10 matches found
RHEL 8 : OpenShift Container Platform 4.11.43 (RHSA-2023:3541)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:3541 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or privat...
RHEL 7 / 8 : OpenShift Container Platform 4.10.60 (RHSA-2023:3216)
The remote Redhat Enterprise Linux 7 / 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:3216 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private clo...
Low: Red Hat Security Advisory: OpenShift Container Platform 4.11.43 packages and security update
Red Hat OpenShift Container Platform release 4.11.43 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.11. Red Hat Product Security has rated this update as having a...
Low: Red Hat Security Advisory: OpenShift Container Platform 4.10.60 packages and security update
Red Hat OpenShift Container Platform release 4.10.60 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.10. Red Hat Product Security has rated this update as having a...
Security fix for the ALT Linux 10 package cri-o version 1.26.2-alt1
1.26.2-alt1 built March 29, 2023 Alexander Stepchenko in task 317575 March 27, 2023 Alexander Stepchenko - 1.26.2 - Fixes: CVE-2022-2995, CVE-2022-27652, CVE-2022-4318...
Supplementary groups are not set up properly in github.com/containerd/containerd
Impact A bug was found in containerd where supplementary groups are not set up properly inside a container. If an attacker has direct access to a container and manipulates their supplementary group access, they may be able to use supplementary group access to bypass primary group restrictions in...
Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.12.0 packages and security update
Red Hat OpenShift Container Platform release 4.12.0 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.12. Red Hat Product Security has rated this update as having a...
AZL-39882 CVE-2022-2995 affecting package cri-o for versions less than 1.21.7-2
Incorrect handling of the supplementary groups in the CRI-O container engine might lead to sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to execute...
CVE-2022-2995
CVE-2022-2995 affects the CRI-O container engine (CRI-O) where incorrect handling of supplementary groups can lead to sensitive information disclosure or data modification if an attacker can access the affected container and execute code there. The issue is referenced across multiple advisories (...
CVE-2022-2995
Incorrect handling of the supplementary groups in the CRI-O container engine might lead to sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to execute...