Published: 18/04/2022 Updated: 27/04/2022

CVSS v2 Base Score: 4.6 | Impact Score: 6.4 | Exploitability Score: 3.9

CVSS v3 Base Score: 5.3 | Impact Score: 3.4 | Exploitability Score: 1.8

VMScore: 409

Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P

A flaw was found in cri-o, where containers were incorrectly started with non-empty default permissions. A vulnerability was found in Moby (Docker Engine) where containers started incorrectly with non-empty inheritable Linux process capabilities. This flaw allows an attacker with access to programs with inheritable file capabilities to elevate those capabilities to the permitted set when execve(2) runs.

Vulnerable Product	Search on Vulmon	Subscribe to Product
kubernetes cri-o -
fedoraproject fedora 35
mobyproject moby
redhat openshift container platform 3.11
redhat openshift container platform 4.0

Synopsis Moderate: OpenShift Container Platform 41012 security update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic Red Hat OpenShift Container Platform release 41012 is now available withupdates to packages and imag ...

A flaw was found in cri-o, where containers were incorrectly started with non-empty default permissions A vulnerability was found in Moby (Docker Engine) where containers started incorrectly with non-empty inheritable Linux process capabilities This flaw allows an attacker with access to programs with inheritable file capabilities to elevate thos ...

CWE-276 https://github.com/cri-o/cri-o/security/advisories/GHSA-4hj2-r2pm-3hc6 https://bugzilla.redhat.com/show_bug.cgi?id=2066839 https://access.redhat.com/errata/RHSA-2022:1600 https://nvd.nist.gov

CVE-2022-27652

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect