Bug 1199829 - (CVE-2022-29179) VUL-0: CVE-2022-29179: cilium: Privilege escalation to cluster admin possible when attacker can escape container
(CVE-2022-29179)
VUL-0: CVE-2022-29179: cilium: Privilege escalation to cluster admin possible...
Status: NEW
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P3 - Medium : Major
: ---
Assigned To: Containers Team
Security Team bot
https://smash.suse.de/issue/332530/
CVSSv3.1:SUSE:CVE-2022-29179:7.5:(AV:...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2022-05-23 12:41 UTC by Hu
Modified: 2022-05-24 14:30 UTC (History)
1 user (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Hu 2022-05-23 12:41:34 UTC
CVE-2022-29179

Cilium is open source software for providing and securing network connectivity
and loadbalancing between application workloads. Prior to versions 1.9.16,
1.10.11, and 1.11.15, if an attacker is able to perform a container escape of a
container running as root on a host where Cilium is installed, the attacker can
escalate privileges to cluster admin by using Cilium's Kubernetes service
account. The problem has been fixed and the patch is available in versions
1.9.16, 1.10.11, and 1.11.5. There are no known workarounds available.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-29179
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29179
https://github.com/cilium/cilium/releases/tag/v1.9.16
https://github.com/cilium/cilium/releases/tag/v1.11.5
https://github.com/cilium/cilium/releases/tag/v1.10.11
https://github.com/cilium/cilium/security/advisories/GHSA-fmrf-gvjp-5j5g