- Vulnerability/
- USN-6295-1
USN-6295-1: Podman vulnerability
First published: Wed Aug 16 2023(Updated: )
It was discovered that Podman incorrectly handled certain supplementary groups. An attacker could possibly use this issue to expose sensitive information or execute binary code.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| ubuntu/podman | <3.4.4+ds1-1ubuntu1.22.04.2 | 3.4.4+ds1-1ubuntu1.22.04.2 |
| =22.04 | ||
| All of | ||
| ubuntu/podman-docker | <3.4.4+ds1-1ubuntu1.22.04.2 | 3.4.4+ds1-1ubuntu1.22.04.2 |
| =22.04 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this Podman vulnerability?
The vulnerability ID for this Podman vulnerability is USN-6295-1.
What is the impact of this vulnerability?
This vulnerability could allow an attacker to expose sensitive information or execute binary code.
How does Podman handle certain supplementary groups incorrectly?
Podman incorrectly handles certain supplementary groups, which can lead to the vulnerability.
Which version of Podman is affected by this vulnerability?
Podman version 3.4.4+ds1-1ubuntu1.22.04.2 and earlier versions are affected by this vulnerability.
How can I fix this vulnerability?
To fix this vulnerability, update Podman to version 3.4.4+ds1-1ubuntu1.22.04.2 or later.
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/title
- agent/type
- collector/usn
- source/Ubuntu
- agent/software-canonical-lookup
- package-manager/ubuntu
- vendor/ubuntu
- canonical/ubuntu ubuntu
- version/ubuntu ubuntu/22.04