8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.9 High
AI Score
Confidence
High
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.005 Low
EPSS
Percentile
75.4%
The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc.
Security Fix(es):
psgo: Privilege escalation in ‘podman top’ (CVE-2022-1227)
prometheus/client_golang: Denial of service using InstrumentHandlerCounter (CVE-2022-21698)
podman: Default inheritable capabilities for linux container should be empty (CVE-2022-27649)
crun: Default inheritable capabilities for linux container should be empty (CVE-2022-27650)
buildah: Default inheritable capabilities for linux container should be empty (CVE-2022-27651)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section.
bugzilla.redhat.com/show_bug.cgi?id=1861760
bugzilla.redhat.com/show_bug.cgi?id=1967642
bugzilla.redhat.com/show_bug.cgi?id=1982164
bugzilla.redhat.com/show_bug.cgi?id=1982784
bugzilla.redhat.com/show_bug.cgi?id=1995900
bugzilla.redhat.com/show_bug.cgi?id=1998835
bugzilla.redhat.com/show_bug.cgi?id=2000914
bugzilla.redhat.com/show_bug.cgi?id=2002721
bugzilla.redhat.com/show_bug.cgi?id=2004993
bugzilla.redhat.com/show_bug.cgi?id=2005972
bugzilla.redhat.com/show_bug.cgi?id=2006678
bugzilla.redhat.com/show_bug.cgi?id=2009047
bugzilla.redhat.com/show_bug.cgi?id=2009296
bugzilla.redhat.com/show_bug.cgi?id=2017266
bugzilla.redhat.com/show_bug.cgi?id=2018949
bugzilla.redhat.com/show_bug.cgi?id=2023112
bugzilla.redhat.com/show_bug.cgi?id=2024229
bugzilla.redhat.com/show_bug.cgi?id=2025336
bugzilla.redhat.com/show_bug.cgi?id=2030599
bugzilla.redhat.com/show_bug.cgi?id=2045880
bugzilla.redhat.com/show_bug.cgi?id=2055487
bugzilla.redhat.com/show_bug.cgi?id=2059754
bugzilla.redhat.com/show_bug.cgi?id=2065292
bugzilla.redhat.com/show_bug.cgi?id=2065707
bugzilla.redhat.com/show_bug.cgi?id=2066568
bugzilla.redhat.com/show_bug.cgi?id=2066840
bugzilla.redhat.com/show_bug.cgi?id=2066845
bugzilla.redhat.com/show_bug.cgi?id=2070368
errata.rockylinux.org/RLSA-2022:1762
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.9 High
AI Score
Confidence
High
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.005 Low
EPSS
Percentile
75.4%