Bug 2085361 (CVE-2022-1708) - CVE-2022-1708 cri-o: memory exhaustion on the node when access to the kube api
Summary: CVE-2022-1708 cri-o: memory exhaustion on the node when access to the kube api
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2022-1708
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 2093388 2093389 2093390 2093391 2094185 2094186 2094187 2094188 2094189 2094190 2089136 2089569 2089570 2089571 2089572 2089573 2090134 2092917 2093387 2094036 2094037 2094038 2094040 2094041 2094042 2094180 2094181 2094182 2094183 2094184
Blocks: 2085363 2085435
TreeView+ depends on / blocked
 
Reported: 2022-05-13 06:36 UTC by TEJ RATHI
Modified: 2022-06-28 04:15 UTC (History)
24 users (show)

Fixed In Version: cri-o 1.24.1, cri-o 1.23.3, cri-o 1.22.5, cri-o 1.21.8, cri-o 1.20.8, cri-o 1.19.7
Doc Type: If docs needed, set a value
Doc Text:
A vulnerability was found in CRI-O that causes memory or disk space exhaustion on the node for anyone with access to the Kube API. The ExecSync request runs commands in a container and logs the output of the command. This output is then read by CRI-O after command execution, and it is read in a manner where the entire file corresponding to the output of the command is read in. Thus, if the output of the command is large it is possible to exhaust the memory or the disk space of the node when CRI-O reads the output of the command. The highest threat from this vulnerability is system availability.
Clone Of:
Environment:
Last Closed: 2022-06-21 20:36:36 UTC


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2022:4943 0 None None None 2022-06-13 14:37:21 UTC
Red Hat Product Errata RHSA-2022:4947 0 None None None 2022-06-17 05:38:36 UTC
Red Hat Product Errata RHSA-2022:4951 0 None None None 2022-06-16 17:13:41 UTC
Red Hat Product Errata RHSA-2022:4965 0 None None None 2022-06-16 10:01:13 UTC
Red Hat Product Errata RHSA-2022:4972 0 None None None 2022-06-14 11:49:06 UTC
Red Hat Product Errata RHSA-2022:4999 0 None None None 2022-06-21 16:57:35 UTC

Description TEJ RATHI 2022-05-13 06:36:59 UTC
A vulnerability was found in CRI-O that causes memory exhaustion on the node for anyone with access to the kube api. The ExecSync request runs commands in a container and logs the output of the command. This output is then read by cri-o after command execution, and it is read in a manner where the entire file corresponding to the output of the command is read in. Thus, if the output of the command is large it is possible to exhaust the memory of the node when crio reads output of the command.

References: 
https://github.com/cri-o/cri-o/security/advisories/GHSA-fcm2-6c3h-pg6j

Comment 1 TEJ RATHI 2022-05-13 11:17:28 UTC
CVE-2022-1708 Assigned.

Comment 12 Avinash Hanwate 2022-06-07 04:40:39 UTC
Created conmon tracking bugs for this issue:

Affects: fedora-all [bug 2094190]


Created cri-o tracking bugs for this issue:

Affects: fedora-all [bug 2094187]


Created cri-o:1.17/cri-o tracking bugs for this issue:

Affects: fedora-all [bug 2094180]


Created cri-o:1.18/cri-o tracking bugs for this issue:

Affects: fedora-all [bug 2094181]


Created cri-o:1.19/cri-o tracking bugs for this issue:

Affects: fedora-all [bug 2094182]


Created cri-o:1.20/cri-o tracking bugs for this issue:

Affects: fedora-all [bug 2094183]


Created cri-o:1.21/cri-o tracking bugs for this issue:

Affects: fedora-all [bug 2094184]


Created cri-o:1.22/cri-o tracking bugs for this issue:

Affects: fedora-all [bug 2094185]


Created cri-o:1.23/cri-o tracking bugs for this issue:

Affects: fedora-all [bug 2094188]


Created cri-o:1.24/cri-o tracking bugs for this issue:

Affects: fedora-all [bug 2094189]


Created cri-o:nightly/cri-o tracking bugs for this issue:

Affects: fedora-all [bug 2094186]

Comment 14 errata-xmlrpc 2022-06-13 14:37:19 UTC
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.10

Via RHSA-2022:4943 https://access.redhat.com/errata/RHSA-2022:4943

Comment 15 errata-xmlrpc 2022-06-14 11:49:03 UTC
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.9

Via RHSA-2022:4972 https://access.redhat.com/errata/RHSA-2022:4972

Comment 18 errata-xmlrpc 2022-06-16 10:01:10 UTC
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.7

Via RHSA-2022:4965 https://access.redhat.com/errata/RHSA-2022:4965

Comment 19 errata-xmlrpc 2022-06-16 17:13:38 UTC
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.8

Via RHSA-2022:4951 https://access.redhat.com/errata/RHSA-2022:4951

Comment 20 errata-xmlrpc 2022-06-17 05:38:32 UTC
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.6

Via RHSA-2022:4947 https://access.redhat.com/errata/RHSA-2022:4947

Comment 21 errata-xmlrpc 2022-06-21 16:57:33 UTC
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 3.11

Via RHSA-2022:4999 https://access.redhat.com/errata/RHSA-2022:4999

Comment 22 Product Security DevOps Team 2022-06-21 20:36:33 UTC
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2022-1708


Note You need to log in before you can comment on or make changes to this bug.