Описание
A vulnerability was found in CRI-O. A path traversal issue in the log management functions (UnMountPodLogs and LinkContainerLogs) may allow an attacker with permissions to create and delete Pods to unmount arbitrary host paths, leading to node-level denial of service by unmounting critical system directories.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat OpenShift Container Platform 4 | rhcos | Fix deferred | ||
| Red Hat OpenShift Container Platform 4.17 | cri-o | Fixed | RHSA-2025:1122 | 11.02.2025 |
Показывать по
Дополнительная информация
Статус:
EPSS
6.6 Medium
CVSS3
Связанные уязвимости
A vulnerability was found in CRI-O. A path traversal issue in the log management functions (UnMountPodLogs and LinkContainerLogs) may allow an attacker with permissions to create and delete Pods to unmount arbitrary host paths, leading to node-level denial of service by unmounting critical system directories.
A vulnerability was found in CRI-O. A path traversal issue in the log management functions (UnMountPodLogs and LinkContainerLogs) may allow an attacker with permissions to create and delete Pods to unmount arbitrary host paths, leading to node-level denial of service by unmounting critical system directories.
A vulnerability was found in CRI-O. A path traversal issue in the log ...
EPSS
6.6 Medium
CVSS3