GoogleOSV:GO-2022-0784containerd-shim API Exposed to Host Network Containers in github.com/containerd/containerd
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:P/A:N
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
AI Score
Confidence
Low
containerd-shim API Exposed to Host Network Containers in github.com/containerd/containerd
References
github.com/containerd/containerd/commit/4a4bb851f5da563ff6e68a83dc837c7699c469ad
github.com/containerd/containerd/releases/tag/v1.4.3
github.com/containerd/containerd/security/advisories/GHSA-36xw-fx78-c5r4
lists.fedoraproject.org/archives/list/[email protected]/message/LNKXLOLZWO5FMAPX63ZL7JNKTNNT5NQD
nvd.nist.gov/vuln/detail/CVE-2020-15257
research.nccgroup.com/2020/12/10/abstract-shimmer-cve-2020-15257-host-networking-is-root-equivalent-again
security.gentoo.org/glsa/202105-33
www.debian.org/security/2021/dsa-4865
Related
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:P/A:N
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
AI Score
Confidence
Low