Bug 2082274 (CVE-2022-1706)

Summary: CVE-2022-1706 ignition: configs are accessible from unprivileged containers in VMs running on VMware products
Product: [Other] Security Response Reporter: Todd Cullum <tcullum>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED ERRATA QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedCC: andrew.jeddeloh, bgilbert, bmontgom, dornelas, dustymabe, eparis, jburrell, jligon, jokerman, jonathan, mcascell, me, miabbott, mnguyen, mrussell, nstielau, rhcos-triage, skunkerk, sponnaga, tmhoang, trathi, travier, vkumar, walters
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: ignition 2.14.0 Doc Type: If docs needed, set a value
Doc Text:
A vulnerability was found in Ignition, where ignition configs are accessible from unprivileged containers in VMs running on VMware products. This issue is only relevant in user environments where the Ignition config contains secrets.
 Story Points: ---
Clone Of: Environment:
Last Closed: 2022-12-07 01:33:10 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 2082422, 2082423, 2082424, 2083008    
Bug Blocks: 2082273, 2085366    

Description Todd Cullum 2022-05-05 17:48:47 UTC 
ignition configs are accessible from unprivileged containers in VMs running on VMware products. This issue is only relevant in user environments where the Ignition config
contains secrets.  We don't recommend putting secrets in the Ignition
config, but presumably some users do it anyway.

References:
https://github.com/coreos/ignition/issues/1300
https://github.com/coreos/ignition/pull/1350
Comment 1 TEJ RATHI 2022-05-06 06:38:07 UTC 
Created ignition tracking bugs for this issue:

Affects: epel-7 [bug 2082423]
Affects: fedora-all [bug 2082422]
Comment 4 TEJ RATHI 2022-05-13 07:15:36 UTC 
CVE-2022-1706 assigned.
Comment 7 errata-xmlrpc 2022-08-10 10:09:27 UTC 
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.11
  Ironic content for Red Hat OpenShift Container Platform 4.11

Via RHSA-2022:5068 https://access.redhat.com/errata/RHSA-2022:5068
Comment 10 errata-xmlrpc 2022-11-15 10:21:46 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2022:8126 https://access.redhat.com/errata/RHSA-2022:8126
Comment 12 Product Security DevOps Team 2022-12-07 01:33:07 UTC 
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2022-1706