github.com/kubernetes-incubator/cri-o is susceptible to privilege context switching error. The vulnerability exists in handling ambient capabilities. During container execution, containers running with elevated privileges may allow a user with lower privilege to perform abilities they should not have.