ID:8953 - Exploit for Security restrictions bypass in Podman - CVE-2022-1227

CSH
CYBERSECURITY HELP
Sign In REGISTER
 
Main Vulnerability Database Exploits ID:8953 - Exploit for Security restrictions bypass in Podman - CVE-2022-1227

ID:8953 - Exploit for Security restrictions bypass in Podman - CVE-2022-1227

Published: April 1, 2023


Vulnerability identifier: #VU62468
Vulnerability risk: Medium
CVE-ID: CVE-2022-1227
CWE-ID: CWE-264
Exploitation vector: Remote access
Vulnerable software:
Podman

Link to public exploit:


Vulnerability description

The vulnerability allows a remote attacker to escalate privileges on the system.

The vulnerability exists due to improper privilege management when running podman top on a container made from a maliciously-crafted image and using a user namespace. An attacker with full access to the container can execute arbitrary code  in the host context.


Remediation

Install updates from vendor's website.