← volver
CVE-2022-0811

CVE-2022-0811

EPSS 18.6%CWE-94
Vexday Risk Score
8Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS EPSS 18.6%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
16 mar 2022Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
A flaw was found in CRI-O in the way it set kernel options for a pod. This issue allows anyone with rights to deploy a pod on a Kubernetes cluster that uses the CRI-O runtime to achieve a container escape and arbitrary code execution as root on the cluster node, where the malicious pod was deployed.
Productos afectados
n/a · CRI-O

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://bugzilla.redhat.com/show_bug.cgi?id=2059475https://github.com/cri-o/cri-o/security/advisories/GHSA-6x2m-w449-qwx7