PT-2022-4807 · Runc+8 · Runc+8

Andrew G. Morgan

·

Published

2022-05-05

·

Updated

2025-09-29

·

CVE-2022-29162

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions runc versions prior to 1.1.2
Description A bug was found in runc where runc exec --cap created processes with non-empty inheritable Linux process capabilities, creating an atypical Linux environment and enabling programs with inheritable file capabilities to elevate those capabilities to the permitted set during execve(2). This bug did not affect the container security sandbox as the inheritable set never contained more capabilities than were included in the container's bounding set.
Recommendations For versions prior to 1.1.2, update to version 1.1.2 to fix the bug, which changes runc exec --cap behavior to not include inheritable capabilities and modifies runc spec to not set any inheritable capabilities in the created example OCI spec (config.json) file.

Exploit

Fix

DoS

Incorrect Default Permissions

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-276

Related Identifiers

ALSA-2022:7469
ALSA-2022:8090
ALSA-2022_7469
ALSA-2022_8090
ALSA-2025_16880
ALT-PU-2022-1852
ALT-PU-2022-3196
ALT-PU-2023-1623
AZL-9817
BDU:2022-05793
CESA-2022_7457
CESA-2022_7469
CVE-2022-29162
DLA-3369-1
GHSA-F3FP-GC8G-VW66
GO-2022-0452
MGASA-2022-0192
OESA-2022-1704
OPENSUSE-SU-2022_2341-1
OPENSUSE-SU-2022_3321-1
OPENSUSE-SU-2022_3333-1
OPENSUSE-SU-2024:12074-1
OPENSUSE-SU-2025:15424-1
RHSA-2022:5068
RHSA-2022:7457
RHSA-2022:7469
RHSA-2022:8090
RHSA-2022_7457
RHSA-2022_7469
RHSA-2022_8090
RLSA-2022:7457
RLSA-2022:7469
RLSA-2022:8090
ROSA-SA-2023-2209
SUSE-SU-2022:2165-1
SUSE-SU-2022:2341-1
SUSE-SU-2022:3321-1
SUSE-SU-2022:3333-1
SUSE-SU-2022_2165-1
SUSE-SU-2022_2341-1
USN-6088-2

Affected Products

Alt Linux
Almalinux
Astra Linux
Centos
Red Hat
Rocky Linux
Suse
Ubuntu
Runc