CVE-2022-2989

⚠️ high

Summary

An incorrect handling of the supplementary groups in the Podman container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to execute a binary code in that container.

CVSS Score

7.1

High

EPSS Score

0.0

Exploit Probability

Published Date

2022-09-13

First Seen: 2026-01-05

📊 Relative Risk Intelligence

This CVE is Moderate Risk - more severe than 53.3% of all 330,193 vulnerabilities in our database.

#154,204

Above average severity

Severity Percentile

🎯 CISA SSVC Assessment Updated: Jun 5, 2025

🔍 Exploitation Status

None

No known exploits

⚙️ Automatable

Requires human interaction

💥 Technical Impact

Total

Complete system compromise possible

SSVC data provided by CISA

Last Modified 2025-06-05

Source NVD 🔗

CVSS Vector 3.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

CWE IDs (Weakness Types)

CWE-842 CWE-863

📦 Affected Products 6

Vendor	Product	Status	Affected Versions
redhat	enterprise_linux	Affected	v7.0
redhat	enterprise_linux	Affected	v8.0
redhat	enterprise_linux	Affected	v9.0
redhat	openshift_container_platform	Affected	v3.11
redhat	openshift_container_platform	Affected	v4.0
podman_project	podman	Affected	All versions

🔗 References 2

https://bugzilla.redhat.com/show_bug.cgi?id=2121445

Exploit Issue Tracking Patch Third Party Advisory

https://www.benthamsgaze.org/2022/08/22/vulnerabilit...

Exploit Third Party Advisory

🔗 Related CVEs 6

CVE ID	Severity	CVSS	EPSS	Summary	Published
CVE-2026-55686	🔶 medium	5.3	-	Podman is a tool for managing OCI containers and pods. From 3.0.0 until 5.7.1, running a malicious container image where...	2026-06-26
CVE-2026-55653	🔶 medium	4.3	0.2	A flaw was found in OpenSSH. A malicious SSH server can exploit a double free vulnerability in the Diffie-Hellman Group ...	2026-06-23
CVE-2026-55654	ℹ️ low	3.7	0.3	A flaw was found in OpenSSH. This vulnerability, a heap out-of-bounds read, occurs during the cleanup of GSSAPI (Generic...	2026-06-23
CVE-2026-55655	🔶 medium	5.0	0.1	A flaw was found in OpenSSH. A local unprivileged attacker on a Linux client host can hijack client-side X11 forwarding ...	2026-06-23
CVE-2026-11791	🔶 medium	5.0	0.3	A flaw was found in 389 Directory Server. During schema reload, the attr_syntax_swap_ht() function unconditionally frees...	2026-06-18
CVE-2026-1764	🔶 medium	5.6	0.2	A flaw was found in GNOME localsearch (previously known as tracker-miners) MP3 Extractor. When processing specially craf...	2026-06-16

These CVEs affect the same products