{"id":49978,"date":"2022-04-04T09:00:56","date_gmt":"2022-04-04T00:00:56","guid":{"rendered":"https:\/\/www.creationline.com\/?p=49978"},"modified":"2022-03-30T18:40:18","modified_gmt":"2022-03-30T09:40:18","slug":"cve-2022-0811%ef%bc%9acri-o%e3%81%ae%e8%84%86%e5%bc%b1%e6%80%a7%e3%81%ab%e3%82%88%e3%82%8a%e3%80%81%e3%82%b3%e3%83%b3%e3%83%86%e3%83%8a%e3%82%a8%e3%82%b9%e3%82%b1%e3%83%bc%e3%83%97%e3%81%ae%e5%8f%af","status":"publish","type":"post","link":"https:\/\/www.creationline.com\/tech-blog\/cloudnative\/aquasecurity\/49978","title":{"rendered":"CVE-2022-0811\uff1aCRI-O\u306e\u8106\u5f31\u6027\u306b\u3088\u308a\u3001\u30b3\u30f3\u30c6\u30ca\u30a8\u30b9\u30b1\u30fc\u30d7\u306e\u53ef\u80fd\u6027 #aqua  #\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3 #\u30b3\u30f3\u30c6\u30ca #cve20220811 #crio #\u30b3\u30f3\u30c6\u30ca\u30a8\u30b9\u30b1\u30fc\u30d7 #k8s"},"content":{"rendered":"<p>\u672c\u30d6\u30ed\u30b0\u306f\u300cAqua Security\u300d\u793e\u306e\u6280\u8853\u30d6\u30ed\u30b0\u30672022\u5e743\u670817\u65e5\u306b\u516c\u958b\u3055\u308c\u305f\u300c<a href=\"https:\/\/blog.aquasec.com\/cve-2022-0811-cri-o-vulnerability\" rel=\"nofollow noopener noreferrer\" target=\"_blank\"> CVE-2022-0811: CRI-O Vulnerability Could Allow Container Escape <\/a>\u300d\u306e\u65e5\u672c\u8a9e\u7ffb\u8a33\u3067\u3059\u3002<\/p>\n<p><center><img loading=\"lazy\" decoding=\"async\" src=\"\/tech-blog\/cms_x3GWkuX\/wp-content\/uploads\/2022\/03\/02dfe9d845f4ad72295a0bb717f70913-1024x493.png\" alt=\"\" width=\"1024\" height=\"493\" class=\"alignnone size-large wp-image-49979\" srcset=\"https:\/\/www.creationline.com\/tech-blog\/cms_x3GWkuX\/wp-content\/uploads\/2022\/03\/02dfe9d845f4ad72295a0bb717f70913-1024x493.png 1024w, https:\/\/www.creationline.com\/tech-blog\/cms_x3GWkuX\/wp-content\/uploads\/2022\/03\/02dfe9d845f4ad72295a0bb717f70913-360x173.png 360w, https:\/\/www.creationline.com\/tech-blog\/cms_x3GWkuX\/wp-content\/uploads\/2022\/03\/02dfe9d845f4ad72295a0bb717f70913-768x370.png 768w, https:\/\/www.creationline.com\/tech-blog\/cms_x3GWkuX\/wp-content\/uploads\/2022\/03\/02dfe9d845f4ad72295a0bb717f70913.png 1299w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/center><\/p>\n<h2>CVE-2022-0811\uff1aCRI-O\u306e\u8106\u5f31\u6027\u306b\u3088\u308a\u3001\u30b3\u30f3\u30c6\u30ca\u30a8\u30b9\u30b1\u30fc\u30d7\u306e\u53ef\u80fd\u6027<\/h2>\n<hr \/>\n<p>\u30b3\u30f3\u30c6\u30ca\u30e9\u30f3\u30bf\u30a4\u30e0\u30c4\u30fc\u30eb\u300cCRI-O\u300d\u306b\u65b0\u305f\u306a\u8106\u5f31\u6027\u304c\u767a\u898b\u3055\u308c\u307e\u3057\u305f\u3002\u3053\u306e\u8106\u5f31\u6027\u306b\u3088\u308a\u3001\u540c\u30bd\u30d5\u30c8\u30a6\u30a7\u30a2\u3092\u4f7f\u7528\u3059\u308b Kubernetes \u3084 OpenShift \u30af\u30e9\u30b9\u30bf\u30fc\u3067 Pod \u3092\u4f5c\u6210\u3067\u304d\u308b\u653b\u6483\u8005\u306f\u3001\u57fa\u76e4\u3068\u306a\u308b\u30af\u30e9\u30b9\u30bf\u30fc\u30ce\u30fc\u30c9\u306b\u4fb5\u5165\u3057\u3001\u4e8b\u5b9f\u4e0a\u7279\u6a29\u306b\u6607\u683c\u3067\u304d\u308b\u53ef\u80fd\u6027\u304c\u3042\u308a\u307e\u3059\u3002\u3053\u306e\u554f\u984c\u306b\u5bfe\u51e6\u3059\u308b\u6700\u5584\u306e\u65b9\u6cd5\u306f\u3001\u3053\u308c\u307e\u3067\u3068\u540c\u69d8\u306b\u3001\u9069\u5207\u306a\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30d1\u30c3\u30c1\u3092\u9069\u7528\u3059\u308b\u3053\u3068\u3067\u3059\u3002\u30d1\u30c3\u30c1\u304c\u9069\u7528\u3055\u308c\u308b\u307e\u3067\u306e\u9593\u3001\u3053\u306e\u554f\u984c\u3092\u60aa\u7528\u3057\u305f\u653b\u6483\u3092\u8efd\u6e1b\u3059\u308b\u305f\u3081\u306b\u3001\u4ed6\u306b\u3044\u304f\u3064\u304b\u306e\u5bfe\u7b56\u3092\u8b1b\u3058\u308b\u3053\u3068\u304c\u3067\u304d\u307e\u3059\u3002<\/p>\n<h3>\u6280\u8853\u7684\u30d0\u30c3\u30af\u30b0\u30e9\u30a6\u30f3\u30c9<\/h3>\n<p><a href=\"https:\/\/www.crowdstrike.com\/blog\/cr8escape-new-vulnerability-discovered-in-cri-o-container-engine-cve-2022-0811\/\" rel=\"noopener\" target=\"_blank\">\u3053\u306e\u554f\u984c\u306b\u95a2\u3059\u308b\u30aa\u30ea\u30b8\u30ca\u30eb\u306e\u6295\u7a3f<\/a>\u306f\u3001\u3069\u306e\u3088\u3046\u306b\u60aa\u7528\u3055\u308c\u308b\u304b\u3092\u793a\u3059\u518d\u73fe\u6027\u306e\u3042\u308b\u6982\u5ff5\u5b9f\u8a3c\u3092\u63d0\u4f9b\u3057\u3066\u3044\u307e\u3059\u3002\u3055\u3089\u306b\u3001\u7814\u7a76\u8005\u306f\u3001\u3053\u306e\u554f\u984c\u3092\u5229\u7528\u3057\u3066\u3001<a href=\"https:\/\/twitter.com\/christophetd\/status\/1504082333590294531\" rel=\"noopener\" target=\"_blank\">\u8106\u5f31\u306a\u30af\u30e9\u30b9\u30bf\u30fc\u30ce\u30fc\u30c9\u3092\u5b8c\u5168\u306b\u60aa\u7528\u3059\u308b\u65b9\u6cd5<\/a>\u3092\u793a\u3057\u3066\u3044\u307e\u3059\u3002<\/p>\n<p>\u57fa\u672c\u7684\u306b\u3001\u3053\u306e\u8106\u5f31\u6027\u306f Kubernetes \u30de\u30cb\u30d5\u30a7\u30b9\u30c8\u306e sysctls \u30bb\u30af\u30b7\u30e7\u30f3\u306b\u6e21\u3055\u308c\u305f\u30d1\u30e9\u30e1\u30fc\u30bf\u304c\u3001\u5341\u5206\u306a\u691c\u8a3c\u3092\u305b\u305a\u30b5\u30dd\u30fc\u30c8\u30e6\u30fc\u30c6\u30a3\u30ea\u30c6\u30a3\u3078\u6e21\u3055\u308c\u308b\u65b9\u6cd5\u306b\u8d77\u56e0\u3057\u3066\u3044\u307e\u3059\u3002\u3053\u306e\u691c\u8a3c\u306e\u6b20\u5982\u306b\u3088\u308a\u3001\u653b\u6483\u8005\u306f\u30b3\u30f3\u30c6\u30ca\u30a8\u30b9\u30b1\u30fc\u30d7\u3092\u53ef\u80fd\u306b\u3059\u308b\u65b9\u6cd5\u3067\u3001\u4ed6\u306e\u30b7\u30b9\u30c6\u30e0\u30d1\u30e9\u30e1\u30fc\u30bf\u3092\u5909\u66f4\u3067\u304d\u307e\u3059\u3002<\/p>\n<h3>AdmissionControll\u3092\u7de9\u548c\u7b56\u3068\u3057\u3066\u6d3b\u7528<\/h3>\n<p>\u8106\u5f31\u6027\u306e\u8a18\u8ff0\u304b\u3089\u3001\u3053\u306e\u554f\u984c\u304c\u5f15\u304d\u8d77\u3053\u3055\u308c\u308b\u65b9\u6cd5\u306f\u3001\u653b\u6483\u8005\u304c\u30de\u30cb\u30d5\u30a7\u30b9\u30c8\u306b\u30ab\u30b9\u30bf\u30e0 sysctls \u306e\u5024\u3092\u8a2d\u5b9a\u3059\u308b\u5fc5\u8981\u304c\u3042\u308a\u307e\u3059\u3002<\/p>\n<p><center><img decoding=\"async\" src=\"https:\/\/blog.aquasec.com\/hs-fs\/hubfs\/custom-sysctls-set-in-attacker-manifest.jpg?width=1125&name=custom-sysctls-set-in-attacker-manifest.jpg\" alt=\"\" \/><\/center><\/p>\n<p>\u305d\u306e\u305f\u3081\u3001Kubernetes \u30ec\u30d9\u30eb\u3067\u306e\u7de9\u548c\u7b56\u304c\u3044\u304f\u3064\u304b\u8003\u3048\u3089\u308c\u307e\u3059\u3002\u30af\u30e9\u30b9\u30bf\u30fc\u5185\u3067\u5b9f\u884c\u3055\u308c\u3066\u3044\u308b\u30ef\u30fc\u30af\u30ed\u30fc\u30c9\u304c\u30ab\u30b9\u30bf\u30e0 sysctl \u3092\u8a2d\u5b9a\u3059\u308b\u5fc5\u8981\u304c\u306a\u3044\u5834\u5408\u3001\u305d\u308c\u3089\u3092\u8a2d\u5b9a\u3057\u3088\u3046\u3068\u3059\u308b\u8a66\u307f\u3092\u30d6\u30ed\u30c3\u30af\u3059\u308b\u3053\u3068\u3067\u3001\u60aa\u7528\u30d9\u30af\u30c8\u30eb\u3092\u30d6\u30ed\u30c3\u30af\u3067\u304d\u307e\u3059\u3002\u30ab\u30b9\u30bf\u30e0 sysctls \u304c\u5fc5\u8981\u306a\u5834\u5408\u3001\u5225\u306e\u30a2\u30d7\u30ed\u30fc\u30c1(\u305f\u3060\u3057\u3001\u3088\u308a\u8907\u96d1\u3067\u8106\u3044\u53ef\u80fd\u6027\u304c\u3042\u308b)\u3068\u3057\u3066\u3001\u7279\u5b9a\u306e\u30d5\u30a3\u30fc\u30eb\u30c9\u306e\u30ad\u30fc\u6587\u5b57(+\u3068=)\u3092\u30d6\u30ed\u30c3\u30af\u3059\u308b\u3053\u3068\u3092\u8a66\u307f\u308b\u3053\u3068\u306b\u306a\u308a\u307e\u3059\u3002<\/p>\n<p>\u6700\u521d\u306e\u30aa\u30d7\u30b7\u30e7\u30f3\u306f\u3001\u9650\u5b9a\u7684\u307e\u305f\u306f\u5168\u304f\u30ab\u30b9\u30bf\u30e0\u30dd\u30ea\u30b7\u30fc\u3092\u8a18\u8ff0\u3059\u308b\u5fc5\u8981\u304c\u306a\u3044\u305f\u3081\u3001\u30d1\u30c3\u30c1\u306e\u5c55\u958b\u4e2d\u306b\u8fc5\u901f\u306a\u4fee\u6b63\u3068\u3057\u3066\u5b9f\u88c5\u3059\u308b\u306e\u304c\u6700\u3082\u7c21\u5358\u3067\u3057\u3087\u3046\u3002\u305f\u3060\u3057\u3001\u73fe\u5728\u30af\u30e9\u30b9\u30bf\u30fc\u306b\u914d\u5099\u3055\u308c\u3066\u3044\u308b\u30ef\u30fc\u30af\u30ed\u30fc\u30c9\u304c\u3053\u306e\u6a5f\u80fd\u3092\u4f7f\u7528\u3057\u3066\u3044\u306a\u3044\u3053\u3068\u3092\u78ba\u8a8d\u3059\u308b\u305f\u3081\u306b\u3001\u6ce8\u610f\u3092\u6255\u3046\u5fc5\u8981\u304c\u3042\u308a\u307e\u3059\u3002\u4eba\u6c17\u306e\u3042\u308b\u30aa\u30fc\u30d7\u30f3\u30bd\u30fc\u30b9\u306e AdmissionController \u3092\u898b\u308b\u3068\u3001\u30de\u30cb\u30d5\u30a7\u30b9\u30c8\u306e\u3053\u306e\u9818\u57df\u3092\u898b\u308b\u30dd\u30ea\u30b7\u30fc\u304c\u65e2\u306b\u5b58\u5728\u3057\u3066\u3044\u308b\u3068\u308f\u304b\u308a\u307e\u3059\u3002<\/p>\n<p>OPA \u306e\u5834\u5408\u3001<a href=\"https:\/\/github.com\/open-policy-agent\/gatekeeper-library\/tree\/master\/library\/pod-security-policy\/forbidden-sysctls\" rel=\"noopener\" target=\"_blank\">gatekeeper-library<\/a> \u30ea\u30dd\u30b8\u30c8\u30ea\u306b\u3001\u30ab\u30b9\u30bf\u30e0 sysctl \u306e\u8a2d\u5b9a\u3092\u30d6\u30ed\u30c3\u30af\u3059\u308b\u305f\u3081\u306b\u4f7f\u7528\u3067\u304d\u308b\u30c6\u30f3\u30d7\u30ec\u30fc\u30c8\u304c\u3042\u308a\u307e\u3059\u3002\u3053\u306e\u30c6\u30f3\u30d7\u30ec\u30fc\u30c8\u3092\u9069\u7528\u3057\u3001\u3059\u3079\u3066\u306e\u30ab\u30b9\u30bf\u30e0 sysctl \u3092\u30d6\u30ed\u30c3\u30af\u3059\u308b\u5236\u7d04\u3092\u4f5c\u6210\u3059\u308b\u3053\u3068\u3067\u3001\u4fdd\u8b77\u304c\u53ef\u80fd\u306b\u306a\u308a\u307e\u3059\u3002<\/p>\n<div data-hs-responsive-table=\"true\" style=\"overflow-x: auto; max-width: 100%; width: 100%; margin-left: auto; margin-right: auto;\">\n<table style=\"width: 100%; border-collapse: collapse; table-layout: fixed; border: 1px solid #99acc2; border-width: 0px; border-style: none;\">\n<tbody>\n<tr>\n<td style=\"width: 100%; padding: 4px; background-color: #ebf3fa;\">\n<p style=\"font-size: 18px;\"><span style=\"font-family: 'Courier New', Courier, monospace;\">apiVersion: constraints.gatekeeper.sh\/v1beta1<br \/><\/span><span style=\"font-family: 'Courier New', Courier, monospace;\">kind: K8sPSPForbiddenSysctls<br \/><\/span><span style=\"font-family: 'Courier New', Courier, monospace;\">metadata:<br \/><\/span><span style=\"font-family: 'Courier New', Courier, monospace;\">&nbsp; name: psp-forbidden-sysctls<br \/><\/span><span style=\"font-family: 'Courier New', Courier, monospace;\">spec:<br \/><\/span><span style=\"font-family: 'Courier New', Courier, monospace;\">&nbsp; match:<br \/><\/span><span style=\"font-family: 'Courier New', Courier, monospace;\"><\/span><span style=\"font-family: 'Courier New', Courier, monospace;\">&nbsp;&nbsp; kinds:<br \/><\/span><span style=\"font-family: 'Courier New', Courier, monospace;\">&nbsp;&nbsp;&nbsp;&nbsp; - apiGroups: [\"\"]<br \/><\/span><span style=\"font-family: 'Courier New', Courier, monospace;\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; kinds: [\"Pod\"]<br \/><\/span><span style=\"font-family: 'Courier New', Courier, monospace;\">&nbsp; parameters:<br \/><\/span><span style=\"font-family: 'Courier New', Courier, monospace;\">&nbsp;&nbsp; forbiddenSysctls:<br \/><\/span><span style=\"font-family: 'Courier New', Courier, monospace;\">&nbsp;&nbsp; - \"*\"<\/span><\/p>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/div>\n<p>exploit \u30d6\u30ed\u30b0\u306b\u63b2\u8f09\u3055\u308c\u3066\u3044\u308b\u30b5\u30f3\u30d7\u30eb\u30de\u30cb\u30d5\u30a7\u30b9\u30c8\u3092\u9069\u7528\u3057\u3066\u307f\u308b\u3068\u3001\u4ee5\u4e0b\u306e\u3088\u3046\u306a\u7d50\u679c\u304c\u51fa\u529b\u3055\u308c\u307e\u3059\u3002<\/p>\n<p><center><img decoding=\"async\" src=\"https:\/\/blog.aquasec.com\/hs-fs\/hubfs\/OPA-Blocking-exploit.jpg?width=1125&name=OPA-Blocking-exploit.jpg\" alt=\"\" \/><\/center><\/p>\n<p>Kubernetes AdmissionControll \u306e\u30aa\u30d7\u30b7\u30e7\u30f3\u3068\u3057\u3066\u3001<a href=\"https:\/\/kyverno.io\/\" rel=\"noopener\" target=\"_blank\">Kyverno<\/a> \u3082\u3088\u304f\u77e5\u3089\u308c\u3066\u3044\u307e\u3059\u3002\u30dd\u30ea\u30b7\u30fc\u30e9\u30a4\u30d6\u30e9\u30ea\u3092\u898b\u308b\u3068\u3001\u30db\u30ef\u30a4\u30c8\u30ea\u30b9\u30c8\u306b\u8f09\u3063\u3066\u3044\u306a\u3044 sysctl \u3092\u30d6\u30ed\u30c3\u30af\u3059\u308b<a href=\"https:\/\/kyverno.io\/policies\/pod-security\/baseline\/restrict-sysctls\/restrict-sysctls\/\" rel=\"noopener\" target=\"_blank\">\u30b5\u30f3\u30d7\u30eb\u30dd\u30ea\u30b7\u30fc<\/a>\u3082\u3042\u308b\u3053\u3068\u304c\u308f\u304b\u308a\u307e\u3059\u3002\u3059\u3079\u3066\u306e sysctl \u3092\u30d6\u30ed\u30c3\u30af\u3057\u3088\u3046\u3068\u3059\u308b\u305f\u3081\u3001\u3042\u307e\u308a\u5b9f\u7528\u7684\u3067\u306f\u3042\u308a\u307e\u305b\u3093\u304c\u3001\u3053\u308c\u3092\u4fee\u6b63\u3059\u308b\u306e\u306f\u7c21\u5358\u3067\u3059\u3002\u30d1\u30bf\u30fc\u30f3\u30bb\u30af\u30b7\u30e7\u30f3\u3092\u6b21\u306e\u3088\u3046\u306b\u5909\u66f4\u3059\u308b\u3060\u3051\u3067\u3059\u3002<\/p>\n<div data-hs-responsive-table=\"true\" style=\"overflow-x: auto; max-width: 100%; width: 100%; margin-left: auto; margin-right: auto;\">\n<table style=\"width: 100%; border-collapse: collapse; table-layout: fixed; border: 1px solid #99acc2; border-width: 0px; border-style: none;\">\n<tbody>\n<tr>\n<td style=\"width: 100%; padding: 4px; background-color: #ebf3fa;\">\n<p style=\"font-size: 18px;\">&nbsp;&nbsp;&nbsp;<span style=\"font-family: 'Courier New', Courier, monospace;\">&nbsp;&nbsp;&nbsp; pattern:<br \/><\/span><span style=\"font-family: 'Courier New', Courier, monospace;\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; spec:<br \/><\/span><span style=\"font-family: 'Courier New', Courier, monospace;\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =(securityContext):<br \/><\/span><span style=\"font-family: 'Courier New', Courier, monospace;\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; X(sysctls): \"null\"<\/span><\/p>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/div>\n<p>\u3053\u306e\u3088\u3046\u306b\u3001\u30ab\u30b9\u30bf\u30e0\u306e sysctl \u3092\u4f7f\u7528\u3059\u308b\u3059\u3079\u3066\u306b\u4e00\u81f4\u3055\u305b\u308b\u5fc5\u8981\u304c\u3042\u308a\u307e\u3059\u3002\u30d6\u30ed\u30c3\u30af\u3059\u308b\u305f\u3081\u306b\u306f\u3001validationFailureAction \u3082 enforce \u306b\u5909\u66f4\u3059\u308b\u5fc5\u8981\u304c\u3042\u308a\u307e\u3059\u3002\u30af\u30e9\u30b9\u30bf\u30fc\u307e\u305f\u306f\u7279\u5b9a\u306e Namespace \u30ec\u30d9\u30eb\u306b\u9069\u7528\u3055\u308c\u305f\u3053\u306e\u30dd\u30ea\u30b7\u30fc\u3067\u3001\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u30de\u30cb\u30d5\u30a7\u30b9\u30c8\u3092\u9069\u7528\u3057\u3088\u3046\u3068\u3059\u308b\u3068\u3001\u30dd\u30ea\u30b7\u30fc\u306b\u3088\u3063\u3066\u30d6\u30ed\u30c3\u30af\u3055\u308c\u305f\u3053\u3068\u3092\u793a\u3059\u30a8\u30e9\u30fc\u304c\u8868\u793a\u3055\u308c\u307e\u3059\u3002<\/p>\n<p><center><img decoding=\"async\" src=\"https:\/\/blog.aquasec.com\/hs-fs\/hubfs\/Kyverno-blocking-exploit.jpg?width=1275&name=Kyverno-blocking-exploit.jpg\" alt=\"\" \/><\/center><\/p>\n<h2>\u307e\u3068\u3081<\/h2>\n<hr \/>\n<p>\u3053\u306e\u8106\u5f31\u6027\u306f\u3001\u30b3\u30f3\u30c6\u30ca\u30a8\u30b9\u30b1\u30fc\u30d7\u3092\u53ef\u80fd\u306b\u3059\u308b\u6700\u8fd1\u306e\u3044\u304f\u3064\u304b\u306e\u554f\u984c\u306e\u3046\u3061\u306e1\u3064\u3067\u3059\u3002\u4ed6\u306e\u3044\u304f\u3064\u304b\u306e\u554f\u984c\u3068\u540c\u69d8\u306b\u3001\u95a2\u9023\u3059\u308b\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30d1\u30c3\u30c1\u3092\u9069\u7528\u3059\u308b\u307e\u3067\u306e\u9593\u3001\u60aa\u7528\u306e\u53ef\u80fd\u6027\u3092\u4f4e\u6e1b\u3059\u308b\u305f\u3081\u306b\u4f7f\u7528\u3067\u304d\u308b\u4fdd\u8b77\u624b\u6bb5\u304c\u3042\u308a\u307e\u3059\u3002<\/p>\n<p>Kubernetes \u3084 OpenShift \u306e\u3088\u3046\u306a\u8907\u96d1\u306a\u74b0\u5883\u3067\u306f\u3001\u591a\u5c64\u9632\u5fa1\u3057\u3001\u3069\u3053\u3067\u7de9\u548c\u7b56\u3092\u9069\u7528\u3067\u304d\u308b\u304b\u3092\u7406\u89e3\u3059\u308b\u3053\u3068\u304c\u91cd\u8981\u3067\u3059\u3002\u3053\u308c\u306b\u3088\u308a\u3001\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30d1\u30c3\u30c1\u306e\u7dca\u6025\u5c55\u958b\u306e\u5fc5\u8981\u6027\u3092\u4f4e\u6e1b\u3057\u3001\u904b\u7528\u30c1\u30fc\u30e0\u306b\u30b7\u30b9\u30c6\u30e0\u306e\u904b\u7528\u306b\u5f71\u97ff\u3092\u4e0e\u3048\u306a\u3044\u3053\u3068\u3092\u78ba\u8a8d\u3059\u308b\u305f\u3081\u306e\u30c6\u30b9\u30c8\u306e\u6642\u9593\u3092\u78ba\u4fdd\u3059\u308b\u3053\u3068\u304c\u3067\u304d\u307e\u3059\u3002<\/p>\n<p><center>\n\t\t<!--HubSpot Call-to-Action Code -->\n\t\t<span class=\"hs-cta-wrapper\" id=\"hs-cta-wrapper-fecc193b-bbc5-40d2-9588-ed7b022af3aa\">\n\t\t<span class=\"hs-cta-node hs-cta-fecc193b-bbc5-40d2-9588-ed7b022af3aa\" id=\"fecc193b-bbc5-40d2-9588-ed7b022af3aa\">\n\t\t<!--[if lte IE 8]>\n\t\t<div id=\"hs-cta-ie-element\"><\/div>\n\t\t<![endif]-->\n\t\t<a href=\"https:\/\/cta-redirect.hubspot.com\/cta\/redirect\/6168413\/fecc193b-bbc5-40d2-9588-ed7b022af3aa\" >\n\t\t<img decoding=\"async\" class=\"hs-cta-img\" id=\"hs-cta-img-fecc193b-bbc5-40d2-9588-ed7b022af3aa\" style=\"border-width:0px;\" src=\"https:\/\/no-cache.hubspot.com\/cta\/default\/6168413\/fecc193b-bbc5-40d2-9588-ed7b022af3aa.png\"  alt=\"New call-to-action\"\/>\n\t\t<\/a>\n\t\t<\/span>\n\t\t<script charset=\"utf-8\" src=\"\/\/js.hubspot.com\/cta\/current.js\"><\/script>\n\t\t<script>\n\t\thbspt.cta.load(6168413, 'fecc193b-bbc5-40d2-9588-ed7b022af3aa', {});\n\t\t<\/script>\n\t\t<\/span>\n\t\t<!-- end HubSpot Call-to-Action Code -->\n\t\t<\/center><\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u672c\u30d6\u30ed\u30b0\u306f\u300cAqua Security\u300d\u793e\u306e\u6280\u8853\u30d6\u30ed\u30b0\u30672022\u5e743\u670817\u65e5\u306b\u516c\u958b\u3055\u308c\u305f\u300c CVE-2022-0811: CRI-O Vulnerability Could Allow Container Escape  [&#8230;]<\/p>\n","protected":false},"author":56,"featured_media":49979,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"content-type":"","footnotes":""},"categories":[176,122],"tags":[174,152,632,631,286,560,358],"class_list":["post-49978","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-aquasecurity","category-kubernetes","tag-aqua","tag-aquasecurity","tag-crio","tag-cve20220811","tag-286","tag-560","tag-358"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.4 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>CVE-2022-0811\uff1aCRI-O\u306e\u8106\u5f31\u6027\u306b\u3088\u308a\u3001\u30b3\u30f3\u30c6\u30ca\u30a8\u30b9\u30b1\u30fc\u30d7\u306e\u53ef\u80fd\u6027 #aqua #\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3 #\u30b3\u30f3\u30c6\u30ca #cve20220811 #crio #\u30b3\u30f3\u30c6\u30ca\u30a8\u30b9\u30b1\u30fc\u30d7 #k8s - Tech Blog\uff5c\u30af\u30ea\u30a8\u30fc\u30b7\u30e7\u30f3\u30e9\u30a4\u30f3<\/title>\n<meta name=\"description\" content=\"AquaSecurity, Kubernetes |\u672c\u30d6\u30ed\u30b0\u306f\u300cAqua Security\u300d\u793e\u306e\u6280\u8853\u30d6\u30ed\u30b0\u30672022\u5e743\u670817\u65e5\u306b\u516c\u958b\u3055\u308c\u305f\u300c CVE-2022-0811: CRI-O\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.creationline.com\/tech-blog\/cloudnative\/aquasecurity\/49978\" \/>\n<meta property=\"og:locale\" content=\"ja_JP\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"CVE-2022-0811\uff1aCRI-O\u306e\u8106\u5f31\u6027\u306b\u3088\u308a\u3001\u30b3\u30f3\u30c6\u30ca\u30a8\u30b9\u30b1\u30fc\u30d7\u306e\u53ef\u80fd\u6027 #aqua #\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3 #\u30b3\u30f3\u30c6\u30ca #cve20220811 #crio #\u30b3\u30f3\u30c6\u30ca\u30a8\u30b9\u30b1\u30fc\u30d7 #k8s - Tech Blog\uff5c\u30af\u30ea\u30a8\u30fc\u30b7\u30e7\u30f3\u30e9\u30a4\u30f3\" \/>\n<meta property=\"og:description\" content=\"AquaSecurity, Kubernetes |\u672c\u30d6\u30ed\u30b0\u306f\u300cAqua Security\u300d\u793e\u306e\u6280\u8853\u30d6\u30ed\u30b0\u30672022\u5e743\u670817\u65e5\u306b\u516c\u958b\u3055\u308c\u305f\u300c CVE-2022-0811: CRI-O\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.creationline.com\/tech-blog\/cloudnative\/aquasecurity\/49978\" \/>\n<meta property=\"og:site_name\" content=\"Tech Blog\uff5c\u30af\u30ea\u30a8\u30fc\u30b7\u30e7\u30f3\u30e9\u30a4\u30f3\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/creationline\" \/>\n<meta property=\"article:published_time\" content=\"2022-04-04T00:00:56+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.creationline.com\/tech-blog\/cms_x3GWkuX\/wp-content\/uploads\/2022\/03\/02dfe9d845f4ad72295a0bb717f70913.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1299\" \/>\n\t<meta property=\"og:image:height\" content=\"625\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Kent Magruder\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@creationline\" \/>\n<meta name=\"twitter:site\" content=\"@creationline\" \/>\n<meta name=\"twitter:label1\" content=\"\u57f7\u7b46\u8005\" \/>\n\t<meta name=\"twitter:data1\" content=\"Kent Magruder\" \/>\n\t<meta name=\"twitter:label2\" content=\"\u63a8\u5b9a\u8aad\u307f\u53d6\u308a\u6642\u9593\" \/>\n\t<meta name=\"twitter:data2\" content=\"1\u5206\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.creationline.com\\\/tech-blog\\\/cloudnative\\\/aquasecurity\\\/49978#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.creationline.com\\\/tech-blog\\\/cloudnative\\\/aquasecurity\\\/49978\"},\"author\":{\"name\":\"Kent Magruder\",\"@id\":\"https:\\\/\\\/www.creationline.com\\\/tech-blog\\\/#\\\/schema\\\/person\\\/2dfcdde19e3b7cb7da7c9ae23e1b7717\"},\"headline\":\"CVE-2022-0811\uff1aCRI-O\u306e\u8106\u5f31\u6027\u306b\u3088\u308a\u3001\u30b3\u30f3\u30c6\u30ca\u30a8\u30b9\u30b1\u30fc\u30d7\u306e\u53ef\u80fd\u6027 #aqua #\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3 #\u30b3\u30f3\u30c6\u30ca #cve20220811 #crio #\u30b3\u30f3\u30c6\u30ca\u30a8\u30b9\u30b1\u30fc\u30d7 #k8s\",\"datePublished\":\"2022-04-04T00:00:56+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.creationline.com\\\/tech-blog\\\/cloudnative\\\/aquasecurity\\\/49978\"},\"wordCount\":146,\"image\":{\"@id\":\"https:\\\/\\\/www.creationline.com\\\/tech-blog\\\/cloudnative\\\/aquasecurity\\\/49978#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.creationline.com\\\/tech-blog\\\/cms_x3GWkuX\\\/wp-content\\\/uploads\\\/2022\\\/03\\\/02dfe9d845f4ad72295a0bb717f70913.png\",\"keywords\":[\"aqua\",\"AquaSecurity\",\"crio\",\"cve20220811\",\"\u30b3\u30f3\u30c6\u30ca\",\"\u30b3\u30f3\u30c6\u30ca\u30a8\u30b9\u30b1\u30fc\u30d7\",\"\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\"],\"articleSection\":[\"AquaSecurity\",\"Kubernetes\"],\"inLanguage\":\"ja\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.creationline.com\\\/tech-blog\\\/cloudnative\\\/aquasecurity\\\/49978\",\"url\":\"https:\\\/\\\/www.creationline.com\\\/tech-blog\\\/cloudnative\\\/aquasecurity\\\/49978\",\"name\":\"CVE-2022-0811\uff1aCRI-O\u306e\u8106\u5f31\u6027\u306b\u3088\u308a\u3001\u30b3\u30f3\u30c6\u30ca\u30a8\u30b9\u30b1\u30fc\u30d7\u306e\u53ef\u80fd\u6027 #aqua #\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3 #\u30b3\u30f3\u30c6\u30ca #cve20220811 #crio #\u30b3\u30f3\u30c6\u30ca\u30a8\u30b9\u30b1\u30fc\u30d7 #k8s - Tech Blog\uff5c\u30af\u30ea\u30a8\u30fc\u30b7\u30e7\u30f3\u30e9\u30a4\u30f3\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.creationline.com\\\/tech-blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.creationline.com\\\/tech-blog\\\/cloudnative\\\/aquasecurity\\\/49978#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.creationline.com\\\/tech-blog\\\/cloudnative\\\/aquasecurity\\\/49978#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.creationline.com\\\/tech-blog\\\/cms_x3GWkuX\\\/wp-content\\\/uploads\\\/2022\\\/03\\\/02dfe9d845f4ad72295a0bb717f70913.png\",\"datePublished\":\"2022-04-04T00:00:56+00:00\",\"author\":{\"@id\":\"https:\\\/\\\/www.creationline.com\\\/tech-blog\\\/#\\\/schema\\\/person\\\/2dfcdde19e3b7cb7da7c9ae23e1b7717\"},\"description\":\"AquaSecurity, Kubernetes |\u672c\u30d6\u30ed\u30b0\u306f\u300cAqua Security\u300d\u793e\u306e\u6280\u8853\u30d6\u30ed\u30b0\u30672022\u5e743\u670817\u65e5\u306b\u516c\u958b\u3055\u308c\u305f\u300c CVE-2022-0811: CRI-O\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.creationline.com\\\/tech-blog\\\/cloudnative\\\/aquasecurity\\\/49978#breadcrumb\"},\"inLanguage\":\"ja\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.creationline.com\\\/tech-blog\\\/cloudnative\\\/aquasecurity\\\/49978\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"ja\",\"@id\":\"https:\\\/\\\/www.creationline.com\\\/tech-blog\\\/cloudnative\\\/aquasecurity\\\/49978#primaryimage\",\"url\":\"https:\\\/\\\/www.creationline.com\\\/tech-blog\\\/cms_x3GWkuX\\\/wp-content\\\/uploads\\\/2022\\\/03\\\/02dfe9d845f4ad72295a0bb717f70913.png\",\"contentUrl\":\"https:\\\/\\\/www.creationline.com\\\/tech-blog\\\/cms_x3GWkuX\\\/wp-content\\\/uploads\\\/2022\\\/03\\\/02dfe9d845f4ad72295a0bb717f70913.png\",\"width\":1299,\"height\":625},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.creationline.com\\\/tech-blog\\\/cloudnative\\\/aquasecurity\\\/49978#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"HOME\",\"item\":\"https:\\\/\\\/www.creationline.com\\\/tech-blog\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"\u30af\u30e9\u30a6\u30c9\u30cd\u30a4\u30c6\u30a3\u30d6\",\"item\":\"https:\\\/\\\/www.creationline.com\\\/tech-blog\\\/cloudnative\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"AquaSecurity\",\"item\":\"https:\\\/\\\/www.creationline.com\\\/tech-blog\\\/cloudnative\\\/aquasecurity\"},{\"@type\":\"ListItem\",\"position\":4,\"name\":\"CVE-2022-0811\uff1aCRI-O\u306e\u8106\u5f31\u6027\u306b\u3088\u308a\u3001\u30b3\u30f3\u30c6\u30ca\u30a8\u30b9\u30b1\u30fc\u30d7\u306e\u53ef\u80fd\u6027 #aqua #\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3 #\u30b3\u30f3\u30c6\u30ca #cve20220811 #crio #\u30b3\u30f3\u30c6\u30ca\u30a8\u30b9\u30b1\u30fc\u30d7 #k8s\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.creationline.com\\\/tech-blog\\\/#website\",\"url\":\"https:\\\/\\\/www.creationline.com\\\/tech-blog\\\/\",\"name\":\"Tech Blog\uff5c\u30af\u30ea\u30a8\u30fc\u30b7\u30e7\u30f3\u30e9\u30a4\u30f3\",\"description\":\"\u30a2\u30b8\u30e3\u30a4\u30eb\uff06DevOps\u3001\u30af\u30e9\u30a6\u30c9\u30cd\u30a4\u30c6\u30a3\u30d6\u3001AI\uff06LLM\u306e\u5148\u7aef\u6280\u8853\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.creationline.com\\\/tech-blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"ja\"},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.creationline.com\\\/tech-blog\\\/#\\\/schema\\\/person\\\/2dfcdde19e3b7cb7da7c9ae23e1b7717\",\"name\":\"Kent Magruder\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"ja\",\"@id\":\"https:\\\/\\\/www.creationline.com\\\/tech-blog\\\/cms_x3GWkuX\\\/wp-content\\\/uploads\\\/2021\\\/12\\\/avatar.png\",\"url\":\"https:\\\/\\\/www.creationline.com\\\/tech-blog\\\/cms_x3GWkuX\\\/wp-content\\\/uploads\\\/2021\\\/12\\\/avatar.png\",\"contentUrl\":\"https:\\\/\\\/www.creationline.com\\\/tech-blog\\\/cms_x3GWkuX\\\/wp-content\\\/uploads\\\/2021\\\/12\\\/avatar.png\",\"caption\":\"Kent Magruder\"},\"url\":\"https:\\\/\\\/www.creationline.com\\\/tech-blog\\\/author\\\/k-magruder\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"CVE-2022-0811\uff1aCRI-O\u306e\u8106\u5f31\u6027\u306b\u3088\u308a\u3001\u30b3\u30f3\u30c6\u30ca\u30a8\u30b9\u30b1\u30fc\u30d7\u306e\u53ef\u80fd\u6027 #aqua #\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3 #\u30b3\u30f3\u30c6\u30ca #cve20220811 #crio #\u30b3\u30f3\u30c6\u30ca\u30a8\u30b9\u30b1\u30fc\u30d7 #k8s - Tech Blog\uff5c\u30af\u30ea\u30a8\u30fc\u30b7\u30e7\u30f3\u30e9\u30a4\u30f3","description":"AquaSecurity, Kubernetes |\u672c\u30d6\u30ed\u30b0\u306f\u300cAqua Security\u300d\u793e\u306e\u6280\u8853\u30d6\u30ed\u30b0\u30672022\u5e743\u670817\u65e5\u306b\u516c\u958b\u3055\u308c\u305f\u300c CVE-2022-0811: CRI-O","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.creationline.com\/tech-blog\/cloudnative\/aquasecurity\/49978","og_locale":"ja_JP","og_type":"article","og_title":"CVE-2022-0811\uff1aCRI-O\u306e\u8106\u5f31\u6027\u306b\u3088\u308a\u3001\u30b3\u30f3\u30c6\u30ca\u30a8\u30b9\u30b1\u30fc\u30d7\u306e\u53ef\u80fd\u6027 #aqua #\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3 #\u30b3\u30f3\u30c6\u30ca #cve20220811 #crio #\u30b3\u30f3\u30c6\u30ca\u30a8\u30b9\u30b1\u30fc\u30d7 #k8s - Tech Blog\uff5c\u30af\u30ea\u30a8\u30fc\u30b7\u30e7\u30f3\u30e9\u30a4\u30f3","og_description":"AquaSecurity, Kubernetes |\u672c\u30d6\u30ed\u30b0\u306f\u300cAqua Security\u300d\u793e\u306e\u6280\u8853\u30d6\u30ed\u30b0\u30672022\u5e743\u670817\u65e5\u306b\u516c\u958b\u3055\u308c\u305f\u300c CVE-2022-0811: CRI-O","og_url":"https:\/\/www.creationline.com\/tech-blog\/cloudnative\/aquasecurity\/49978","og_site_name":"Tech Blog\uff5c\u30af\u30ea\u30a8\u30fc\u30b7\u30e7\u30f3\u30e9\u30a4\u30f3","article_publisher":"https:\/\/www.facebook.com\/creationline","article_published_time":"2022-04-04T00:00:56+00:00","og_image":[{"width":1299,"height":625,"url":"https:\/\/www.creationline.com\/tech-blog\/cms_x3GWkuX\/wp-content\/uploads\/2022\/03\/02dfe9d845f4ad72295a0bb717f70913.png","type":"image\/png"}],"author":"Kent Magruder","twitter_card":"summary_large_image","twitter_creator":"@creationline","twitter_site":"@creationline","twitter_misc":{"\u57f7\u7b46\u8005":"Kent Magruder","\u63a8\u5b9a\u8aad\u307f\u53d6\u308a\u6642\u9593":"1\u5206"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.creationline.com\/tech-blog\/cloudnative\/aquasecurity\/49978#article","isPartOf":{"@id":"https:\/\/www.creationline.com\/tech-blog\/cloudnative\/aquasecurity\/49978"},"author":{"name":"Kent Magruder","@id":"https:\/\/www.creationline.com\/tech-blog\/#\/schema\/person\/2dfcdde19e3b7cb7da7c9ae23e1b7717"},"headline":"CVE-2022-0811\uff1aCRI-O\u306e\u8106\u5f31\u6027\u306b\u3088\u308a\u3001\u30b3\u30f3\u30c6\u30ca\u30a8\u30b9\u30b1\u30fc\u30d7\u306e\u53ef\u80fd\u6027 #aqua #\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3 #\u30b3\u30f3\u30c6\u30ca #cve20220811 #crio #\u30b3\u30f3\u30c6\u30ca\u30a8\u30b9\u30b1\u30fc\u30d7 #k8s","datePublished":"2022-04-04T00:00:56+00:00","mainEntityOfPage":{"@id":"https:\/\/www.creationline.com\/tech-blog\/cloudnative\/aquasecurity\/49978"},"wordCount":146,"image":{"@id":"https:\/\/www.creationline.com\/tech-blog\/cloudnative\/aquasecurity\/49978#primaryimage"},"thumbnailUrl":"https:\/\/www.creationline.com\/tech-blog\/cms_x3GWkuX\/wp-content\/uploads\/2022\/03\/02dfe9d845f4ad72295a0bb717f70913.png","keywords":["aqua","AquaSecurity","crio","cve20220811","\u30b3\u30f3\u30c6\u30ca","\u30b3\u30f3\u30c6\u30ca\u30a8\u30b9\u30b1\u30fc\u30d7","\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3"],"articleSection":["AquaSecurity","Kubernetes"],"inLanguage":"ja"},{"@type":"WebPage","@id":"https:\/\/www.creationline.com\/tech-blog\/cloudnative\/aquasecurity\/49978","url":"https:\/\/www.creationline.com\/tech-blog\/cloudnative\/aquasecurity\/49978","name":"CVE-2022-0811\uff1aCRI-O\u306e\u8106\u5f31\u6027\u306b\u3088\u308a\u3001\u30b3\u30f3\u30c6\u30ca\u30a8\u30b9\u30b1\u30fc\u30d7\u306e\u53ef\u80fd\u6027 #aqua #\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3 #\u30b3\u30f3\u30c6\u30ca #cve20220811 #crio #\u30b3\u30f3\u30c6\u30ca\u30a8\u30b9\u30b1\u30fc\u30d7 #k8s - Tech Blog\uff5c\u30af\u30ea\u30a8\u30fc\u30b7\u30e7\u30f3\u30e9\u30a4\u30f3","isPartOf":{"@id":"https:\/\/www.creationline.com\/tech-blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.creationline.com\/tech-blog\/cloudnative\/aquasecurity\/49978#primaryimage"},"image":{"@id":"https:\/\/www.creationline.com\/tech-blog\/cloudnative\/aquasecurity\/49978#primaryimage"},"thumbnailUrl":"https:\/\/www.creationline.com\/tech-blog\/cms_x3GWkuX\/wp-content\/uploads\/2022\/03\/02dfe9d845f4ad72295a0bb717f70913.png","datePublished":"2022-04-04T00:00:56+00:00","author":{"@id":"https:\/\/www.creationline.com\/tech-blog\/#\/schema\/person\/2dfcdde19e3b7cb7da7c9ae23e1b7717"},"description":"AquaSecurity, Kubernetes |\u672c\u30d6\u30ed\u30b0\u306f\u300cAqua Security\u300d\u793e\u306e\u6280\u8853\u30d6\u30ed\u30b0\u30672022\u5e743\u670817\u65e5\u306b\u516c\u958b\u3055\u308c\u305f\u300c CVE-2022-0811: CRI-O","breadcrumb":{"@id":"https:\/\/www.creationline.com\/tech-blog\/cloudnative\/aquasecurity\/49978#breadcrumb"},"inLanguage":"ja","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.creationline.com\/tech-blog\/cloudnative\/aquasecurity\/49978"]}]},{"@type":"ImageObject","inLanguage":"ja","@id":"https:\/\/www.creationline.com\/tech-blog\/cloudnative\/aquasecurity\/49978#primaryimage","url":"https:\/\/www.creationline.com\/tech-blog\/cms_x3GWkuX\/wp-content\/uploads\/2022\/03\/02dfe9d845f4ad72295a0bb717f70913.png","contentUrl":"https:\/\/www.creationline.com\/tech-blog\/cms_x3GWkuX\/wp-content\/uploads\/2022\/03\/02dfe9d845f4ad72295a0bb717f70913.png","width":1299,"height":625},{"@type":"BreadcrumbList","@id":"https:\/\/www.creationline.com\/tech-blog\/cloudnative\/aquasecurity\/49978#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"HOME","item":"https:\/\/www.creationline.com\/tech-blog"},{"@type":"ListItem","position":2,"name":"\u30af\u30e9\u30a6\u30c9\u30cd\u30a4\u30c6\u30a3\u30d6","item":"https:\/\/www.creationline.com\/tech-blog\/cloudnative"},{"@type":"ListItem","position":3,"name":"AquaSecurity","item":"https:\/\/www.creationline.com\/tech-blog\/cloudnative\/aquasecurity"},{"@type":"ListItem","position":4,"name":"CVE-2022-0811\uff1aCRI-O\u306e\u8106\u5f31\u6027\u306b\u3088\u308a\u3001\u30b3\u30f3\u30c6\u30ca\u30a8\u30b9\u30b1\u30fc\u30d7\u306e\u53ef\u80fd\u6027 #aqua #\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3 #\u30b3\u30f3\u30c6\u30ca #cve20220811 #crio #\u30b3\u30f3\u30c6\u30ca\u30a8\u30b9\u30b1\u30fc\u30d7 #k8s"}]},{"@type":"WebSite","@id":"https:\/\/www.creationline.com\/tech-blog\/#website","url":"https:\/\/www.creationline.com\/tech-blog\/","name":"Tech Blog\uff5c\u30af\u30ea\u30a8\u30fc\u30b7\u30e7\u30f3\u30e9\u30a4\u30f3","description":"\u30a2\u30b8\u30e3\u30a4\u30eb\uff06DevOps\u3001\u30af\u30e9\u30a6\u30c9\u30cd\u30a4\u30c6\u30a3\u30d6\u3001AI\uff06LLM\u306e\u5148\u7aef\u6280\u8853","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.creationline.com\/tech-blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"ja"},{"@type":"Person","@id":"https:\/\/www.creationline.com\/tech-blog\/#\/schema\/person\/2dfcdde19e3b7cb7da7c9ae23e1b7717","name":"Kent Magruder","image":{"@type":"ImageObject","inLanguage":"ja","@id":"https:\/\/www.creationline.com\/tech-blog\/cms_x3GWkuX\/wp-content\/uploads\/2021\/12\/avatar.png","url":"https:\/\/www.creationline.com\/tech-blog\/cms_x3GWkuX\/wp-content\/uploads\/2021\/12\/avatar.png","contentUrl":"https:\/\/www.creationline.com\/tech-blog\/cms_x3GWkuX\/wp-content\/uploads\/2021\/12\/avatar.png","caption":"Kent Magruder"},"url":"https:\/\/www.creationline.com\/tech-blog\/author\/k-magruder"}]}},"_links":{"self":[{"href":"https:\/\/www.creationline.com\/tech-blog\/wp-json\/wp\/v2\/posts\/49978","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.creationline.com\/tech-blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.creationline.com\/tech-blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.creationline.com\/tech-blog\/wp-json\/wp\/v2\/users\/56"}],"replies":[{"embeddable":true,"href":"https:\/\/www.creationline.com\/tech-blog\/wp-json\/wp\/v2\/comments?post=49978"}],"version-history":[{"count":10,"href":"https:\/\/www.creationline.com\/tech-blog\/wp-json\/wp\/v2\/posts\/49978\/revisions"}],"predecessor-version":[{"id":50106,"href":"https:\/\/www.creationline.com\/tech-blog\/wp-json\/wp\/v2\/posts\/49978\/revisions\/50106"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.creationline.com\/tech-blog\/wp-json\/wp\/v2\/media\/49979"}],"wp:attachment":[{"href":"https:\/\/www.creationline.com\/tech-blog\/wp-json\/wp\/v2\/media?parent=49978"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.creationline.com\/tech-blog\/wp-json\/wp\/v2\/categories?post=49978"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.creationline.com\/tech-blog\/wp-json\/wp\/v2\/tags?post=49978"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}