Merge pull request #4303 from ranjitsinhrathod1991/fix-CVE-2022-47952

Patching an incoming CVE (CVE-2022-47952)

src/lxc/cmd/lxc_user_nic.c

@@ -1085,20 +1085,17 @@ int main(int argc, char *argv[])
 	} else if (request == LXC_USERNIC_DELETE) {
 		char opath[LXC_PROC_PID_FD_LEN];
 
-		/* Open the path with O_PATH which will not trigger an actual
-		 * open(). Don't report an errno to the caller to not leak
-		 * information whether the path exists or not.
-		 * When stracing setuid is stripped so this is not a concern
-		 * either.
-		 */
+		// Keep in mind CVE-2022-47952: It's crucial not to leak any
+		// information whether open() succeeded of failed.
+
 		netns_fd = open(args.pid, O_PATH | O_CLOEXEC);
 		if (netns_fd < 0) {
-			usernic_error("Failed to open \"%s\"\n", args.pid);
+			usernic_error("Failed while opening netns file for \"%s\"\n", args.pid);
 			_exit(EXIT_FAILURE);
 		}
 
 		if (!fhas_fs_type(netns_fd, NSFS_MAGIC)) {
-			usernic_error("Path \"%s\" does not refer to a network namespace path\n", args.pid);
+			usernic_error("Failed while opening netns file for \"%s\"\n", args.pid);
 			close(netns_fd);
 			_exit(EXIT_FAILURE);
 		}
@@ -1112,7 +1109,7 @@ int main(int argc, char *argv[])
 		/* Now get an fd that we can use in setns() calls. */
 		ret = open(opath, O_RDONLY | O_CLOEXEC);
 		if (ret < 0) {
-			CMD_SYSERROR("Failed to open \"%s\"\n", args.pid);
+			CMD_SYSERROR("Failed while opening netns file for \"%s\"\n", args.pid);
 			close(netns_fd);
 			_exit(EXIT_FAILURE);
 		}