vulnerability

Red Hat OpenShift: CVE-2022-2995: cri-o: incorrect handling of the supplementary groups

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
6	(AV:L/AC:L/Au:S/C:C/I:C/A:N)	Sep 19, 2022	Jan 18, 2023	Aug 11, 2025

Severity

CVSS

(AV:L/AC:L/Au:S/C:C/I:C/A:N)

Published

Sep 19, 2022

Added

Jan 18, 2023

Modified

Aug 11, 2025

Description

Incorrect handling of the supplementary groups in the CRI-O container engine might lead to sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to execute a binary code in that container.

Solution

linuxrpm-upgrade-cri-o

References

CVE-2022-2995
https://attackerkb.com/topics/CVE-2022-2995
CWE-284
CWE-732
REDHAT-RHSA-2022:7398
REDHAT-RHSA-2023:3216
REDHAT-RHSA-2023:3541

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today