Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2022-2990 (GCVE-0-2022-2990)
Vulnerability from cvelistv5 – Published: 2022-09-13 13:44 – Updated: 2024-08-03 00:53
VLAI?
EPSS
Summary
An incorrect handling of the supplementary groups in the Buildah container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to execute a binary code in that container.
Severity ?
No CVSS data available.
CWE
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T00:53:00.654Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.benthamsgaze.org/2022/08/22/vulnerability-in-linux-containers-investigation-and-mitigation/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2121453"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "buildah",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "no fixed version known"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An incorrect handling of the supplementary groups in the Buildah container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to execute a binary code in that container."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-842",
"description": "CWE-842",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-13T13:44:21",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.benthamsgaze.org/2022/08/22/vulnerability-in-linux-containers-investigation-and-mitigation/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2121453"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2022-2990",
"datePublished": "2022-09-13T13:44:21",
"dateReserved": "2022-08-25T00:00:00",
"dateUpdated": "2024-08-03T00:53:00.654Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-2990
Vulnerability from osv_almalinux
Published
2022-11-15 00:00
Modified
2022-11-18 05:11
Summary
Moderate: buildah security and bug fix update
Details
The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a Dockerfile; Build both Docker and OCI images.
Security Fix(es):
- containers/storage: DoS via malicious image (CVE-2021-20291)
- golang: net: lookup functions may return invalid host names (CVE-2021-33195)
- golang: net/http/httputil: ReverseProxy forwards connection headers if first one is empty (CVE-2021-33197)
- golang: math/big.Rat: may cause a panic or an unrecoverable fatal error if passed inputs with very large exponents (CVE-2021-33198)
- golang: crash in a golang.org/x/crypto/ssh server (CVE-2022-27191)
- podman: possible information disclosure and modification (CVE-2022-2989)
- buildah: possible information disclosure and modification (CVE-2022-2990)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.
{
"affected": [
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "buildah"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:1.27.0-2.el9"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "buildah-tests"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:1.27.0-2.el9"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"details": "The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a Dockerfile; Build both Docker and OCI images. \n\nSecurity Fix(es):\n\n* containers/storage: DoS via malicious image (CVE-2021-20291)\n* golang: net: lookup functions may return invalid host names (CVE-2021-33195)\n* golang: net/http/httputil: ReverseProxy forwards connection headers if first one is empty (CVE-2021-33197)\n* golang: math/big.Rat: may cause a panic or an unrecoverable fatal error if passed inputs with very large exponents (CVE-2021-33198)\n* golang: crash in a golang.org/x/crypto/ssh server (CVE-2022-27191)\n* podman: possible information disclosure and modification (CVE-2022-2989)\n* buildah: possible information disclosure and modification (CVE-2022-2990)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.",
"id": "ALSA-2022:8008",
"modified": "2022-11-18T05:11:27Z",
"published": "2022-11-15T00:00:00Z",
"references": [
{
"type": "ADVISORY",
"url": "https://access.redhat.com/errata/RHSA-2022:8008"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2021-20291"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2021-33195"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2021-33197"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2021-33198"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-27191"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-2989"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-2990"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/1939485"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/1989564"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/1989570"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/1989575"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2064702"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2121445"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2121453"
},
{
"type": "ADVISORY",
"url": "https://errata.almalinux.org/9/ALSA-2022-8008.html"
}
],
"related": [
"CVE-2021-20291",
"CVE-2021-33195",
"CVE-2021-33197",
"CVE-2021-33198",
"CVE-2022-27191",
"CVE-2022-2989",
"CVE-2022-2990"
],
"summary": "Moderate: buildah security and bug fix update"
}
CVE-2022-2990
Vulnerability from osv_almalinux
Published
2022-11-15 00:00
Modified
2023-09-15 13:41
Summary
Low: podman security, bug fix, and enhancement update
Details
The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes.
Security Fix(es):
- podman: possible information disclosure and modification (CVE-2022-2989)
- buildah: possible information disclosure and modification (CVE-2022-2990)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
- (podman image trust) does not support the new trust type "sigstoreSigned " (BZ#2120436)
- dnf-update broken for podman/catatonit (BZ#2123319)
- podman creates lock file in /etc/cni/net.d/cni.lock instead of /run/lock/ (BZ#2123905)
- podman kill may deadlock [AlmaLinux 9.1] (BZ#2124716)
- containers config.json gets empty after sudden power loss (BZ#2136278)
- PANIC podman API service endpoint handler panic (BZ#2136287)
Enhancement(s):
- Podman volume plugin timeout should be configurable [almalinux-9.1.0 Z] (BZ#2124676)
- [RFE]Podman support to perform custom actions on unhealthy containers (BZ#2136281)
{
"affected": [
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "podman"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2:4.2.0-7.el9_1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "podman-catatonit"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2:4.2.0-7.el9_1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "podman-docker"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2:4.2.0-7.el9_1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "podman-gvproxy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2:4.2.0-7.el9_1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "podman-plugins"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2:4.2.0-7.el9_1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "podman-remote"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2:4.2.0-7.el9_1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "podman-tests"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2:4.2.0-7.el9_1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"details": "The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes.\n\nSecurity Fix(es):\n\n* podman: possible information disclosure and modification (CVE-2022-2989)\n* buildah: possible information disclosure and modification (CVE-2022-2990)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* (podman image trust) does not support the new trust type \"sigstoreSigned \" (BZ#2120436)\n* dnf-update broken for podman/catatonit (BZ#2123319)\n* podman creates lock file in /etc/cni/net.d/cni.lock instead of /run/lock/ (BZ#2123905)\n* podman kill may deadlock [AlmaLinux 9.1] (BZ#2124716)\n* containers config.json gets empty after sudden power loss (BZ#2136278)\n* PANIC podman API service endpoint handler panic (BZ#2136287)\n\nEnhancement(s):\n\n* Podman volume plugin timeout should be configurable [almalinux-9.1.0 Z] (BZ#2124676)\n* [RFE]Podman support to perform custom actions on unhealthy containers (BZ#2136281)",
"id": "ALSA-2022:8431",
"modified": "2023-09-15T13:41:48Z",
"published": "2022-11-15T00:00:00Z",
"references": [
{
"type": "ADVISORY",
"url": "https://access.redhat.com/errata/RHSA-2022:8431"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-2989"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-2990"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2121445"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2121453"
},
{
"type": "ADVISORY",
"url": "https://errata.almalinux.org/9/ALSA-2022-8431.html"
}
],
"related": [
"CVE-2022-2989",
"CVE-2022-2990"
],
"summary": "Low: podman security, bug fix, and enhancement update"
}
CVE-2022-2990
Vulnerability from osv_almalinux
Published
2022-11-08 00:00
Modified
2023-01-03 12:15
Summary
Low: container-tools:rhel8 security, bug fix, and enhancement update
Details
The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc.
Security Fix(es):
- podman: possible information disclosure and modification (CVE-2022-2989)
- buildah: possible information disclosure and modification (CVE-2022-2990)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
- podman creates lock file in /etc/cni/net.d/cni.lock instead of /run/lock/ (BZ#2125644)
- (podman image trust) does not support the new trust type "sigstoreSigned " (BZ#2125645)
- podman kill may deadlock (BZ#2125647)
- Error: runc: exec failed: unable to start container process: open /dev/pts/0: operation not permitted: OCI permission denied [AlmaLinux 8.7] (BZ#2125648)
- containers-common-1-44 is missing RPM-GPG-KEY-AlmaLinux-beta [AlmaLinux 8.7] (BZ#2125686)
- ADD Dockerfile reference is not validating HTTP status code [rhel8-8.7.0] (BZ#2129767)
- Two aardvark-dns instances trying to use the same port on the same interface. [rhel-8.7.0.z] (netavark) (BZ#2130234)
- containers config.json gets empty after sudden power loss (BZ#2130236)
- PANIC podman API service endpoint handler panic (BZ#2132412)
- Podman container got global IPv6 address unexpectedly even when macvlan network is created for pure IPv4 network (BZ#2133390)
- Skopeo push image to AlmaLinux quay with sigstore was failed (BZ#2136406)
- Podman push image to AlmaLinux quay with sigstore was failed (BZ#2136433)
- Buildah push image to AlmaLinux quay with sigstore was failed (BZ#2136438)
- Two aardvark-dns instances trying to use the same port on the same interface. [rhel-8.8] (aardvark-dns) (BZ#2137295)
Enhancement(s):
- [RFE]Podman support to perform custom actions on unhealthy containers (BZ#2130911)
- [RFE] python-podman: Podman support to perform custom actions on unhealthy containers (BZ#2132360)
- Podman volume plugin timeout should be configurable (BZ#2132992)
{
"affected": [
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "aardvark-dns"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2:1.1.0-5.module_el8.7.0+3344+484dae7b"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "buildah"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:1.27.2-2.module_el8.7.0+3348+f3135399"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "buildah-tests"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:1.27.2-2.module_el8.7.0+3348+f3135399"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "cockpit-podman"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "53-1.module_el8.7.0+3344+484dae7b"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "conmon"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3:2.1.4-1.module_el8.7.0+3344+484dae7b"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "container-selinux"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2:2.189.0-1.module_el8.7.0+3407+95aa0ca9"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "container-selinux"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2:2.189.0-1.module_el8.7.0+3344+5bcd850f"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "containernetworking-plugins"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:1.1.1-3.module_el8.6.0+3070+1510fbd1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "containernetworking-plugins"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:1.1.1-3.module_el8.6.0+3128+1510fbd1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "containers-common"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2:1-43.module_el8.7.0+3344+484dae7b"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "crit"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.15-3.module_el8.6.0+2751+06427ca3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "crit"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.15-3.module_el8.7.0+3407+95aa0ca9"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "criu"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.15-3.module_el8.6.0+2751+06427ca3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "criu"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.15-3.module_el8.7.0+3407+95aa0ca9"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "criu-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.15-3.module_el8.7.0+3407+95aa0ca9"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "criu-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.15-3.module_el8.6.0+2751+06427ca3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "criu-libs"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.15-3.module_el8.6.0+2751+06427ca3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "criu-libs"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.15-3.module_el8.7.0+3407+95aa0ca9"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "crun"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.5-1.module_el8.7.0+3407+95aa0ca9"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "crun"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.5-1.module_el8.6.0+3336+00d107d5"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "fuse-overlayfs"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.9-1.module_el8.7.0+3407+95aa0ca9"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "fuse-overlayfs"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.9-1.module_el8.6.0+3070+1510fbd1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libslirp"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.4.0-1.module_el8.6.0+2877+8e437bf5"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libslirp"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.4.0-1.module_el8.7.0+3407+95aa0ca9"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libslirp-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.4.0-1.module_el8.6.0+2877+8e437bf5"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libslirp-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.4.0-1.module_el8.7.0+3407+95aa0ca9"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "netavark"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2:1.1.0-7.module_el8.7.0+3344+484dae7b"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "oci-seccomp-bpf-hook"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.2.6-1.module_el8.6.0+3336+00d107d5"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "podman"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3:4.2.0-4.module_el8.7.0+3344+484dae7b"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "podman-catatonit"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3:4.2.0-4.module_el8.7.0+3344+484dae7b"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "podman-docker"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3:4.2.0-4.module_el8.7.0+3344+484dae7b"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "podman-gvproxy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3:4.2.0-4.module_el8.7.0+3344+484dae7b"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "podman-plugins"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3:4.2.0-4.module_el8.7.0+3344+484dae7b"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "podman-remote"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3:4.2.0-4.module_el8.7.0+3344+484dae7b"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "podman-tests"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3:4.2.0-4.module_el8.7.0+3344+484dae7b"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "python3-criu"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.15-3.module_el8.7.0+3407+95aa0ca9"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "python3-criu"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.15-3.module_el8.6.0+2751+06427ca3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "python3-podman"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.2.1-1.module_el8.7.0+3344+484dae7b"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "runc"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:1.1.4-1.module_el8.7.0+3344+484dae7b"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "skopeo"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2:1.9.3-1.module_el8.7.0+3344+484dae7b"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "skopeo-tests"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2:1.9.3-1.module_el8.7.0+3344+484dae7b"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "slirp4netns"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.2.0-2.module_el8.6.0+3070+1510fbd1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "slirp4netns"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.2.0-2.module_el8.6.0+3128+1510fbd1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "toolbox"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.0.99.3-0.6.module_el8.6.0+3070+1510fbd1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "toolbox"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.0.99.3-0.6.module_el8.6.0+3128+1510fbd1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "toolbox-tests"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.0.99.3-0.6.module_el8.6.0+3070+1510fbd1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "toolbox-tests"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.0.99.3-0.6.module_el8.6.0+3128+1510fbd1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "udica"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.2.6-3.module_el8.7.0+3344+484dae7b"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"details": "The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc.\n\nSecurity Fix(es):\n\n* podman: possible information disclosure and modification (CVE-2022-2989)\n* buildah: possible information disclosure and modification (CVE-2022-2990)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* podman creates lock file in /etc/cni/net.d/cni.lock instead of /run/lock/ (BZ#2125644)\n* (podman image trust) does not support the new trust type \"sigstoreSigned \" (BZ#2125645)\n* podman kill may deadlock (BZ#2125647)\n* Error: runc: exec failed: unable to start container process: open /dev/pts/0: operation not permitted: OCI permission denied [AlmaLinux 8.7] (BZ#2125648)\n* containers-common-1-44 is missing RPM-GPG-KEY-AlmaLinux-beta [AlmaLinux 8.7] (BZ#2125686)\n* ADD Dockerfile reference is not validating HTTP status code [rhel8-8.7.0] (BZ#2129767)\n* Two aardvark-dns instances trying to use the same port on the same interface. [rhel-8.7.0.z] (netavark) (BZ#2130234)\n* containers config.json gets empty after sudden power loss (BZ#2130236)\n* PANIC podman API service endpoint handler panic (BZ#2132412)\n* Podman container got global IPv6 address unexpectedly even when macvlan network is created for pure IPv4 network (BZ#2133390)\n* Skopeo push image to AlmaLinux quay with sigstore was failed (BZ#2136406)\n* Podman push image to AlmaLinux quay with sigstore was failed (BZ#2136433)\n* Buildah push image to AlmaLinux quay with sigstore was failed (BZ#2136438)\n* Two aardvark-dns instances trying to use the same port on the same interface. [rhel-8.8] (aardvark-dns) (BZ#2137295)\n\nEnhancement(s):\n\n* [RFE]Podman support to perform custom actions on unhealthy containers (BZ#2130911)\n* [RFE] python-podman: Podman support to perform custom actions on unhealthy containers (BZ#2132360)\n* Podman volume plugin timeout should be configurable (BZ#2132992)",
"id": "ALSA-2022:7822",
"modified": "2023-01-03T12:15:28Z",
"published": "2022-11-08T00:00:00Z",
"references": [
{
"type": "ADVISORY",
"url": "https://access.redhat.com/errata/RHSA-2022:7822"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-2989"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-2990"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2121445"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2121453"
},
{
"type": "ADVISORY",
"url": "https://errata.almalinux.org/8/ALSA-2022-7822.html"
}
],
"related": [
"CVE-2022-2989",
"CVE-2022-2990"
],
"summary": "Low: container-tools:rhel8 security, bug fix, and enhancement update"
}
GHSA-FJM8-M7M6-2FJP
Vulnerability from github – Published: 2022-09-14 00:00 – Updated: 2022-09-16 21:39
VLAI?
Summary
Buildah's incorrect handling of the supplementary groups may lead to data disclosure, modification
Details
An incorrect handling of the supplementary groups in the Buildah container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to execute a binary code in that container.
Severity ?
7.1 (High)
{
"affected": [
{
"package": {
"ecosystem": "Go",
"name": "github.com/containers/buildah"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.27.1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2022-2990"
],
"database_specific": {
"cwe_ids": [
"CWE-842",
"CWE-863"
],
"github_reviewed": true,
"github_reviewed_at": "2022-09-15T03:24:17Z",
"nvd_published_at": "2022-09-13T14:15:00Z",
"severity": "HIGH"
},
"details": "An incorrect handling of the supplementary groups in the Buildah container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to execute a binary code in that container.",
"id": "GHSA-fjm8-m7m6-2fjp",
"modified": "2022-09-16T21:39:13Z",
"published": "2022-09-14T00:00:48Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2990"
},
{
"type": "WEB",
"url": "https://github.com/containers/buildah/pull/4200"
},
{
"type": "WEB",
"url": "https://github.com/containers/buildah/commit/4a8bf740e862f2438279c6feee2ea59ddf0cda0b"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/CVE-2022-2990"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2121453"
},
{
"type": "PACKAGE",
"url": "https://github.com/containers/buildah"
},
{
"type": "WEB",
"url": "https://pkg.go.dev/vuln/GO-2022-1008"
},
{
"type": "WEB",
"url": "https://www.benthamsgaze.org/2022/08/22/vulnerability-in-linux-containers-investigation-and-mitigation"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"type": "CVSS_V3"
}
],
"summary": "Buildah\u0027s incorrect handling of the supplementary groups may lead to data disclosure, modification"
}
GSD-2022-2990
Vulnerability from gsd - Updated: 2023-12-13 01:19Details
An incorrect handling of the supplementary groups in the Buildah container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to execute a binary code in that container.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2022-2990",
"description": "An incorrect handling of the supplementary groups in the Buildah container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to execute a binary code in that container.",
"id": "GSD-2022-2990",
"references": [
"https://www.suse.com/security/cve/CVE-2022-2990.html",
"https://access.redhat.com/errata/RHSA-2022:7457",
"https://access.redhat.com/errata/RHSA-2022:7822",
"https://access.redhat.com/errata/RHSA-2022:8008",
"https://access.redhat.com/errata/RHSA-2022:8431"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2022-2990"
],
"details": "An incorrect handling of the supplementary groups in the Buildah container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to execute a binary code in that container.",
"id": "GSD-2022-2990",
"modified": "2023-12-13T01:19:19.923208Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2022-2990",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "buildah",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "no fixed version known"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An incorrect handling of the supplementary groups in the Buildah container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to execute a binary code in that container."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"cweId": "CWE-842",
"lang": "eng",
"value": "CWE-842"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.benthamsgaze.org/2022/08/22/vulnerability-in-linux-containers-investigation-and-mitigation/",
"refsource": "MISC",
"url": "https://www.benthamsgaze.org/2022/08/22/vulnerability-in-linux-containers-investigation-and-mitigation/"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2121453",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2121453"
}
]
}
},
"gitlab.com": {
"advisories": [
{
"affected_range": "\u003cv1.27.1",
"affected_versions": "All versions before 1.27.1",
"cvss_v3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"cwe_ids": [
"CWE-1035",
"CWE-78",
"CWE-863",
"CWE-937"
],
"date": "2022-09-15",
"description": "An incorrect handling of the supplementary groups in the Buildah container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to execute a binary code in that container.",
"fixed_versions": [
"v1.27.1"
],
"identifier": "CVE-2022-2990",
"identifiers": [
"GHSA-fjm8-m7m6-2fjp",
"CVE-2022-2990"
],
"not_impacted": "All versions starting from 1.27.1",
"package_slug": "go/github.com/containers/buildah",
"pubdate": "2022-09-14",
"solution": "Upgrade to version 1.27.1 or above.",
"title": "Incorrect Authorization",
"urls": [
"https://nvd.nist.gov/vuln/detail/CVE-2022-2990",
"https://bugzilla.redhat.com/show_bug.cgi?id=2121453",
"https://www.benthamsgaze.org/2022/08/22/vulnerability-in-linux-containers-investigation-and-mitigation/",
"https://github.com/containers/buildah/pull/4200",
"https://github.com/containers/buildah/commit/4a8bf740e862f2438279c6feee2ea59ddf0cda0b",
"https://github.com/advisories/GHSA-fjm8-m7m6-2fjp"
],
"uuid": "1045b40a-f649-44e8-8ec4-eadda1c7d6a0",
"versions": [
{
"commit": {
"sha": "b6272ec51ca3b4de058679fe48b62c8bfc95eec3",
"tags": [
"v1.27.1"
],
"timestamp": "20220909100515"
},
"number": "v1.27.1"
}
]
}
]
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:buildah_project:buildah:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.27.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2022-2990"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "An incorrect handling of the supplementary groups in the Buildah container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to execute a binary code in that container."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-842"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.benthamsgaze.org/2022/08/22/vulnerability-in-linux-containers-investigation-and-mitigation/",
"refsource": "MISC",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.benthamsgaze.org/2022/08/22/vulnerability-in-linux-containers-investigation-and-mitigation/"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2121453",
"refsource": "MISC",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2121453"
}
]
}
},
"impact": {
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2
}
},
"lastModifiedDate": "2023-02-12T22:15Z",
"publishedDate": "2022-09-13T14:15Z"
}
}
}
FKIE_CVE-2022-2990
Vulnerability from fkie_nvd - Published: 2022-09-13 14:15 - Updated: 2024-11-21 07:02
Severity ?
Summary
An incorrect handling of the supplementary groups in the Buildah container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to execute a binary code in that container.
References
| URL | Tags | ||
|---|---|---|---|
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=2121453 | Exploit, Issue Tracking, Patch, Third Party Advisory | |
| secalert@redhat.com | https://www.benthamsgaze.org/2022/08/22/vulnerability-in-linux-containers-investigation-and-mitigation/ | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=2121453 | Exploit, Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.benthamsgaze.org/2022/08/22/vulnerability-in-linux-containers-investigation-and-mitigation/ | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| buildah_project | buildah | * | |
| redhat | openshift_container_platform | 4.0 | |
| redhat | enterprise_linux | 7.0 | |
| redhat | enterprise_linux | 8.0 | |
| redhat | enterprise_linux | 9.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:buildah_project:buildah:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6BD601F2-7106-4CA2-8C32-023ECD5EC5ED",
"versionEndExcluding": "1.27.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "932D137F-528B-4526-9A89-CD59FA1AB0FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An incorrect handling of the supplementary groups in the Buildah container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to execute a binary code in that container."
},
{
"lang": "es",
"value": "Un manejo incorrecto de los grupos suplementarios en el motor de contenedores de Buildah podr\u00eda conllevar a una divulgaci\u00f3n de informaci\u00f3n confidencial o una posible modificaci\u00f3n de datos si un atacante presenta acceso directo al contenedor afectado donde son usados los grupos suplementarios para establecer los permisos de acceso y es capaz de ejecutar un c\u00f3digo binario en ese contenedor"
}
],
"id": "CVE-2022-2990",
"lastModified": "2024-11-21T07:02:02.697",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-09-13T14:15:08.747",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2121453"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.benthamsgaze.org/2022/08/22/vulnerability-in-linux-containers-investigation-and-mitigation/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2121453"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.benthamsgaze.org/2022/08/22/vulnerability-in-linux-containers-investigation-and-mitigation/"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-842"
}
],
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-863"
}
],
"source": "nvd@nist.gov",
"type": "Secondary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…