← Retour aux CVEs
CVE-2022-27652
MEDIUM5.3
Description
A flaw was found in cri-o, where containers were incorrectly started with non-empty default permissions. A vulnerability was found in Moby (Docker Engine) where containers started incorrectly with non-empty inheritable Linux process capabilities. This flaw allows an attacker with access to programs with inheritable file capabilities to elevate those capabilities to the permitted set when execve(2) runs.
Details CVE
Score CVSS v3.15.3
SeveriteMEDIUM
Vecteur CVSSCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Vecteur d'attaqueLOCAL
ComplexiteLOW
Privileges requisLOW
Interaction utilisateurNONE
Publie4/18/2022
Derniere modification11/21/2024
Sourcenvd
Observations honeypot0
Produits affectes
fedoraproject:fedorakubernetes:cri-omobyproject:mobyredhat:openshift_container_platform
Faiblesses (CWE)
CWE-276CWE-276
References
https://bugzilla.redhat.com/show_bug.cgi?id=2066839(secalert@redhat.com)
https://github.com/cri-o/cri-o/security/advisories/GHSA-4hj2-r2pm-3hc6(secalert@redhat.com)
https://bugzilla.redhat.com/show_bug.cgi?id=2066839(af854a3a-2127-422b-91ae-364da2661108)
https://github.com/cri-o/cri-o/security/advisories/GHSA-4hj2-r2pm-3hc6(af854a3a-2127-422b-91ae-364da2661108)
Correlations IOC
Aucune correlation enregistree
This product uses data from the NVD API but is not endorsed or certified by the NVD.