CVE-2022-27650

CVSS v3.1 7.5 (High)

CVSS v2.0 6 (Medium)

EPSS 0.23 % (61^th)

Affected Products 4

Advisories 10

A flaw was found in crun where containers were incorrectly started with non-empty default permissions. A vulnerability was found in Moby (Docker Engine) where containers were started incorrectly with non-empty inheritable Linux process capabilities. This flaw allows an attacker with access to programs with inheritable file capabilities to elevate those capabilities to the permitted set when execve(2) runs.

Weaknesses

CWE-276: Incorrect Default Permissions

CVE Status: PUBLISHED
CNA: Red Hat, Inc.
Published Date: 2022-04-04 20:15:10
(2 years ago)
Updated Date: 2023-11-07 03:45:22
(10 months ago)

Affected Products

Crun Project

Crun

Fedoraproject

Fedora

Redhat

Configuration #1

		CPE23	From	Up To
	Crun Project Crun prior 1.4.4 version	cpe:2.3:a:crun_project:crun		< 1.4.4

Configuration #2

		CPE23	From	Up To
	Fedoraproject Fedora 34	cpe:2.3:o:fedoraproject:fedora:34

Configuration #3

		CPE23	From	Up To
	Redhat Openshift Container Platform 4.0	cpe:2.3:a:redhat:openshift_container_platform:4.0
	Redhat Enterprise Linux 8.0	cpe:2.3:o:redhat:enterprise_linux:8.0