Описание
A malicious container image can consume an unbounded amount of memory when being pulled to a container runtime host, such as Red Hat Enterprise Linux using podman, or OpenShift Container Platform. An attacker can use this flaw to trick a user, with privileges to pull container images, into crashing the process responsible for pulling the image. This flaw affects containers-image versions before 5.2.0.
Ссылки
- Issue Tracking
- Issue Tracking
Уязвимые конфигурации
EPSS
3.3 Low
CVSS3
4.3 Medium
CVSS2
Дефекты
Связанные уязвимости
A malicious container image can consume an unbounded amount of memory when being pulled to a container runtime host, such as Red Hat Enterprise Linux using podman, or OpenShift Container Platform. An attacker can use this flaw to trick a user, with privileges to pull container images, into crashing the process responsible for pulling the image. This flaw affects containers-image versions before 5.2.0.
A malicious container image can consume an unbounded amount of memory when being pulled to a container runtime host, such as Red Hat Enterprise Linux using podman, or OpenShift Container Platform. An attacker can use this flaw to trick a user, with privileges to pull container images, into crashing the process responsible for pulling the image. This flaw affects containers-image versions before 5.2.0.
Уязвимость пакета podman операционной системы Red Hat Enterprise Linux и корпоративной платформы Red Hat OpenShift Container Platform, связанная с неконтролируемым расходом ресурсов, позволяющая нарушителю вызвать отказ в обслуживании
Moderate: container-tools:rhel8 security, bug fix, and enhancement update
EPSS
3.3 Low
CVSS3
4.3 Medium
CVSS2