Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv3

CVE-2022-27650

Published: 04/04/2022 Updated: 07/11/2023
CVSS v2 Base Score: 6 | Impact Score: 6.4 | Exploitability Score: 6.8
CVSS v3 Base Score: 7.5 | Impact Score: 5.9 | Exploitability Score: 1.6
VMScore: 534
Vector: AV:N/AC:M/Au:S/C:P/I:P/A:P
Subscribe to Crun

Vulnerability Summary

A flaw was found in crun where containers were incorrectly started with non-empty default permissions. A vulnerability was found in Moby (Docker Engine) where containers were started incorrectly with non-empty inheritable Linux process capabilities. This flaw allows an attacker with access to programs with inheritable file capabilities to elevate those capabilities to the permitted set when execve(2) runs.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

crun project crun

fedoraproject fedora 34

redhat enterprise linux 8.0

redhat openshift container platform 4.0

Vendor Advisories

Debian CVElist Bug Report Logs: crun: CVE-2022-27650
Debian Bug report logs - #1009881 crun: CVE-2022-27650 Package: src:crun; Maintainer for src:crun is Dmitry Smirnov <onlyjob@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Tue, 19 Apr 2022 19:51:02 UTC Severity: important Tags: security, upstream Found in versions crun/017+dfsg-11, crun/0 ...
Red Hat: Moderate: container-tools:3.0 security and bug fix update
Synopsis Moderate: container-tools:30 security and bug fix update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for the container-tools:30 module is now available for Red Hat Enterprise Linux 8Red Hat Produc ...
Red Hat: Important: container-tools:rhel8 security, bug fix, and enhancement update
Synopsis Important: container-tools:rhel8 security, bug fix, and enhancement update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for the container-tools:rhel8 module is now available for Red Hat Enterprise Li ...
Red Hat:
A flaw was found in crun where containers were incorrectly started with non-empty default permissions A vulnerability was found in Moby (Docker Engine) where containers were started incorrectly with non-empty inheritable Linux process capabilities This flaw allows an attacker with access to programs with inheritable file capabilities to elevate t ...

References

CWE-276https://bugzilla.redhat.com/show_bug.cgi?id=2066845https://github.com/containers/crun/commit/1aeeed2e4fdeffb4875c0d0b439915894594c8c6https://github.com/containers/crun/security/advisories/GHSA-wr4f-w546-m398https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYIGABCZ7ZHAG2XCOGITTQRJU2ASWMFA/https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1009881https://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site request forgeryCVE-2024-34351CVE-2024-1076CVE-2024-25522CVE-2024-34547CVE-2024-4644unauthorizedremoteCVE-2024-4671
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook