GHSA-w2j5-3rcx-vx7x
Sysctls applied to containers with host IPC or host network namespaces can affect the host
Blast Radius
github.com/cri-o/cri-o🐹github.com/cri-o/cri-o🐹github.com/cri-o/cri-o🐹github.com/cri-o/cri-o🐹github.com/cri-o/cri-oReal-time download stats are indexed for npm and PyPI packages. This vulnerability affects Go packages — download data is not available via public APIs for these ecosystems.
Description
Impact
Before setting the sysctls for a pod, the pods namespaces must be unshared (created). However, in cases where the pod is using a host network or IPC namespace, a bug in CRI-O caused the namespace creating tool pinns to configure the sysctls of the host. This allows a malicious user to set sysctls on the host, assuming they have access to hostNetwork and hostIPC.
Any CRI-O cluster after CRI-O 1.18 that drops the infra container 1.22 and 1.23 clusters drop infra container by default, and are thus vulnerable by default.
Patches
CRI-O versions 1.24.0, 1.23.1, 1.22.2, 1.21.5, 1.20.6, 1.19.5 all have the patches.
Workarounds
Users can set manage_ns_lifecycle to false, which causes the sysctls to be configured by the OCI runtime, which typically filter these cases. This option is available in 1.20 and 1.19. Newer versions don't have this option.
An admission webhook could also be created to deny pods that use host IPC or network namespaces and also attempt to configure sysctls related to that namespace.
For more information
If you have any questions or comments about this advisory:
- Open an issue in the CRI-O repo
- To make a report, email your vulnerability to the private [email protected] list with the security details and the details expected for all CRI-O bug reports.
Affected Packages
| Ecosystem | Package | Vulnerable range | Fix |
|---|---|---|---|
| 🐹Go | github.com/cri-o/cri-o | ≥ 1.23.0&&< 1.23.1 | 1.23.1 |
| 🐹Go | github.com/cri-o/cri-o | ≥ 1.22.0&&< 1.22.2 | 1.22.2 |
| 🐹Go | github.com/cri-o/cri-o | ≥ 1.21.0&&< 1.21.5 | 1.21.5 |
| 🐹Go | github.com/cri-o/cri-o | ≥ 1.20.0&&< 1.20.6 | 1.20.6 |
| 🐹Go | github.com/cri-o/cri-o | ≥ 1.18.0&&< 1.19.5 | 1.19.5 |
Detection & mitigation playbook
Open-source dependencyDetect
Scan your dependency tree (package-lock.json, pnpm-lock.yaml, requirements.txt, go.sum, etc.) for github.com/cri-o/cri-o. O3's reachability analysis confirms whether the vulnerable code path is actually invoked in your application, so you act on real exposure instead of every transitive match.
Fix
Update github.com/cri-o/cri-o to 1.23.1 or later, then make sure no transitive (indirect) dependency still pins the vulnerable range — O3 confirms GHSA-w2j5-3rcx-vx7x is resolved across your whole dependency graph.
Workarounds
If you can't upgrade right away: gate or disable the affected feature, validate untrusted input at the boundary, and avoid passing attacker-controlled data into the vulnerable path. O3's runtime protection blocks exploitation in production as an interim safeguard until the upgrade lands.
How O3 protects you
O3 pinpoints whether GHSA-w2j5-3rcx-vx7x is reachable in your code and exactly where to fix it, then blocks exploitation in production at runtime until the patched version is deployed.
Tailored to GHSA-w2j5-3rcx-vx7x. Runtime protection reduces exposure until a permanent patch is applied and verified — it complements patching, it doesn't replace it.
Frequently Asked Questions
Is GHSA-w2j5-3rcx-vx7x in your dependencies?
O3 detects GHSA-w2j5-3rcx-vx7x across Go dependencies and uses function-level reachability to confirm whether the vulnerable code path is actually reachable — not just present. No false positives.