A flaw was found in Podman, where containers were started incorrectly with non-empty default permissions. A vulnerability was found in Moby (Docker Engine), where containers were started incorrectly with non-empty inheritable Linux process capabilities. This flaw allows an attacker with access to programs with inheritable file capabilities to elevate those capabilities to the permitted set when execve(2) runs.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
History
07 Nov 2023, 03:45
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
22 Jul 2022, 10:32
Type | Values Removed | Values Added |
---|---|---|
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/ - Mailing List, Third Party Advisory | |
CPE | cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.6:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.6:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:8.6:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:8.6:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.6:*:*:*:*:*:*:* cpe:2.3:a:redhat:developer_tools:1.0:*:*:*:*:*:*:* |
|
First Time |
Redhat developer Tools
|
14 May 2022, 03:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
13 May 2022, 12:20
Type | Values Removed | Values Added |
---|---|---|
First Time |
Fedoraproject
Redhat enterprise Linux For Ibm Z Systems Eus Redhat enterprise Linux Eus Redhat enterprise Linux Server Tus Fedoraproject fedora Redhat enterprise Linux For Ibm Z Systems Redhat enterprise Linux Server Update Services For Sap Solutions Redhat enterprise Linux For Power Little Endian Eus Redhat enterprise Linux For Power Little Endian Redhat enterprise Linux Server For Power Little Endian Update Services For Sap Solutions Redhat enterprise Linux Server Aus |
|
CPE | cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:8.4:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.4:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.4:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.4:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0:*:*:*:*:*:*:* |
|
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4KDETHL5XCT6RZN2BBNOCEXRZ2W3SFU3/ - Mailing List, Third Party Advisory | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/ - Mailing List, Third Party Advisory |
07 May 2022, 07:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
29 Apr 2022, 09:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
13 Apr 2022, 17:07
Type | Values Removed | Values Added |
---|---|---|
First Time |
Podman Project
Redhat enterprise Linux Podman Project podman Redhat openshift Container Platform Redhat |
|
CWE | CWE-276 | |
References | (MISC) https://github.com/containers/podman/security/advisories/GHSA-qvf8-p83w-v58j - Third Party Advisory | |
References | (MISC) https://github.com/containers/podman/commit/aafa80918a245edcbdaceb1191d749570f1872d0 - Patch, Third Party Advisory | |
References | (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=2066568 - Issue Tracking, Third Party Advisory | |
CPE | cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:* cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:* cpe:2.3:a:podman_project:podman:*:*:*:*:*:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : 6.0
v3 : 7.5 |
04 Apr 2022, 20:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-04-04 20:15
Updated : 2023-12-10 14:22
NVD link : CVE-2022-27649
Mitre link : CVE-2022-27649
CVE.ORG link : CVE-2022-27649
JSON object : View
Products Affected
redhat
- enterprise_linux
- enterprise_linux_server_aus
- enterprise_linux_server_update_services_for_sap_solutions
- enterprise_linux_for_ibm_z_systems
- enterprise_linux_for_power_little_endian_eus
- enterprise_linux_server_tus
- enterprise_linux_for_ibm_z_systems_eus
- developer_tools
- enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions
- openshift_container_platform
- enterprise_linux_eus
- enterprise_linux_for_power_little_endian
fedoraproject
- fedora
podman_project
- podman
CWE
CWE-276
Incorrect Default Permissions