CVE-2022-0811

More information about this CVE will likely be available in a few days.

Description

A flaw was found in CRI-O in the way it set kernel options for a pod. This issue allows anyone with rights to deploy a pod on a Kubernetes cluster that uses the CRI-O runtime to achieve a container escape and arbitrary code execution as root on the cluster node, where the malicious pod was deployed.

Related CPE's

Could not find any relations

References

https://bugzilla.redhat.com/show_bug.cgi?id=2059475

https://github.com/cri-o/cri-o/security/advisories/GHSA-6x2m-w449-qwx7

CvssV3 impact

Could not find any metrics

CvssV2 impact

Could not find any metrics
Created by Yello
About Severity.io