EulerOS 2.0 SP9 containerd vulnerability (CVE-2022-23471) memory exhaustio
Reporter | Title | Published | Views | Family All 101 |
---|---|---|---|---|
Veracode | Denial Of Service (DoS) | 8 Dec 202203:54 | โ | veracode |
NVD | CVE-2022-23471 | 7 Dec 202223:15 | โ | nvd |
Debian CVE | CVE-2022-23471 | 7 Dec 202223:15 | โ | debiancve |
Redos | ROS-20221223-01 | 23 Dec 202200:00 | โ | redos |
OpenVAS | Huawei EulerOS: Security Advisory for docker-engine (EulerOS-SA-2023-1521) | 20 Mar 202300:00 | โ | openvas |
OpenVAS | Huawei EulerOS: Security Advisory for containerd (EulerOS-SA-2023-1462) | 9 Mar 202300:00 | โ | openvas |
OpenVAS | Huawei EulerOS: Security Advisory for docker-engine (EulerOS-SA-2023-1546) | 20 Mar 202300:00 | โ | openvas |
OpenVAS | Huawei EulerOS: Security Advisory for containerd (EulerOS-SA-2023-1580) | 23 Mar 202300:00 | โ | openvas |
OpenVAS | Huawei EulerOS: Security Advisory for containerd (EulerOS-SA-2023-1570) | 23 Mar 202300:00 | โ | openvas |
OpenVAS | SUSE: Security Advisory (SUSE-SU-2023:1628-1) | 28 Mar 202300:00 | โ | openvas |
Source | Link |
---|---|
cve | www.cve.mitre.org/cgi-bin/cvename.cgi |
nessus | www.nessus.org/u |
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
include('compat.inc');
if (description)
{
script_id(172285);
script_version("1.0");
script_set_attribute(attribute:"plugin_modification_date", value:"2023/03/08");
script_cve_id("CVE-2022-23471");
script_name(english:"EulerOS 2.0 SP9 : containerd (EulerOS-SA-2023-1462)");
script_set_attribute(attribute:"synopsis", value:
"The remote EulerOS host is missing a security update.");
script_set_attribute(attribute:"description", value:
"According to the versions of the containerd package installed, the EulerOS installation on the remote host is affected
by the following vulnerabilities :
- containerd is an open source container runtime. A bug was found in containerd's CRI implementation where a
user can exhaust memory on the host. In the CRI stream server, a goroutine is launched to handle terminal
resize events if a TTY is requested. If the user's process fails to launch due to, for example, a faulty
command, the goroutine will be stuck waiting to send without a receiver, resulting in a memory leak.
Kubernetes and crictl can both be configured to use containerd's CRI implementation and the stream server
is used for handling container IO. This bug has been fixed in containerd 1.6.12 and 1.5.16. Users should
update to these versions to resolve the issue. Users unable to upgrade should ensure that only trusted
images and commands are used and that only trusted users have permissions to execute commands in running
containers. (CVE-2022-23471)
Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security
advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional
issues.");
# https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2023-1462
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?514d89eb");
script_set_attribute(attribute:"solution", value:
"Update the affected containerd packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2022-23471");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2022/12/07");
script_set_attribute(attribute:"patch_publication_date", value:"2023/03/08");
script_set_attribute(attribute:"plugin_publication_date", value:"2023/03/08");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:docker-engine");
script_set_attribute(attribute:"cpe", value:"cpe:/o:huawei:euleros:2.0");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Huawei Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/EulerOS/release", "Host/EulerOS/rpm-list", "Host/EulerOS/sp");
script_exclude_keys("Host/EulerOS/uvp_version");
exit(0);
}
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var _release = get_kb_item("Host/EulerOS/release");
if (isnull(_release) || _release !~ "^EulerOS") audit(AUDIT_OS_NOT, "EulerOS");
var uvp = get_kb_item("Host/EulerOS/uvp_version");
if (_release !~ "^EulerOS release 2\.0(\D|$)") audit(AUDIT_OS_NOT, "EulerOS 2.0 SP9");
var sp = get_kb_item("Host/EulerOS/sp");
if (isnull(sp) || sp !~ "^(9)$") audit(AUDIT_OS_NOT, "EulerOS 2.0 SP9");
if (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, "EulerOS 2.0 SP9", "EulerOS UVP " + uvp);
if (!get_kb_item("Host/EulerOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "aarch64" >!< cpu && "x86" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "EulerOS", cpu);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "x86" >!< cpu) audit(AUDIT_ARCH_NOT, "i686 / x86_64", cpu);
var flag = 0;
var pkgs = [
"docker-engine-18.09.0.129-1.h66.31.18.eulerosv2r9"
];
foreach (var pkg in pkgs)
if (rpm_check(release:"EulerOS-2.0", sp:"9", reference:pkg)) flag++;
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : rpm_report_get()
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "containerd");
}
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contactย us for a demo andย discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo