High severityNVD Advisory· Published Apr 29, 2022· Updated Aug 2, 2024
CVE-2022-1227
CVE-2022-1227
Description
A privilege escalation flaw was found in Podman. This flaw allows an attacker to publish a malicious image to a public registry. Once this image is downloaded by a potential victim, the vulnerability is triggered after a user runs the 'podman top' command. This action gives the attacker access to the host filesystem, leading to information disclosure or denial of service.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
github.com/containers/podman/v3Go | < 3.4 | 3.4 |
github.com/containers/psgoGo | < 1.7.2 | 1.7.2 |
Affected products
46- ghsa-coords45 versionspkg:golang/github.com/containers/podman/v3pkg:golang/github.com/containers/psgopkg:rpm/almalinux/aardvark-dnspkg:rpm/almalinux/buildahpkg:rpm/almalinux/buildah-testspkg:rpm/almalinux/cockpit-podmanpkg:rpm/almalinux/conmonpkg:rpm/almalinux/containernetworking-pluginspkg:rpm/almalinux/containers-commonpkg:rpm/almalinux/container-selinuxpkg:rpm/almalinux/critpkg:rpm/almalinux/criupkg:rpm/almalinux/criu-develpkg:rpm/almalinux/criu-libspkg:rpm/almalinux/crunpkg:rpm/almalinux/fuse-overlayfspkg:rpm/almalinux/libslirppkg:rpm/almalinux/libslirp-develpkg:rpm/almalinux/netavarkpkg:rpm/almalinux/oci-seccomp-bpf-hookpkg:rpm/almalinux/podmanpkg:rpm/almalinux/podman-catatonitpkg:rpm/almalinux/podman-dockerpkg:rpm/almalinux/podman-gvproxypkg:rpm/almalinux/podman-pluginspkg:rpm/almalinux/podman-remotepkg:rpm/almalinux/podman-testspkg:rpm/almalinux/python3-criupkg:rpm/almalinux/python3-podmanpkg:rpm/almalinux/runcpkg:rpm/almalinux/skopeopkg:rpm/almalinux/skopeo-testspkg:rpm/almalinux/slirp4netnspkg:rpm/almalinux/toolboxpkg:rpm/almalinux/toolbox-testspkg:rpm/almalinux/udicapkg:rpm/opensuse/podman&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/podman&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/podman&distro=openSUSE%20Leap%20Micro%205.2pkg:rpm/opensuse/podman&distro=openSUSE%20Tumbleweedpkg:rpm/suse/podman&distro=SUSE%20Enterprise%20Storage%207.1pkg:rpm/suse/podman&distro=SUSE%20Linux%20Enterprise%20Micro%205.1pkg:rpm/suse/podman&distro=SUSE%20Linux%20Enterprise%20Micro%205.2pkg:rpm/suse/podman&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Containers%2015%20SP3pkg:rpm/suse/podman&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Containers%2015%20SP4
< 3.4+ 44 more
- (no CPE)range: < 3.4
- (no CPE)range: < 1.7.2
- (no CPE)range: < 2:1.0.1-27.module_el8.6.0+2878+e681bc44
- (no CPE)range: < 1:1.24.2-4.module_el8.6.0+2878+e681bc44
- (no CPE)range: < 1:1.24.2-4.module_el8.6.0+2878+e681bc44
- (no CPE)range: < 43-1.module_el8.6.0+2877+8e437bf5
- (no CPE)range: < 2:2.1.0-1.module_el8.6.0+2877+8e437bf5
- (no CPE)range: < 1:1.0.1-2.module_el8.6.0+2878+e681bc44
- (no CPE)range: < 2:1-27.module_el8.6.0+2878+e681bc44
- (no CPE)range: < 2:2.179.1-1.module_el8.6.0+2878+e681bc44
- (no CPE)range: < 3.15-3.module_el8.6.0+2751+06427ca3
- (no CPE)range: < 3.15-3.module_el8.6.0+2877+8e437bf5
- (no CPE)range: < 3.15-3.module_el8.6.0+2751+06427ca3
- (no CPE)range: < 3.15-3.module_el8.6.0+2751+06427ca3
- (no CPE)range: < 1.4.4-1.module_el8.6.0+2877+8e437bf5
- (no CPE)range: < 1.8.2-1.module_el8.6.0+2877+8e437bf5
- (no CPE)range: < 4.4.0-1.module_el8.6.0+2877+8e437bf5
- (no CPE)range: < 4.4.0-1.module_el8.6.0+2877+8e437bf5
- (no CPE)range: < 2:1.0.1-27.module_el8.6.0+2878+e681bc44
- (no CPE)range: < 1.2.3-3.module_el8.6.0+2877+8e437bf5
- (no CPE)range: < 2:4.0.2-6.module_el8.6.0+2878+e681bc44
- (no CPE)range: < 2:4.0.2-6.module_el8.6.0+2878+e681bc44
- (no CPE)range: < 2:4.0.2-6.module_el8.6.0+2878+e681bc44
- (no CPE)range: < 2:4.0.2-6.module_el8.6.0+2878+e681bc44
- (no CPE)range: < 2:4.0.2-6.module_el8.6.0+2878+e681bc44
- (no CPE)range: < 2:4.0.2-6.module_el8.6.0+2878+e681bc44
- (no CPE)range: < 2:4.0.2-6.module_el8.6.0+2878+e681bc44
- (no CPE)range: < 3.15-3.module_el8.6.0+2877+8e437bf5
- (no CPE)range: < 4.0.0-1.module_el8.6.0+2877+8e437bf5
- (no CPE)range: < 1:1.0.3-2.module_el8.6.0+2878+e681bc44
- (no CPE)range: < 2:1.6.1-2.module_el8.6.0+2877+8e437bf5
- (no CPE)range: < 2:1.6.1-2.module_el8.6.0+2877+8e437bf5
- (no CPE)range: < 1.1.8-2.module_el8.6.0+2877+8e437bf5
- (no CPE)range: < 0.0.99.3-0.4.module_el8.6.0+2877+8e437bf5
- (no CPE)range: < 0.0.99.3-0.4.module_el8.6.0+2877+8e437bf5
- (no CPE)range: < 0.2.6-2.module_el8.6.0+2877+8e437bf5
- (no CPE)range: < 3.4.7-150300.9.9.2
- (no CPE)range: < 3.4.7-150400.4.3.1
- (no CPE)range: < 3.4.7-150300.9.9.2
- (no CPE)range: < 4.2.1-2.1
- (no CPE)range: < 3.4.7-150300.9.9.2
- (no CPE)range: < 3.4.7-150300.9.9.2
- (no CPE)range: < 3.4.7-150300.9.9.2
- (no CPE)range: < 3.4.7-150300.9.9.2
- (no CPE)range: < 3.4.7-150400.4.3.1
Patches
Vulnerability mechanics
References
13- github.com/advisories/GHSA-66vw-v2x9-hw75ghsaADVISORY
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/mitrevendor-advisory
- nvd.nist.gov/vuln/detail/CVE-2022-1227ghsaADVISORY
- bugzilla.redhat.com/show_bug.cgighsaWEB
- github.com/containers/podman/issues/10941ghsaWEB
- github.com/containers/podman/pull/13862ghsaWEB
- github.com/containers/podman/pull/13862/commits/79a3e149c10f74db4cebff624287385c90179d09ghsaWEB
- github.com/containers/psgo/pull/92ghsaWEB
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQghsaWEB
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQghsaWEB
- pkg.go.dev/vuln/GO-2022-0558ghsaWEB
- security.netapp.com/advisory/ntap-20240628-0001ghsaWEB
- security.netapp.com/advisory/ntap-20240628-0001/mitre
News mentions
0No linked articles in our index yet.