Candidate: CVE-2022-1227
PublicDate: 2022-04-29 16:15:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1227
 https://bugzilla.redhat.com/show_bug.cgi?id=2070368
 https://github.com/containers/psgo/pull/92
 https://github.com/containers/psgo/commit/d9467da9f563a9de1ece79dcae86b37b1db75443 (v1.7.2)
Description:
 A privilege escalation flaw was found in Podman. This flaw allows an
 attacker to publish a malicious image to a public registry. Once this image
 is downloaded by a potential victim, the vulnerability is triggered after a
 user runs the 'podman top' command. This action gives the attacker access
 to the host filesystem, leading to information disclosure or denial of
 service.
Ubuntu-Description:
Notes:
Mitigation:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS:


Patches_golang-github-containers-psgo:
upstream_golang-github-containers-psgo: needs-triage
trusty_golang-github-containers-psgo: ignored (out of standard support)
xenial_golang-github-containers-psgo: ignored (out of standard support)
focal_golang-github-containers-psgo: needs-triage
impish_golang-github-containers-psgo: needs-triage
jammy_golang-github-containers-psgo: needs-triage
devel_golang-github-containers-psgo: needs-triage