Lucene search

K
cvelistRedhatCVELIST:CVE-2022-0811
HistoryMar 16, 2022 - 2:03 p.m.

CVE-2022-0811

2022-03-1614:03:40
CWE-94
redhat
www.cve.org

8.9 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

46.8%

A flaw was found in CRI-O in the way it set kernel options for a pod. This issue allows anyone with rights to deploy a pod on a Kubernetes cluster that uses the CRI-O runtime to achieve a container escape and arbitrary code execution as root on the cluster node, where the malicious pod was deployed.

CNA Affected

[
  {
    "product": "CRI-O",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "cri-o 1.24.0, cri-o 1.23.2, cri-o 1.22.3, cri-o 1.21.6, cri-o 1.20.7, cri-o 1.19.6"
      }
    ]
  }
]

8.9 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

46.8%