Описание
containerd is a container runtime. A time-of-check to time-of-use (TOCTOU) vulnerability was found in containerd v2.1.0. While unpacking an image during an image pull, specially crafted container images could arbitrarily modify the host file system. The only affected version of containerd is 2.1.0. Other versions of containerd are not affected. This bug has been fixed in containerd 2.1.1. Users should update to this version to resolve the issue. As a workaround, ensure that only trusted images are used and that only trusted users have permissions to import images.
A flaw was found in containerd. This vulnerability allows arbitrary modification of the host file system via a time-of-check to time-of-use (TOCTOU) race condition that occurs during image unpacking. Specifically, when pulling and unpacking a specially crafted container image, an attacker could exploit the window between validation and use of file paths to perform unauthorized file system operations on the host. Successful exploitation requires the attacker to supply a malicious image and may require elevated privileges.
Отчет
The vulnerable component does not affect any product shipped by Red Hat.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Assisted Installer for Red Hat OpenShift Container Platform 2 | rhai-tech-preview/assisted-installer-agent-rhel8 | Not affected | ||
| Logging Subsystem for Red Hat OpenShift | openshift-logging/logging-loki-rhel9 | Not affected | ||
| OpenShift API for Data Protection | oadp/oadp-mustgather-rhel9 | Not affected | ||
| OpenShift Developer Tools and Services | ocp-tools-4/jenkins-agent-base-rhel8 | Not affected | ||
| OpenShift Developer Tools and Services | ocp-tools-4/jenkins-rhel8 | Not affected | ||
| OpenShift Developer Tools and Services | openshift4/ose-jenkins | Not affected | ||
| Red Hat Advanced Cluster Management for Kubernetes 2 | rhacm2/multicluster-operators-subscription-rhel9 | Not affected | ||
| Red Hat Advanced Cluster Security 4 | advanced-cluster-security/rhacs-central-db-rhel8 | Not affected | ||
| Red Hat Advanced Cluster Security 4 | advanced-cluster-security/rhacs-main-rhel8 | Not affected | ||
| Red Hat Advanced Cluster Security 4 | advanced-cluster-security/rhacs-rhel8-operator | Not affected |
Показывать по
Ссылки на источники
Дополнительная информация
Статус:
EPSS
8.4 High
CVSS3
Связанные уязвимости
containerd is a container runtime. A time-of-check to time-of-use (TOCTOU) vulnerability was found in containerd v2.1.0. While unpacking an image during an image pull, specially crafted container images could arbitrarily modify the host file system. The only affected version of containerd is 2.1.0. Other versions of containerd are not affected. This bug has been fixed in containerd 2.1.1. Users should update to this version to resolve the issue. As a workaround, ensure that only trusted images are used and that only trusted users have permissions to import images.
containerd is a container runtime. A time-of-check to time-of-use (TOCTOU) vulnerability was found in containerd v2.1.0. While unpacking an image during an image pull, specially crafted container images could arbitrarily modify the host file system. The only affected version of containerd is 2.1.0. Other versions of containerd are not affected. This bug has been fixed in containerd 2.1.1. Users should update to this version to resolve the issue. As a workaround, ensure that only trusted images are used and that only trusted users have permissions to import images.
containerd is a container runtime. A time-of-check to time-of-use (TOC ...
EPSS
8.4 High
CVSS3