CVE-2022-1227

Summary

A privilege escalation flaw was found in Podman. This flaw allows an attacker to publish a malicious image to a public registry. Once this image is downloaded by a potential victim, the vulnerability is triggered after a user runs the 'podman top' command. This action gives the attacker access to the host filesystem, leading to information disclosure or denial of service.

Affected Software

VendorProductVersion RangeStatus
n/apsgopodman 4.0, psgo 1.7.2affected

Weaknesses

  • CWE-281: CWE-281

ADP Enrichment

CVE Program Container

Additional References

References