ALT-PU-2022-1658-1
Closed vulnerabilities
Modified: 2024-11-21
CVE-2022-1227
A privilege escalation flaw was found in Podman. This flaw allows an attacker to publish a malicious image to a public registry. Once this image is downloaded by a potential victim, the vulnerability is triggered after a user runs the 'podman top' command. This action gives the attacker access to the host filesystem, leading to information disclosure or denial of service.
- https://bugzilla.redhat.com/show_bug.cgi?id=2070368
- https://bugzilla.redhat.com/show_bug.cgi?id=2070368
- https://github.com/containers/podman/issues/10941
- https://github.com/containers/podman/issues/10941
- FEDORA-2022-5e637f6cc6
- FEDORA-2022-5e637f6cc6
- https://security.netapp.com/advisory/ntap-20240628-0001/
- https://security.netapp.com/advisory/ntap-20240628-0001/
Modified: 2024-11-21
CVE-2022-27649
A flaw was found in Podman, where containers were started incorrectly with non-empty default permissions. A vulnerability was found in Moby (Docker Engine), where containers were started incorrectly with non-empty inheritable Linux process capabilities. This flaw allows an attacker with access to programs with inheritable file capabilities to elevate those capabilities to the permitted set when execve(2) runs.
- https://bugzilla.redhat.com/show_bug.cgi?id=2066568
- https://bugzilla.redhat.com/show_bug.cgi?id=2066568
- https://github.com/containers/podman/commit/aafa80918a245edcbdaceb1191d749570f1872d0
- https://github.com/containers/podman/commit/aafa80918a245edcbdaceb1191d749570f1872d0
- https://github.com/containers/podman/security/advisories/GHSA-qvf8-p83w-v58j
- https://github.com/containers/podman/security/advisories/GHSA-qvf8-p83w-v58j
- FEDORA-2022-2067702f06
- FEDORA-2022-2067702f06
- FEDORA-2022-5e637f6cc6
- FEDORA-2022-5e637f6cc6
- FEDORA-2022-c87047f163
- FEDORA-2022-c87047f163