CVE-2022-27649

Source
https://cve.org/CVERecord?id=CVE-2022-27649
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-27649.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2022-27649
Aliases
Downstream
Related
Published
2022-04-04T19:45:43Z
Modified
2026-07-04T04:00:07.394819901Z
Summary
[none]
Details

A flaw was found in Podman, where containers were started incorrectly with non-empty default permissions. A vulnerability was found in Moby (Docker Engine), where containers were started incorrectly with non-empty inheritable Linux process capabilities. This flaw allows an attacker with access to programs with inheritable file capabilities to elevate those capabilities to the permitted set when execve(2) runs.

Database specific
{
    "cna_assigner": "redhat",
    "cwe_ids": [
        "CWE-276"
    ],
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/27xxx/CVE-2022-27649.json"
}
References

Affected packages

Git / github.com/podman-container-tools/podman

Affected ranges

Type
GIT
Repo
https://github.com/podman-container-tools/podman
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Fixed
Database specific
{
    "source": [
        "CPE_RANGE",
        "REFERENCES"
    ],
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "fixed": "4.0.3"
        }
    ],
    "cpe": "cpe:2.3:a:podman_project:podman:*:*:*:*:*:*:*:*"
}

Affected versions

v0.*
v0.2
v0.2.1
v0.8.2

Database specific

source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-27649.json"