CVE-2022-47952

Published on: Not Yet Published

Last Modified on: 01/09/2023 03:20:00 PM UTC

CVE-2022-47952

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Certain versions of Lxc from Linuxcontainers contain the following vulnerability:

lxc-user-nic in lxc through 5.0.1 is installed setuid root, and may allow local users to infer whether any file exists, even within a protected directory tree, because "Failed to open" often indicates that a file does not exist, whereas "does not refer to a network namespace path" often indicates that a file exists. NOTE: this is different from CVE-2018-6556 because the CVE-2018-6556 fix design was based on the premise that "we will report back to the user that the open() failed but the user has no way of knowing why it failed"; however, in many realistic cases, there are no plausible reasons for failing except that the file does not exist.

CVE-2022-47952 has been assigned by [email protected] to track the vulnerability - currently rated as LOW severity.

CVSS3 Score: 3.3 - LOW

Attack Vector ^ⓘ	Attack Complexity	Privileges Required	User Interaction
LOCAL	LOW	LOW	NONE
Scope	Confidentiality Impact	Integrity Impact	Availability Impact
UNCHANGED	LOW	NONE	NONE

CVE References

Description	Tags ^ⓘ	Link
GitHub - MaherAzzouzi/CVE-2022-47952: LXC Information Disclosure vulnerability.	github.com text/html	MISC github.com/MaherAzzouzi/CVE-2022-47952
Comment #45 : Bug #1783591 : Bugs : lxc package : Ubuntu	bugs.launchpad.net text/html	MISC bugs.launchpad.net/ubuntu/+source/lxc/+bug/1783591/comments/45
lxc/lxc.spec.in at 0b83d71c2c8f3bac9503f894cd84584f79258bb3 · lxc/lxc · GitHub	github.com text/html	MISC github.com/lxc/lxc/blob/0b83d71c2c8f3bac9503f894cd84584f79258bb3/lxc.spec.in#L274
lxc/lxc_user_nic.c at 0b83d71c2c8f3bac9503f894cd84584f79258bb3 · lxc/lxc · GitHub	github.com text/html	MISC github.com/lxc/lxc/blob/0b83d71c2c8f3bac9503f894cd84584f79258bb3/src/lxc/cmd/lxc_user_nic.c#L1085-L1104

By selecting these links, you may be leaving CVEreport webspace. We have provided these links to other websites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other websites that are more appropriate for your purpose. CVEreport does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, CVEreport does not endorse any commercial products that may be mentioned on these sites. Please address comments about any linked pages to [email protected].

Related QID Numbers

502626 Alpine Linux Security Update for lxc
502629 Alpine Linux Security Update for lxc
672727 EulerOS Security Update for lxc (EulerOS-SA-2023-1451)
672759 EulerOS Security Update for lxc (EulerOS-SA-2023-1476)
672791 EulerOS Security Update for lxc (EulerOS-SA-2023-1532)
672818 EulerOS Security Update for lxc (EulerOS-SA-2023-1557)

Exploit/POC from Github

lxc-user-nic in lxc through 5.0.1 is installed setuid root, and may allow local users to infer whether any file exist…

Known Affected Configurations (CPE V2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Application	Linuxcontainers	Lxc	All	All	All	All

cpe:2.3:a:linuxcontainers:lxc:*:*:*:*:*:*:*:*:

No vendor comments have been submitted for this CVE

Social Mentions

Source	Title	Posted (UTC)
@CVEreport	CVE-2022-47952 : lxc-user-nic in lxc through 5.0.1 is installed setuid root, and may allow local users to infer whe… twitter.com/i/web/status/1…	2023-01-01 06:06:55
@SeYasashi	github.com/MaherAzzouzi/C… lxcの脆弱性かコンテナから、アクセスできんどうでもよさそう。	2023-01-01 09:45:48
/r/netcve	CVE-2022-47952	2023-01-01 06:38:32