podman-1.6.4-32.el7
エラータID: AXSA:2022-3182:01
The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes.
Security Fix(es):
* psgo: Privilege escalation in 'podman top' (CVE-2022-1227)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
CVE-2022-1227
A privilege escalation flaw was found in Podman. This flaw allows an attacker to publish a malicious image to a public registry. Once this image is downloaded by a potential victim, the vulnerability is triggered after a user runs the 'podman top' command. This action gives the attacker access to the host filesystem, leading to information disclosure or denial of service.
Update packages.
A privilege escalation flaw was found in Podman. This flaw allows an attacker to publish a malicious image to a public registry. Once this image is downloaded by a potential victim, the vulnerability is triggered after a user runs the 'podman top' command. This action gives the attacker access to the host filesystem, leading to information disclosure or denial of service.
N/A
SRPMS
- podman-1.6.4-32.el7.src.rpm
MD5: 302f58f60f3f89e7dafaa16eb96e79e6
SHA-256: 3470f85e52217225e74760b501e365e79393739642f1883d76408113f13f4063
Size: 7.71 MB
Asianux Server 7 for x86_64
- podman-1.6.4-32.el7.x86_64.rpm
MD5: 61cb0d6c52efce9bcfc87b58550a6bce
SHA-256: d999b2cc6d57f012169488352cc4dfe5d290153dc5e651801b11e528b15b6756
Size: 12.52 MB - podman-docker-1.6.4-32.el7.noarch.rpm
MD5: 5a7f32ad5aa1a82f69f67ee9f4acfb28
SHA-256: e178dda2ba6a805dd4fa3972a5f31136fafb42ffa05c6f954f863c62f134e5d7
Size: 31.06 kB