5798 – [Anolis OS 8] Bugfix for CVE-2022-2989

Bug 5798 - [Anolis OS 8] Bugfix for CVE-2022-2989

Summary: [Anolis OS 8] Bugfix for CVE-2022-2989

Status:	NEW

Alias:	None

Product:	Anolis OS 8
Classification:	Anolis OS
Component:	BaseOS Packages (show other bugs)	BaseOS Packages
Sub Component:
Version:	8.6
Hardware:	All Linux

Importance:	P4-Low S4-trivial
Target Milestone:	---
Assignee:	Jacob
QA Contact:	shuming

URL:
Whiteboard:
Keywords:	CVE

Depends on:
Blocks:

Reported:	2023-07-08 20:52 UTC by 小龙
Modified:	2023-07-08 20:52 UTC (History)
CC List:	0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description 小龙 admin

2023-07-08 20:52:19 UTC

Description:
An incorrect handling of the supplementary groups in the Podman container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to execute a binary code in that container.

Broken commit info:

Bugfix commit info:
https://github.com/containers/podman/pull/15677
https://github.com/containers/podman/commit/5c7f28336171f0a5137edd274e45608120d31289
https://github.com/containers/podman/pull/15696
https://github.com/containers/podman/pull/15618