Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.1
CVSSv3

CVE-2022-2989

Published: 13/09/2022 Updated: 12/02/2023
CVSS v3 Base Score: 7.1 | Impact Score: 5.2 | Exploitability Score: 1.8
VMScore: 0
Subscribe to Podman

Vulnerability Summary

An incorrect handling of the supplementary groups in the Podman container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to execute a binary code in that container.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

podman project podman

redhat enterprise linux 7.0

redhat openshift container platform 3.11

redhat enterprise linux 8.0

redhat openshift container platform 4.0

redhat enterprise linux 9.0

Vendor Advisories

Debian CVElist Bug Report Logs: libpod: CVE-2022-2989
Debian Bug report logs - #1019591 libpod: CVE-2022-2989 Package: src:libpod; Maintainer for src:libpod is Debian Go Packaging Team <pkg-go-maintainers@listsaliothdebianorg>; Reported by: Moritz Mühlenhoff <jmm@inutilorg> Date: Mon, 12 Sep 2022 18:39:01 UTC Severity: important Tags: security, upstream Reply ...
Red Hat: Moderate: container-tools:4.0 security and bug fix update
Synopsis Moderate: container-tools:40 security and bug fix update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for the container-tools:40 module is now available for Red Hat Enterprise Linux 8Red Hat Produc ...
Red Hat: Low: podman security, bug fix, and enhancement update
Synopsis Low: podman security, bug fix, and enhancement update Type/Severity Security Advisory: Low Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for podman is now available for Red Hat Enterprise Linux 9Red Hat Product Security has rated this update ...
Red Hat: Low: container-tools:rhel8 security, bug fix, and enhancement update
Synopsis Low: container-tools:rhel8 security, bug fix, and enhancement update Type/Severity Security Advisory: Low Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for the container-tools:rhel8 module is now available for Red Hat Enterprise Linux 8Red Ha ...
Red Hat: Moderate: buildah security and bug fix update
Synopsis Moderate: buildah security and bug fix update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for buildah is now available for Red Hat Enterprise Linux 9Red Hat Product Security has rated this update as ...

References

CWE-842https://bugzilla.redhat.com/show_bug.cgi?id=2121445https://www.benthamsgaze.org/2022/08/22/vulnerability-in-linux-containers-investigation-and-mitigation/https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019591https://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4040privilege escalationCVE-2024-4112CVE-2024-32872man-in-the-middleCVE-2024-32788bypassCVE-2024-3400CVE-2024-28976
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook