Control: tags -1 + confirmed On Sun, 2023-02-12 at 00:06 +0200, Faidon Liambotis wrote: > A no-dsa security vulnerability, CVE-2022-27650: > https://security-tracker.debian.org/tracker/CVE-2022-27650 > > [ Impact ] > Copying from the CVE: > > "A flaw was found in crun where containers were incorrectly started > with > non-empty default permissions. A vulnerability was found in Moby > (Docker > Engine) where containers were started incorrectly with non-empty > inheritable Linux process capabilities. This flaw allows an attacker > with access to programs with inheritable file capabilities to elevate > those capabilities to the permitted set when execve(2) runs." >
Please go ahead; sorry for the delay. Regards, Adam
