Описание
Security update for kubevirt, virt-api-container, virt-controller-container, virt-handler-container, virt-launcher-container, virt-libguestfs-tools-container, virt-operator-container
This update for kubevirt, virt-api-container, virt-controller-container, virt-handler-container, virt-launcher-container, virt-libguestfs-tools-container, virt-operator-container fixes the following issues:
Security issues fixed:
- CVE-2022-1798: Fix arbitrary file read on the host from KubeVirt VMs (bsc#1202516)
Security issues fixed in vendored dependencies:
- CVE-2022-1996: Fixed go-restful CORS bypass (bsc#1200528)
- CVE-2022-29162: Fixed runc incorrect handling of inheritable capabilities in default configuration (bsc#1199460)
Other fixes:
- Pack nft rules and nsswitch.conf for virt-handler
- Only create 1MiB-aligned disk images (bsc#1199603)
- Avoid to return nil failure message
- Use semantic equality comparison
- Allow to configure utility containers for update test
- Install nftables to manage network rules
- Install tar to allow kubectl cp ...
- Symlink nsswitch.conf and nft rules to proper locations
- Enable USB redirection support for QEMU
- Install vim-small instread of vim
- Drop libvirt-daemon-driver-storage-core
- Install ethtool and gawk (bsc#1199392)
- Use non-versioned appliance to avoid redundant rpm query
- Explicitly state the dependency on kubevirt main package
Список пакетов
SUSE Linux Enterprise Module for Containers 15 SP3
openSUSE Leap 15.3
Ссылки
- Link for SUSE-SU-2022:3321-1
- E-Mail link for SUSE-SU-2022:3321-1
- SUSE Security Ratings
- SUSE Bug 1199392
- SUSE Bug 1199460
- SUSE Bug 1199603
- SUSE Bug 1200528
- SUSE Bug 1202516
- SUSE CVE CVE-2022-1798 page
- SUSE CVE CVE-2022-1996 page
- SUSE CVE CVE-2022-29162 page
Описание
A path traversal vulnerability in KubeVirt versions up to 0.56 (and 0.55.1) on all platforms allows a user able to configure the kubevirt to read arbitrary files on the host filesystem which are publicly readable or which are readable for UID 107 or GID 107. /proc/self/<> is not accessible.
Затронутые продукты
Ссылки
- CVE-2022-1798
- SUSE Bug 1202516
Описание
Authorization Bypass Through User-Controlled Key in GitHub repository emicklei/go-restful prior to v3.8.0.
Затронутые продукты
Ссылки
- CVE-2022-1996
- SUSE Bug 1200528
Описание
runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. A bug was found in runc prior to version 1.1.2 where `runc exec --cap` created processes with non-empty inheritable Linux process capabilities, creating an atypical Linux environment and enabling programs with inheritable file capabilities to elevate those capabilities to the permitted set during execve(2). This bug did not affect the container security sandbox as the inheritable set never contained more capabilities than were included in the container's bounding set. This bug has been fixed in runc 1.1.2. This fix changes `runc exec --cap` behavior such that the additional capabilities granted to the process being executed (as specified via `--cap` arguments) do not include inheritable capabilities. In addition, `runc spec` is changed to not set any inheritable capabilities in the created example OCI spec (`config.json`) file.
Затронутые продукты
Ссылки
- CVE-2022-29162
- SUSE Bug 1199460