+16772+33343656.x86_64.rpm | Linux |
| (RHSA-2022:7457) container-tools:rhel8 security, bug fix, and enhancement update podman-debugsource-4.2.0-1.module+el8.7.0+16772+33343656.x86_64.rpm | Linux |
| (RHSA-2022:7457) container-tools:rhel8 security, bug fix, and enhancement update podman-docker-4.2.0-1.module+el8.7.0+16772+33343656.noarch.rpm | Linux |
| (RHSA-2022:7457) container-tools:rhel8 security, bug fix, and enhancement update podman-gvproxy-4.2.0-1.module+el8.7.0+16772+33343656.x86_64.rpm | Linux |
| (RHSA-2022:7457) container-tools:rhel8 security, bug fix, and enhancement update podman-plugins-4.2.0-1.module+el8.7.0+16772+33343656.x86_64.rpm | Linux |
| (RHSA-2022:7457) container-tools:rhel8 security, bug fix, and enhancement update podman-remote-4.2.0-1.module+el8.7.0+16772+33343656.x86_64.rpm | Linux |
| (RHSA-2022:7457) container-tools:rhel8 security, bug fix, and enhancement update podman-tests-4.2.0-1.module+el8.7.0+16772+33343656.x86_64.rpm | Linux |
| (RHSA-2022:7457) container-tools:rhel8 security, bug fix, and enhancement update python3-criu-3.15-3.module+el8.7.0+16772+33343656.x86_64.rpm | Linux |
| (RHSA-2022:7457) container-tools:rhel8 security, bug fix, and enhancement update python3-podman-4.2.0-1.module+el8.7.0+16772+33343656.noarch.rpm | Linux |
| (RHSA-2022:7457) container-tools:rhel8 security, bug fix, and enhancement update runc-1.1.4-1.module+el8.7.0+16772+33343656.x86_64.rpm | Linux |
| (RHSA-2022:7457) container-tools:rhel8 security, bug fix, and enhancement update runc-debugsource-1.1.4-1.module+el8.7.0+16772+33343656.x86_64.rpm | Linux |
| (RHSA-2022:7457) container-tools:rhel8 security, bug fix, and enhancement update skopeo-1.9.2-1.module+el8.7.0+16772+33343656.x86_64.rpm | Linux |
| (RHSA-2022:7457) container-tools:rhel8 security, bug fix, and enhancement update skopeo-debugsource-1.9.2-1.module+el8.7.0+16772+33343656.x86_64.rpm | Linux |
| (RHSA-2022:7457) container-tools:rhel8 security, bug fix, and enhancement update skopeo-tests-1.9.2-1.module+el8.7.0+16772+33343656.x86_64.rpm | Linux |
| (RHSA-2022:7457) container-tools:rhel8 security, bug fix, and enhancement update slirp4netns-1.2.0-2.module+el8.7.0+16772+33343656.x86_64.rpm | Linux |
| (RHSA-2022:7457) container-tools:rhel8 security, bug fix, and enhancement update slirp4netns-debugsource-1.2.0-2.module+el8.7.0+16772+33343656.x86_64.rpm | Linux |
| (RHSA-2022:7457) container-tools:rhel8 security, bug fix, and enhancement update toolbox-0.0.99.3-0.6.module+el8.7.0+16772+33343656.x86_64.rpm | Linux |
| (RHSA-2022:7457) container-tools:rhel8 security, bug fix, and enhancement update toolbox-debugsource-0.0.99.3-0.6.module+el8.7.0+16772+33343656.x86_64.rpm | Linux |
| (RHSA-2022:7457) container-tools:rhel8 security, bug fix, and enhancement update toolbox-tests-0.0.99.3-0.6.module+el8.7.0+16772+33343656.x86_64.rpm | Linux |
| (RHSA-2022:7457) container-tools:rhel8 security, bug fix, and enhancement update udica-0.2.6-3.module+el8.7.0+16772+33343656.noarch.rpm | Linux |
| (RHSA-2022:7469) container-tools:4.0 security and bug fix update aardvark-dns-1.0.1-35.module+el8.7.0+16520+2db5507d.x86_64.rpm | Linux |
| (RHSA-2022:7469) container-tools:4.0 security and bug fix update buildah-1.24.5-2.module+el8.7.0+16520+2db5507d.x86_64.rpm | Linux |
| (RHSA-2022:7469) container-tools:4.0 security and bug fix update buildah-debugsource-1.24.5-2.module+el8.7.0+16520+2db5507d.x86_64.rpm | Linux |
| (RHSA-2022:7469) container-tools:4.0 security and bug fix update buildah-tests-1.24.5-2.module+el8.7.0+16520+2db5507d.x86_64.rpm | Linux |
| (RHSA-2022:7469) container-tools:4.0 security and bug fix update cockpit-podman-46-1.module+el8.7.0+16520+2db5507d.noarch.rpm | Linux |
| (RHSA-2022:7469) container-tools:4.0 security and bug fix update conmon-2.1.4-1.module+el8.7.0+16520+2db5507d.x86_64.rpm | Linux |
| (RHSA-2022:7469) container-tools:4.0 security and bug fix update conmon-debugsource-2.1.4-1.module+el8.7.0+16520+2db5507d.x86_64.rpm | Linux |
| (RHSA-2022:7469) container-tools:4.0 security and bug fix update container-selinux-2.189.0-1.module+el8.7.0+16520+2db5507d.noarch.rpm | Linux |
| (RHSA-2022:7469) container-tools:4.0 security and bug fix update containernetworking-plugins-1.1.1-2.module+el8.7.0+16520+2db5507d.x86_64.rpm | Linux |
| (RHSA-2022:7469) container-tools:4.0 security and bug fix update containernetworking-plugins-debugsource-1.1.1-2.module+el8.7.0+16520+2db5507d.x86_64.rpm | Linux |
| (RHSA-2022:7469) container-tools:4.0 security and bug fix update containers-common-1-35.module+el8.7.0+16520+2db5507d.x86_64.rpm | Linux |
| (RHSA-2022:7469) container-tools:4.0 security and bug fix update crit-3.15-3.module+el8.7.0+16520+2db5507d.x86_64.rpm | Linux |
| (RHSA-2022:7469) container-tools:4.0 security and bug fix update criu-3.15-3.module+el8.7.0+16520+2db5507d.x86_64.rpm | Linux |
| (RHSA-2022:7469) container-tools:4.0 security and bug fix update criu-debugsource-3.15-3.module+el8.7.0+16520+2db5507d.x86_64.rpm | Linux |
| (RHSA-2022:7469) container-tools:4.0 security and bug fix update criu-devel-3.15-3.module+el8.7.0+16520+2db5507d.x86_64.rpm | Linux |
| (RHSA-2022:7469) container-tools:4.0 security and bug fix update criu-libs-3.15-3.module+el8.7.0+16520+2db5507d.x86_64.rpm | Linux |
| (RHSA-2022:7469) container-tools:4.0 security and bug fix update crun-1.5-1.module+el8.7.0+16520+2db5507d.x86_64.rpm | Linux |
| (RHSA-2022:7469) container-tools:4.0 security and bug fix update crun-debugsource-1.5-1.module+el8.7.0+16520+2db5507d.x86_64.rpm | Linux |
| (RHSA-2022:7469) container-tools:4.0 security and bug fix update fuse-overlayfs-1.9-1.module+el8.7.0+16520+2db5507d.x86_64.rpm | Linux |
| (RHSA-2022:7469) container-tools:4.0 security and bug fix update fuse-overlayfs-debugsource-1.9-1.module+el8.7.0+16520+2db5507d.x86_64.rpm | Linux |
| (RHSA-2022:7469) container-tools:4.0 security and bug fix update libslirp-4.4.0-1.module+el8.7.0+16520+2db5507d.x86_64.rpm | Linux |
| (RHSA-2022:7469) container-tools:4.0 security and bug fix update libslirp-debugsource-4.4.0-1.module+el8.7.0+16520+2db5507d.x86_64.rpm | Linux |
| (RHSA-2022:7469) container-tools:4.0 security and bug fix update libslirp-devel-4.4.0-1.module+el8.7.0+16520+2db5507d.x86_64.rpm | Linux |
| (RHSA-2022:7469) container-tools:4.0 security and bug fix update netavark-1.0.1-35.module+el8.7.0+16520+2db5507d.x86_64.rpm | Linux |
| (RHSA-2022:7469) container-tools:4.0 security and bug fix update oci-seccomp-bpf-hook-1.2.5-1.module+el8.7.0+16520+2db5507d.x86_64.rpm | Linux |
| (RHSA-2022:7469) container-tools:4.0 security and bug fix update oci-seccomp-bpf-hook-debugsource-1.2.5-1.module+el8.7.0+16520+2db5507d.x86_64.rpm | Linux |
| (RHSA-2022:7469) container-tools:4.0 security and bug fix update podman-4.0.2-8.module+el8.7.0+16520+2db5507d.x86_64.rpm | Linux |
| (RHSA-2022:7469) container-tools:4.0 security and bug fix update podman-catatonit-4.0.2-8.module+el8.7.0+16520+2db5507d.x86_64.rpm | Linux |
| (RHSA-2022:7469) container-tools:4.0 security and bug fix update podman-debugsource-4.0.2-8.module+el8.7.0+16520+2db5507d.x86_64.rpm | Linux |
| (RHSA-2022:7469) container-tools:4.0 security and bug fix update podman-docker-4.0.2-8.module+el8.7.0+16520+2db5507d.noarch.rpm | Linux |
| (RHSA-2022:7469) container-tools:4.0 security and bug fix update podman-gvproxy-4.0.2-8.module+el8.7.0+16520+2db5507d.x86_64.rpm | Linux |
| (RHSA-2022:7469) container-tools:4.0 security and bug fix update podman-plugins-4.0.2-8.module+el8.7.0+16520+2db5507d.x86_64.rpm | Linux |
| (RHSA-2022:7469) container-tools:4.0 security and bug fix update podman-remote-4.0.2-8.module+el8.7.0+16520+2db5507d.x86_64.rpm | Linux |
| (RHSA-2022:7469) container-tools:4.0 security and bug fix update podman-tests-4.0.2-8.module+el8.7.0+16520+2db5507d.x86_64.rpm | Linux |
| (RHSA-2022:7469) container-tools:4.0 security and bug fix update python3-criu-3.15-3.module+el8.7.0+16520+2db5507d.x86_64.rpm | Linux |
| (RHSA-2022:7469) container-tools:4.0 security and bug fix update python3-podman-4.0.0-1.module+el8.7.0+16520+2db5507d.noarch.rpm | Linux |
| (RHSA-2022:7469) container-tools:4.0 security and bug fix update runc-1.1.4-1.module+el8.7.0+16520+2db5507d.x86_64.rpm | Linux |
| (RHSA-2022:7469) container-tools:4.0 security and bug fix update runc-debugsource-1.1.4-1.module+el8.7.0+16520+2db5507d.x86_64.rpm | Linux |
| (RHSA-2022:7469) container-tools:4.0 security and bug fix update skopeo-1.6.2-5.module+el8.7.0+16520+2db5507d.x86_64.rpm | Linux |
| (RHSA-2022:7469) container-tools:4.0 security and bug fix update skopeo-debugsource-1.6.2-5.module+el8.7.0+16520+2db5507d.x86_64.rpm | Linux |
| (RHSA-2022:7469) container-tools:4.0 security and bug fix update skopeo-tests-1.6.2-5.module+el8.7.0+16520+2db5507d.x86_64.rpm | Linux |
| (RHSA-2022:7469) container-tools:4.0 security and bug fix update slirp4netns-1.1.8-2.module+el8.7.0+16520+2db5507d.x86_64.rpm | Linux |
| (RHSA-2022:7469) container-tools:4.0 security and bug fix update slirp4netns-debugsource-1.1.8-2.module+el8.7.0+16520+2db5507d.x86_64.rpm | Linux |
| (RHSA-2022:7469) container-tools:4.0 security and bug fix update toolbox-0.0.99.3-0.5.module+el8.7.0+16520+2db5507d.x86_64.rpm | Linux |
| (RHSA-2022:7469) container-tools:4.0 security and bug fix update toolbox-debugsource-0.0.99.3-0.5.module+el8.7.0+16520+2db5507d.x86_64.rpm | Linux |
| (RHSA-2022:7469) container-tools:4.0 security and bug fix update toolbox-tests-0.0.99.3-0.5.module+el8.7.0+16520+2db5507d.x86_64.rpm | Linux |
| (RHSA-2022:7469) container-tools:4.0 security and bug fix update udica-0.2.6-3.module+el8.7.0+16520+2db5507d.noarch.rpm | Linux |
| (RHSA-2022:8090) runc security update runc-1.1.4-1.el9.x86_64.rpm | Linux |
| (RHSA-2022:8090) runc security update runc-debugsource-1.1.4-1.el9.x86_64.rpm | Linux |
| runc security update (RLSA-2022:8090) runc-1.1.4-1.el9_1.x86_64.rpm | Linux |
| (RHSA-2022:7457)Moderate: security, bug fix, and enhancement update buildah-debuginfo-1.27.0-2.module+el8.7.0+16772+33343656.x86_64.rpm | Linux |
| (RHSA-2022:7457)Moderate: security, bug fix, and enhancement update buildah-tests-debuginfo-1.27.0-2.module+el8.7.0+16772+33343656.x86_64.rpm | Linux |
| (RHSA-2022:7457)Moderate: security, bug fix, and enhancement update conmon-debuginfo-2.1.4-1.module+el8.7.0+16772+33343656.x86_64.rpm | Linux |
| (RHSA-2022:7457)Moderate: security, bug fix, and enhancement update containernetworking-plugins-debuginfo-1.1.1-3.module+el8.7.0+16772+33343656.x86_64.rpm | Linux |
| (RHSA-2022:7457)Moderate: security, bug fix, and enhancement update criu-debuginfo-3.15-3.module+el8.7.0+16772+33343656.x86_64.rpm | Linux |
| (RHSA-2022:7457)Moderate: security, bug fix, and enhancement update criu-libs-debuginfo-3.15-3.module+el8.7.0+16772+33343656.x86_64.rpm | Linux |
| (RHSA-2022:7457)Moderate: security, bug fix, and enhancement update crun-debuginfo-1.5-1.module+el8.7.0+16772+33343656.x86_64.rpm | Linux |
| (RHSA-2022:7457)Moderate: security, bug fix, and enhancement update fuse-overlayfs-debuginfo-1.9-1.module+el8.7.0+16772+33343656.x86_64.rpm | Linux |
| (RHSA-2022:7457)Moderate: security, bug fix, and enhancement update libslirp-debuginfo-4.4.0-1.module+el8.7.0+16772+33343656.x86_64.rpm | Linux |
| (RHSA-2022:7457)Moderate: security, bug fix, and enhancement update oci-seccomp-bpf-hook-debuginfo-1.2.6-1.module+el8.7.0+16772+33343656.x86_64.rpm | Linux |
| (RHSA-2022:7457)Moderate: security, bug fix, and enhancement update podman-catatonit-debuginfo-4.2.0-1.module+el8.7.0+16772+33343656.x86_64.rpm | Linux |
| (RHSA-2022:7457)Moderate: security, bug fix, and enhancement update podman-debuginfo-4.2.0-1.module+el8.7.0+16772+33343656.x86_64.rpm | Linux |
| (RHSA-2022:7457)Moderate: security, bug fix, and enhancement update podman-gvproxy-debuginfo-4.2.0-1.module+el8.7.0+16772+33343656.x86_64.rpm | Linux |
| (RHSA-2022:7457)Moderate: security, bug fix, and enhancement update podman-plugins-debuginfo-4.2.0-1.module+el8.7.0+16772+33343656.x86_64.rpm | Linux |
| (RHSA-2022:7457)Moderate: security, bug fix, and enhancement update podman-remote-debuginfo-4.2.0-1.module+el8.7.0+16772+33343656.x86_64.rpm | Linux |
| (RHSA-2022:7457)Moderate: security, bug fix, and enhancement update runc-debuginfo-1.1.4-1.module+el8.7.0+16772+33343656.x86_64.rpm | Linux |
| (RHSA-2022:7457)Moderate: security, bug fix, and enhancement update skopeo-debuginfo-1.9.2-1.module+el8.7.0+16772+33343656.x86_64.rpm | Linux |
| (RHSA-2022:7457)Moderate: security, bug fix, and enhancement update slirp4netns-debuginfo-1.2.0-2.module+el8.7.0+16772+33343656.x86_64.rpm | Linux |
| (RHSA-2022:7457)Moderate: security, bug fix, and enhancement update toolbox-debuginfo-0.0.99.3-0.6.module+el8.7.0+16772+33343656.x86_64.rpm | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234