The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-1793 advisory. - A flaw was found in crun where containers were incorrectly started with non-empty default permissions. A vulnerability was found in Moby (Docker Engine) where containers were started incorrectly with non-empty inheritable Linux process capabilities. This flaw allows an attacker with access to programs with inheritable file capabilities to elevate those capabilities to the permitted set when execve(2) runs. (CVE-2022-27650) Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
container-tools:3.0 security and bug fix update
Important: container-tools:rhel8 security, bug fix, and enhancement update
(RHSA-2022:1793) Moderate: container-tools:3.0 security and bug fix update
(RHSA-2022:1762) Important: container-tools:rhel8 security, bug fix, and enhancement update