Miggo Logo

CVE-2022-23471: containerd CRI stream server vulnerable to host memory exhaustion via terminal

5.7

CVSS Score
3.1

Basic Information

EPSS Score
0.42264%
Published
12/7/2022
Updated
1/31/2024
KEV Status
No
Technology
TechnologyGo

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H
Package NameEcosystemVulnerable VersionsFirst Patched Version
github.com/containerd/containerdgo< 1.5.161.5.16
github.com/containerd/containerdgo>= 1.6.0, < 1.6.121.6.12

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from two key functions: 1) handleResizeEvents lacked context-aware termination, leaving orphaned goroutines when container processes failed to start. 2) createStreams started these goroutines without proper context propagation. The patch adds context handling in both locations - passing req.Context() to handleResizeEvents in createStreams, and implementing context cancellation checks in handleResizeEvents' select statement. The commit diff and CVE description directly correlate to these code paths managing terminal resize event handling and goroutine lifecycle.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

### Imp**t * *u* w*s *oun* in *ont*in*r*'s *RI impl*m*nt*tion w**r* * us*r **n *x**ust m*mory on t** *ost. In t** *RI str**m s*rv*r, * *oroutin* is l*un**** to **n*l* t*rmin*l r*siz* *v*nts i* * TTY is r*qu*st**. I* t** us*r's pro**ss **ils to l*un*

Reasoning

T** vuln*r**ility st*ms *rom two k*y *un*tions: *) `**n*l*R*siz**v*nts` l**k** *ont*xt-*w*r* t*rmin*tion, l**vin* orp**n** *oroutin*s w**n *ont*in*r pro**ss*s **il** to st*rt. *) `*r**t*Str**ms` st*rt** t**s* *oroutin*s wit*out prop*r *ont*xt prop***