{"api_version":"1","generated_at":"2026-04-23T07:57:29+00:00","cve":"CVE-2022-23648","urls":{"html":"https://cve.report/CVE-2022-23648","api":"https://cve.report/api/cve/CVE-2022-23648.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2022-23648","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2022-23648"},"summary":{"title":"CVE-2022-23648","description":"containerd is a container runtime available as a daemon for Linux and Windows. A bug was found in containerd prior to versions 1.6.1, 1.5.10, and 1.14.12 where containers launched through containerd’s CRI implementation on Linux with a specially-crafted image configuration could gain access to read-only copies of arbitrary files and directories on the host. This may bypass any policy-based enforcement on container setup (including a Kubernetes Pod Security Policy) and expose potentially sensitive information. Kubernetes and crictl can both be configured to use containerd’s CRI implementation. This bug has been fixed in containerd 1.6.1, 1.5.10, and 1.4.12. Users should update to these versions to resolve the issue.","state":"PUBLIC","assigner":"security-advisories@github.com","published_at":"2022-03-03 14:15:00","updated_at":"2024-01-31 13:15:00"},"problem_types":["NVD-CWE-noinfo"],"metrics":[],"references":[{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HFTS2EF3S7HNYSNZSEJZIJHPRU7OPUV3/","name":"FEDORA-2022-d9c9bf56f6","refsource":"","tags":[],"title":"[SECURITY] Fedora 36 Update: containerd-1.6.1-1.fc36 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OCCARJ6FU4MWBTXHZNMS7NELPDBIX2VO/","name":"FEDORA-2022-dc35dd101f","refsource":"","tags":[],"title":"[SECURITY] Fedora 34 Update: containerd-1.6.1-1.fc34 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AUDQUQBZJGBWJPMRVB6QCCCRF7O3O4PA/","name":"FEDORA-2022-230f2b024b","refsource":"FEDORA","tags":[],"title":"[SECURITY] Fedora 35 Update: containerd-1.6.1-1.fc35 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://github.com/containerd/containerd/security/advisories/GHSA-crp2-qrr5-8pq7","name":"https://github.com/containerd/containerd/security/advisories/GHSA-crp2-qrr5-8pq7","refsource":"CONFIRM","tags":[],"title":"containerd CRI plugin: Insecure handling of image volumes · Advisory · containerd/containerd · GitHub","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.debian.org/security/2022/dsa-5091","name":"DSA-5091","refsource":"DEBIAN","tags":[],"title":"Debian -- Security Information -- DSA-5091-1 containerd","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://packetstormsecurity.com/files/166421/containerd-Image-Volume-Insecure-Handling.html","name":"http://packetstormsecurity.com/files/166421/containerd-Image-Volume-Insecure-Handling.html","refsource":"MISC","tags":[],"title":"containerd Image Volume Insecure Handling ≈ Packet Storm","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OCCARJ6FU4MWBTXHZNMS7NELPDBIX2VO/","name":"FEDORA-2022-dc35dd101f","refsource":"FEDORA","tags":[],"title":"[SECURITY] Fedora 34 Update: containerd-1.6.1-1.fc34 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://github.com/containerd/containerd/commit/10f428dac7cec44c864e1b830a4623af27a9fc70","name":"https://github.com/containerd/containerd/commit/10f428dac7cec44c864e1b830a4623af27a9fc70","refsource":"MISC","tags":[],"title":"Merge pull request #6607 from dmcgowan/prepare-v1.6.1 · containerd/containerd@10f428d · GitHub","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://github.com/containerd/containerd/releases/tag/v1.6.1","name":"https://github.com/containerd/containerd/releases/tag/v1.6.1","refsource":"MISC","tags":[],"title":"Release containerd 1.6.1 · containerd/containerd · GitHub","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://github.com/containerd/containerd/releases/tag/v1.4.13","name":"https://github.com/containerd/containerd/releases/tag/v1.4.13","refsource":"MISC","tags":[],"title":"Release containerd 1.4.13 · containerd/containerd · GitHub","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://security.gentoo.org/glsa/202401-31","name":"GLSA-202401-31","refsource":"","tags":[],"title":"containerd: Multiple Vulnerabilities (GLSA 202401-31) — Gentoo security","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AUDQUQBZJGBWJPMRVB6QCCCRF7O3O4PA/","name":"FEDORA-2022-230f2b024b","refsource":"","tags":[],"title":"[SECURITY] Fedora 35 Update: containerd-1.6.1-1.fc35 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://github.com/containerd/containerd/releases/tag/v1.5.10","name":"https://github.com/containerd/containerd/releases/tag/v1.5.10","refsource":"MISC","tags":[],"title":"Release containerd 1.5.10 · containerd/containerd · GitHub","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HFTS2EF3S7HNYSNZSEJZIJHPRU7OPUV3/","name":"FEDORA-2022-d9c9bf56f6","refsource":"FEDORA","tags":[],"title":"[SECURITY] Fedora 36 Update: containerd-1.6.1-1.fc36 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.cve.org/CVERecord?id=CVE-2022-23648","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-23648","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2022","cve_id":"23648","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"debian","cpe5":"debian_linux","cpe6":"11.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"23648","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"fedoraproject","cpe5":"fedora","cpe6":"34","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"23648","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"fedoraproject","cpe5":"fedora","cpe6":"35","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"23648","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"fedoraproject","cpe5":"fedora","cpe6":"36","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"23648","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"linuxfoundation","cpe5":"containerd","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2022-23648","qid":"179100","title":"Debian Security Update for containerd (DSA 5091-1)"},{"cve":"CVE-2022-23648","qid":"184412","title":"Debian Security Update for containerd (CVE-2022-23648)"},{"cve":"CVE-2022-23648","qid":"198688","title":"Ubuntu Security Notification for containerd Vulnerability (USN-5311-1)"},{"cve":"CVE-2022-23648","qid":"282510","title":"Fedora Security Update for containerd (FEDORA-2022-230f2b024b)"},{"cve":"CVE-2022-23648","qid":"282511","title":"Fedora Security Update for containerd (FEDORA-2022-dc35dd101f)"},{"cve":"CVE-2022-23648","qid":"353177","title":"Amazon Linux Security Advisory for containerd : ALAS-2022-1568"},{"cve":"CVE-2022-23648","qid":"353178","title":"Amazon Linux Security Advisory for containerd : ALAS2NITRO-ENCLAVES-2022-015"},{"cve":"CVE-2022-23648","qid":"353179","title":"Amazon Linux Security Advisory for containerd : ALAS2DOCKER-2022-015"},{"cve":"CVE-2022-23648","qid":"354449","title":"Amazon Linux Security Advisory for containerd : ALAS2022-2022-032"},{"cve":"CVE-2022-23648","qid":"354710","title":"Amazon Linux Security Advisory for containerd : ALAS2022-2022-210"},{"cve":"CVE-2022-23648","qid":"355261","title":"Amazon Linux Security Advisory for containerd : ALAS2023-2023-079"},{"cve":"CVE-2022-23648","qid":"355317","title":"Amazon Linux Security Advisory for ecs-init, docker, containerd, runc : ALAS2ECS-2022-001"},{"cve":"CVE-2022-23648","qid":"356884","title":"Amazon Linux Security Advisory for containerd : ALAS2ECS-2023-024"},{"cve":"CVE-2022-23648","qid":"502048","title":"Alpine Linux Security Update for containerd"},{"cve":"CVE-2022-23648","qid":"502258","title":"Alpine Linux Security Update for containerd"},{"cve":"CVE-2022-23648","qid":"504646","title":"Alpine Linux Security Update for containerd"},{"cve":"CVE-2022-23648","qid":"6140063","title":"AWS Bottlerocket Security Update for containerd (GHSA-hmxq-qpgg-r69g)"},{"cve":"CVE-2022-23648","qid":"671762","title":"EulerOS Security Update for docker-engine (EulerOS-SA-2022-1825)"},{"cve":"CVE-2022-23648","qid":"671766","title":"EulerOS Security Update for docker-engine (EulerOS-SA-2022-1820)"},{"cve":"CVE-2022-23648","qid":"671778","title":"EulerOS Security Update for docker-engine (EulerOS-SA-2022-1836)"},{"cve":"CVE-2022-23648","qid":"671822","title":"EulerOS Security Update for docker-engine (EulerOS-SA-2022-1860)"},{"cve":"CVE-2022-23648","qid":"673649","title":"EulerOS Security Update for docker-engine (EulerOS-SA-2023-3118)"},{"cve":"CVE-2022-23648","qid":"710846","title":"Gentoo Linux containerd Multiple Vulnerabilities (GLSA 202401-31)"},{"cve":"CVE-2022-23648","qid":"751817","title":"OpenSUSE Security Update for containerd (openSUSE-SU-2022:0720-1)"},{"cve":"CVE-2022-23648","qid":"752133","title":"SUSE Enterprise Linux Security Update for containerd, docker (SUSE-SU-2022:1689-1)"},{"cve":"CVE-2022-23648","qid":"753197","title":"SUSE Enterprise Linux Security Update for containerd (SUSE-SU-2022:0720-1)"},{"cve":"CVE-2022-23648","qid":"900731","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for moby-containerd (8882)"}]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"security-advisories@github.com","ID":"CVE-2022-23648","STATE":"PUBLIC","TITLE":"Insecure handling of image volumes in containerd CRI plugin"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"containerd","version":{"version_data":[{"version_value":" < 1.4.13"},{"version_value":">= 1.5.0, < 1.5.10"},{"version_value":">= 1.6.0, < 1.6.1"}]}}]},"vendor_name":"containerd"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"containerd is a container runtime available as a daemon for Linux and Windows. A bug was found in containerd prior to versions 1.6.1, 1.5.10, and 1.14.12 where containers launched through containerd’s CRI implementation on Linux with a specially-crafted image configuration could gain access to read-only copies of arbitrary files and directories on the host. This may bypass any policy-based enforcement on container setup (including a Kubernetes Pod Security Policy) and expose potentially sensitive information. Kubernetes and crictl can both be configured to use containerd’s CRI implementation. This bug has been fixed in containerd 1.6.1, 1.5.10, and 1.4.12. Users should update to these versions to resolve the issue."}]},"impact":{"cvss":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"NONE","baseScore":7.5,"baseSeverity":"HIGH","confidentialityImpact":"HIGH","integrityImpact":"NONE","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","version":"3.1"}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-200: Exposure of Sensitive Information to an Unauthorized Actor"}]}]},"references":{"reference_data":[{"name":"https://github.com/containerd/containerd/security/advisories/GHSA-crp2-qrr5-8pq7","refsource":"CONFIRM","url":"https://github.com/containerd/containerd/security/advisories/GHSA-crp2-qrr5-8pq7"},{"name":"https://github.com/containerd/containerd/commit/10f428dac7cec44c864e1b830a4623af27a9fc70","refsource":"MISC","url":"https://github.com/containerd/containerd/commit/10f428dac7cec44c864e1b830a4623af27a9fc70"},{"name":"https://github.com/containerd/containerd/releases/tag/v1.4.13","refsource":"MISC","url":"https://github.com/containerd/containerd/releases/tag/v1.4.13"},{"name":"https://github.com/containerd/containerd/releases/tag/v1.5.10","refsource":"MISC","url":"https://github.com/containerd/containerd/releases/tag/v1.5.10"},{"name":"https://github.com/containerd/containerd/releases/tag/v1.6.1","refsource":"MISC","url":"https://github.com/containerd/containerd/releases/tag/v1.6.1"},{"refsource":"DEBIAN","name":"DSA-5091","url":"https://www.debian.org/security/2022/dsa-5091"},{"refsource":"FEDORA","name":"FEDORA-2022-dc35dd101f","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OCCARJ6FU4MWBTXHZNMS7NELPDBIX2VO/"},{"refsource":"FEDORA","name":"FEDORA-2022-230f2b024b","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AUDQUQBZJGBWJPMRVB6QCCCRF7O3O4PA/"},{"refsource":"MISC","name":"http://packetstormsecurity.com/files/166421/containerd-Image-Volume-Insecure-Handling.html","url":"http://packetstormsecurity.com/files/166421/containerd-Image-Volume-Insecure-Handling.html"},{"refsource":"FEDORA","name":"FEDORA-2022-d9c9bf56f6","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HFTS2EF3S7HNYSNZSEJZIJHPRU7OPUV3/"}]},"source":{"advisory":"GHSA-crp2-qrr5-8pq7","discovery":"UNKNOWN"}},"nvd":{"publishedDate":"2022-03-03 14:15:00","lastModifiedDate":"2024-01-31 13:15:00","problem_types":["NVD-CWE-noinfo"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE","baseScore":7.5,"baseSeverity":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE","baseScore":5},"severity":"MEDIUM","exploitabilityScore":10,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:linuxfoundation:containerd:*:*:*:*:*:*:*:*","versionStartIncluding":"1.6.0","versionEndExcluding":"1.6.1","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:linuxfoundation:containerd:*:*:*:*:*:*:*:*","versionStartIncluding":"1.5.0","versionEndExcluding":"1.5.10","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:linuxfoundation:containerd:*:*:*:*:*:*:*:*","versionEndExcluding":"1.4.13","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2022","CveId":"23648","Ordinal":"226480","Title":"CVE-2022-23648","CVE":"CVE-2022-23648","Year":"2022"},"notes":[{"CveYear":"2022","CveId":"23648","Ordinal":"1","NoteData":"** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.","Type":"Description","Title":null}]}}}