Lucene search
UbuntuUSN-6295-1HistoryAug 16, 2023 - 12:00 a.m.
Podman vulnerability
2023-08-1600:00:00
ubuntu.com
33
podman
vulnerability
ubuntu 22.04 lts
libpod
supplementary groups
sensitive information
binary code
unix}
.
CVSS3
7.1
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
AI Score
7.5
Confidence
High
EPSS
0.001
Percentile
17.8%
Releases
- Ubuntu 22.04 LTS
Packages
- libpod - engine to run OCI-based containers in Pods
Details
It was discovered that Podman incorrectly handled certain supplementary groups.
An attacker could possibly use this issue to expose sensitive information
or execute binary code.
References
Related
nessus
nessus
SUSE SLES15 Security Update : podman (SUSE-SU-2022:3820-1)
2022-11-01 00:00:00
SUSE SLES15 Security Update : podman (SUSE-SU-2022:3819-1)
2022-11-01 00:00:00
Ubuntu 22.04 LTS : Podman vulnerability (USN-6295-1)
2023-08-16 00:00:00
osv
osv
libpod vulnerability
2023-08-16 17:02:17
podman-4.3.1-1.1 on GA media
2024-06-15 00:00:00
Low: container-tools:rhel8 security, bug fix, and enhancement update
2022-11-08 00:00:00
cve
cve
CVE-2022-2989
2022-09-13 14:15:08
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2022:3820-1)
2022-11-01 00:00:00
SUSE: Security Advisory (SUSE-SU-2022:3819-1)
2022-11-01 00:00:00
Ubuntu: Security Advisory (USN-6295-1)
2023-08-17 00:00:00
cbl_mariner
cbl_mariner
CVE-2022-2989 affecting package podman for versions less than 4.1.1-10
2023-05-25 07:10:54
CVE-2022-2989 affecting package podman 4.1.1-5
2024-10-01 09:12:11
ubuntucve
ubuntucve
CVE-2022-2989
2022-09-13 00:00:00
suse
suse
Security update for podman (moderate)
2022-10-31 00:00:00
Security update for podman (moderate)
2022-10-31 00:00:00
nvd
nvd
CVE-2022-2989
2022-09-13 14:15:08
veracode
veracode
Information Disclosure
2022-09-16 06:34:58
redhatcve
redhatcve
CVE-2022-2989
2022-08-25 13:40:10
prion
prion
Information disclosure
2022-09-13 14:15:00
cvelist
cvelist
CVE-2022-2989
2022-09-13 13:41:00
github
github
debiancve
debiancve
CVE-2022-2989
2022-09-13 14:15:08
alpinelinux
alpinelinux
CVE-2022-2989
2022-09-13 14:15:08
almalinux
almalinux
Low: podman security, bug fix, and enhancement update
2022-11-15 00:00:00
Low: container-tools:rhel8 security, bug fix, and enhancement update
2022-11-08 00:00:00
Moderate: buildah security and bug fix update
2022-11-15 00:00:00
redhat
redhat
(RHSA-2022:8431) Low: podman security, bug fix, and enhancement update
2022-11-15 15:35:37
(RHSA-2022:7822) Low: container-tools:rhel8 security, bug fix, and enhancement update
2022-11-08 10:51:15
(RHSA-2022:8008) Moderate: buildah security and bug fix update
2022-11-15 06:13:14
oraclelinux
oraclelinux
podman security, bug fix, and enhancement update
2022-11-24 00:00:00
container-tools:ol8 security, bug fix, and enhancement update
2022-11-22 00:00:00
buildah security and bug fix update
2022-11-22 00:00:00
rocky
rocky
container-tools:rhel8 security, bug fix, and enhancement update
2022-11-08 10:51:15
gentoo
gentoo
podman: Multiple Vulnerabilities
2024-07-05 00:00:00
mageia
mageia
Updated skopeo/buildah/podman packages fix security vulnerability
2023-07-07 08:54:45
CVSS3
7.1
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
AI Score
7.5
Confidence
High
EPSS
0.001
Percentile
17.8%
Related for USN-6295-1