CVE-2022-2739 – podman: Security regression of CVE-2020-14370 due to source code management issue
https://notcve.org/view.php?id=CVE-2022-2739
The version of podman as released for Red Hat Enterprise Linux 7 Extras via RHSA-2022:2190 advisory included an incorrect version of podman missing the fix for CVE-2020-14370, which was previously fixed via RHSA-2020:5056. This issue could possibly allow an attacker to gain access to sensitive information stored in environment variables. La versión de podman publicada para Red Hat Enterprise Linux 7 Extras por medio del aviso RHSA-2022:2190 incluía una versión incorrecta de podman que carecía de la corrección de CVE-2020-14370, que se había corregido previamente por medio de RHSA-2020:5056. Este problema podría permitir a un atacante acceder a información confidencial almacenada en variables de entorno • https://access.redhat.com/security/cve/CVE-2022-2739 https://bugzilla.redhat.com/show_bug.cgi?id=2116927 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-312: Cleartext Storage of Sensitive Information •
CVE-2019-25067 – Podman/Varlink API Privilege Escalation
https://notcve.org/view.php?id=CVE-2019-25067
A vulnerability, which was classified as critical, was found in Podman and Varlink 1.5.1. This affects an unknown part of the component API. The manipulation leads to Remote Privilege Escalation. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. • https://github.com/containers/podman/issues/21628 https://vuldb.com/?ctiid.143949 https://vuldb.com/?id.143949 https://www.exploit-db.com/exploits/47500 •
CVE-2022-1227 – psgo: Privilege escalation in 'podman top'
https://notcve.org/view.php?id=CVE-2022-1227
A privilege escalation flaw was found in Podman. This flaw allows an attacker to publish a malicious image to a public registry. Once this image is downloaded by a potential victim, the vulnerability is triggered after a user runs the 'podman top' command. This action gives the attacker access to the host filesystem, leading to information disclosure or denial of service. Se ha encontrado un fallo de escalada de privilegios en Podman. • https://bugzilla.redhat.com/show_bug.cgi?id=2070368 https://github.com/containers/podman/issues/10941 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ https://security.netapp.com/advisory/ntap-20240628-0001 https://access.redhat.com/security/cve/CVE-2022-1227 • CWE-269: Improper Privilege Management CWE-281: Improper Preservation of Permissions •
CVE-2022-27649 – podman: Default inheritable capabilities for linux container should be empty
https://notcve.org/view.php?id=CVE-2022-27649
A flaw was found in Podman, where containers were started incorrectly with non-empty default permissions. A vulnerability was found in Moby (Docker Engine), where containers were started incorrectly with non-empty inheritable Linux process capabilities. This flaw allows an attacker with access to programs with inheritable file capabilities to elevate those capabilities to the permitted set when execve(2) runs. Se ha encontrado un fallo en Podman, donde los contenedores eran iniciados incorrectamente con permisos por defecto no vacíos. Se ha encontrado una vulnerabilidad en Moby (Docker Engine), donde los contenedores eran iniciados incorrectamente con capacidades de proceso Linux heredables no vacías. • https://bugzilla.redhat.com/show_bug.cgi?id=2066568 https://github.com/containers/podman/commit/aafa80918a245edcbdaceb1191d749570f1872d0 https://github.com/containers/podman/security/advisories/GHSA-qvf8-p83w-v58j https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4KDETHL5XCT6RZN2BBNOCEXRZ2W3SFU3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org • CWE-276: Incorrect Default Permissions •
CVE-2021-4024 – podman: podman machine spawns gvproxy with port bound to all IPs
https://notcve.org/view.php?id=CVE-2021-4024
A flaw was found in podman. The `podman machine` function (used to create and manage Podman virtual machine containing a Podman process) spawns a `gvproxy` process on the host system. The `gvproxy` API is accessible on port 7777 on all IP addresses on the host. If that port is open on the host's firewall, an attacker can potentially use the `gvproxy` API to forward ports on the host to ports in the VM, making private services on the VM accessible to the network. This issue could be also used to interrupt the host's services by forwarding all ports to the VM. • https://bugzilla.redhat.com/show_bug.cgi?id=2026675%2C https://github.com/containers/podman/releases/tag/v3.4.3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QFFVJ6S3ZRMPDYB7KYAWEMDHXFZYQPU3 https://access.redhat.com/security/cve/CVE-2021-4024 https://bugzilla.redhat.com/show_bug.cgi?id=2026675 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-346: Origin Validation Error •