CVE-2022-27652

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2022-27652

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-27652.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2022-27652

Aliases

Downstream

RHBA-2022:5433

RHSA-2022:1600

Published

2022-04-18T16:20:29Z

Modified

2026-05-15T11:54:04.923874253Z

Summary

[none]

Details

A flaw was found in cri-o, where containers were incorrectly started with non-empty default permissions. A vulnerability was found in Moby (Docker Engine) where containers started incorrectly with non-empty inheritable Linux process capabilities. This flaw allows an attacker with access to programs with inheritable file capabilities to elevate those capabilities to the permitted set when execve(2) runs.

Database specific

{
    "cwe_ids": [
        "CWE-276"
    ],
    "unresolved_ranges": [
        {
            "source": "AFFECTED_FIELD",
            "extracted_events": [
                {
                    "last_affected": "Affects all versions."
                }
            ]
        }
    ],
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/27xxx/CVE-2022-27652.json",
    "cna_assigner": "redhat"
}

References

CVE-2022-27652

Affected packages