7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.1 High
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
56.3%
Supplementary groups are not set up properly inside a container. If an attacker has direct access to a container and manipulates their supplementary group access, they may be able to use supplementary group access to bypass primary group restrictions in some cases and potentially escalate privileges in the container. Uses of the containerd client library may also have improperly setup supplementary groups.
github.com/advisories/GHSA-4wjj-jwc9-2x96
github.com/advisories/GHSA-fjm8-m7m6-2fjp
github.com/advisories/GHSA-phjr-8j92-w5v7
github.com/containerd/containerd/commit/133f6bb6cd827ce35a5fb279c1ead12b9d21460a
github.com/containerd/containerd/security/advisories/GHSA-hmfx-3pcx-653p
github.com/moby/moby/security/advisories/GHSA-rc4r-wh2q-q6c4
www.benthamsgaze.org/2022/08/22/vulnerability-in-linux-containers-investigation-and-mitigation/
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.1 High
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
56.3%