Help Center/ Cloud Container Engine/ User Guide (Paris Regions)/ Product Bulletin/ Vulnerability Notice/ Linux Kernel Integer Overflow Vulnerability (CVE-2022-0185)
Updated on 2024-01-26 GMT+08:00

Linux Kernel Integer Overflow Vulnerability (CVE-2022-0185)

Recently, the security team detected that security researchers William Liu and Jamie Hill-Daniel discovered an integer underflow vulnerability in the Linux kernel, which may lead to out-of-bounds writes. A local attacker can use this vulnerability to cause a denial of service (system crash) or execute arbitrary code. In a container scenario, a user with the CAP_SYS_ADMIN permission can escape from the container to the host machine. Currently, the vulnerability POC already exists, but no disclosed exploit code is found.

Vulnerability Details

Table 1 Vulnerability information

Vulnerability Type

CVE-ID

Discovered

Resource management flaw

CVE-2022-0185

2022-01-27

Threat Severity

Critical

Impact and Risks

The system that uses Linux kernel 5.1 or later will be affected by this vulnerability, but CCE is not affected.

Trigger Conditions

In a container scenario, users have the CAP_SYS_ADMIN permission, and the kernel version is 5.1 or later. In a standard Docker environment, the Docker seccomp filter is used. Therefore, the system is not affected by this vulnerability by default. In the Kubernetes scenario, the seccomp filter is disabled by default. The system is affected by this vulnerability if the kernel and permission conditions are met.

Identification Method

Run the uname -a command to view the kernel version.

Workarounds and Mitigation Measures

CCE clusters are not affected by this vulnerability. For a Kubernetes cluster, you are advised to:

1. Run containers with the least privilege.

2. Configure seccomp based on the configuration method provided by Kubernetes.

References

https://blog.aquasec.com/cve-2022-0185-linux-kernel-container-escape-in-kubernetes

https://ubuntu.com/security/CVE-2022-0185

https://access.redhat.com/security/cve/CVE-2022-0185

https://www.openwall.com/lists/oss-security/2022/01/18/7