Container Security Vulnerability in Moby and cri-o by Red Hat
CVE-2022-27652
5.3MEDIUM
What is CVE-2022-27652?
A security flaw has been identified in cri-o and Moby (Docker Engine), where containers can be started with unintended non-empty default permissions or inheritable Linux process capabilities. This vulnerability enables attackers with access to certain programs to potentially escalate their permissions when invoking execve(2), thus compromising the security of containers and the systems they run on. It is crucial for users and administrators to assess their container environments and apply mitigations as recommended by the vendor.
Affected Version(s)
cri-o Affects all versions.