Описание
Podman publishes a malicious image to public registries
Podman is a tool for managing OCI containers and pods. A privilege escalation flaw was found in Podman. This flaw allows an attacker to publish a malicious image to a public registry. Once this image is downloaded by a potential victim, the vulnerability is triggered after a user runs the 'podman top' command. This action gives the attacker access to the host filesystem, leading to information disclosure or denial of service.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2022-1227
- https://github.com/containers/podman/issues/10941
- https://github.com/containers/podman/pull/13862
- https://github.com/containers/podman/pull/13862/commits/79a3e149c10f74db4cebff624287385c90179d09
- https://github.com/containers/psgo/pull/92
- https://bugzilla.redhat.com/show_bug.cgi?id=2070368
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ
- https://pkg.go.dev/vuln/GO-2022-0558
- https://security.netapp.com/advisory/ntap-20240628-0001
Пакеты
github.com/containers/podman/v3
< 3.4
3.4
github.com/containers/psgo
< 1.7.2
1.7.2
Связанные уязвимости
A privilege escalation flaw was found in Podman. This flaw allows an attacker to publish a malicious image to a public registry. Once this image is downloaded by a potential victim, the vulnerability is triggered after a user runs the 'podman top' command. This action gives the attacker access to the host filesystem, leading to information disclosure or denial of service.
A privilege escalation flaw was found in Podman. This flaw allows an attacker to publish a malicious image to a public registry. Once this image is downloaded by a potential victim, the vulnerability is triggered after a user runs the 'podman top' command. This action gives the attacker access to the host filesystem, leading to information disclosure or denial of service.
A privilege escalation flaw was found in Podman. This flaw allows an attacker to publish a malicious image to a public registry. Once this image is downloaded by a potential victim, the vulnerability is triggered after a user runs the 'podman top' command. This action gives the attacker access to the host filesystem, leading to information disclosure or denial of service.
A privilege escalation flaw was found in Podman. This flaw allows an a ...