{"api_version":"1","generated_at":"2026-04-22T23:09:30+00:00","cve":"CVE-2022-2989","urls":{"html":"https://cve.report/CVE-2022-2989","api":"https://cve.report/api/cve/CVE-2022-2989.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2022-2989","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2022-2989"},"summary":{"title":"CVE-2022-2989","description":"An incorrect handling of the supplementary groups in the Podman container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to execute a binary code in that container.","state":"PUBLIC","assigner":"secalert@redhat.com","published_at":"2022-09-13 14:15:00","updated_at":"2023-02-12 22:15:00"},"problem_types":["CWE-842"],"metrics":[],"references":[{"url":"https://www.benthamsgaze.org/2022/08/22/vulnerability-in-linux-containers-investigation-and-mitigation/","name":"https://www.benthamsgaze.org/2022/08/22/vulnerability-in-linux-containers-investigation-and-mitigation/","refsource":"MISC","tags":[],"title":"Vulnerability in Linux containers – investigation and mitigation – Bentham’s Gaze","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2022:8431","name":"https://access.redhat.com/errata/RHSA-2022:8431","refsource":"MISC","tags":[],"title":"Red Hat Customer Portal - Access to 24x7 support and knowledge","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2022:7822","name":"https://access.redhat.com/errata/RHSA-2022:7822","refsource":"MISC","tags":[],"title":"Red Hat Customer Portal - Access to 24x7 support and knowledge","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/security/cve/CVE-2022-2989","name":"https://access.redhat.com/security/cve/CVE-2022-2989","refsource":"MISC","tags":[],"title":"Red Hat Customer Portal - Access to 24x7 support and knowledge","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2022:8008","name":"https://access.redhat.com/errata/RHSA-2022:8008","refsource":"MISC","tags":[],"title":"Red Hat Customer Portal - Access to 24x7 support and knowledge","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2121445","name":"https://bugzilla.redhat.com/show_bug.cgi?id=2121445","refsource":"MISC","tags":[],"title":"2121445 – (CVE-2022-2989) CVE-2022-2989 podman: possible information disclosure and modification","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.cve.org/CVERecord?id=CVE-2022-2989","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-2989","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2022","cve_id":"2989","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"podman_project","cpe5":"podman","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"2989","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"redhat","cpe5":"enterprise_linux","cpe6":"7.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"2989","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"redhat","cpe5":"enterprise_linux","cpe6":"8.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"2989","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"redhat","cpe5":"enterprise_linux","cpe6":"9.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"2989","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"redhat","cpe5":"openshift_container_platform","cpe6":"3.11","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"2989","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"redhat","cpe5":"openshift_container_platform","cpe6":"4.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2022-2989","qid":"160285","title":"Oracle Enterprise Linux Security Update for buildah (ELSA-2022-8008)"},{"cve":"CVE-2022-2989","qid":"160318","title":"Oracle Enterprise Linux Security Update for container-tools:ol8 (ELSA-2022-7822)"},{"cve":"CVE-2022-2989","qid":"160323","title":"Oracle Enterprise Linux Security Update for podman (ELSA-2022-8431)"},{"cve":"CVE-2022-2989","qid":"160696","title":"Oracle Enterprise Linux Security Update for container-tools:4.0 (ELSA-2023-2802)"},{"cve":"CVE-2022-2989","qid":"182066","title":"Debian Security Update for libpod (CVE-2022-2989)"},{"cve":"CVE-2022-2989","qid":"199663","title":"Ubuntu Security Notification for Podman Vulnerability (USN-6295-1)"},{"cve":"CVE-2022-2989","qid":"240848","title":"Red Hat Update for container-tools:rhel8 security (RHSA-2022:7822)"},{"cve":"CVE-2022-2989","qid":"240894","title":"Red Hat Update for buildah (RHSA-2022:8008)"},{"cve":"CVE-2022-2989","qid":"240912","title":"Red Hat Update for podman security (RHSA-2022:8431)"},{"cve":"CVE-2022-2989","qid":"241486","title":"Red Hat Update for container-tools:4.0 (RHSA-2023:2802)"},{"cve":"CVE-2022-2989","qid":"379641","title":"Alibaba Cloud Linux Security Update for container-tools:rhel8 (ALINUX3-SA-2024:0050)"},{"cve":"CVE-2022-2989","qid":"502914","title":"Alpine Linux Security Update for podman"},{"cve":"CVE-2022-2989","qid":"505793","title":"Alpine Linux Security Update for podman"},{"cve":"CVE-2022-2989","qid":"753196","title":"SUSE Enterprise Linux Security Update for podman (SUSE-SU-2022:3819-1)"},{"cve":"CVE-2022-2989","qid":"753482","title":"SUSE Enterprise Linux Security Update for podman (SUSE-SU-2022:3820-1)"},{"cve":"CVE-2022-2989","qid":"753592","title":"SUSE Enterprise Linux Security Update for podman (SUSE-SU-2023:0187-1)"},{"cve":"CVE-2022-2989","qid":"753659","title":"SUSE Enterprise Linux Security Update for podman (SUSE-SU-2023:0326-1)"},{"cve":"CVE-2022-2989","qid":"903958","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for podman (10964)"},{"cve":"CVE-2022-2989","qid":"904613","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for podman (11521)"},{"cve":"CVE-2022-2989","qid":"906919","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for podman (10964-1)"},{"cve":"CVE-2022-2989","qid":"940780","title":"AlmaLinux Security Update for container-tools:rhel8 (ALSA-2022:7822)"},{"cve":"CVE-2022-2989","qid":"940785","title":"AlmaLinux Security Update for podman (ALSA-2022:8431)"},{"cve":"CVE-2022-2989","qid":"940827","title":"AlmaLinux Security Update for buildah (ALSA-2022:8008)"},{"cve":"CVE-2022-2989","qid":"941090","title":"AlmaLinux Security Update for container-tools:4.0 (ALSA-2023:2802)"},{"cve":"CVE-2022-2989","qid":"960180","title":"Rocky Linux Security Update for container-tools:rhel8 (RLSA-2022:7822)"}]},"source_records":{"cve_program":{"data_version":"4.0","data_type":"CVE","data_format":"MITRE","CVE_data_meta":{"ID":"CVE-2022-2989","ASSIGNER":"secalert@redhat.com","STATE":"PUBLIC"},"description":{"description_data":[{"lang":"eng","value":"An incorrect handling of the supplementary groups in the Podman container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to execute a binary code in that container."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-842","cweId":"CWE-842"}]}]},"affects":{"vendor":{"vendor_data":[{"vendor_name":"n/a","product":{"product_data":[{"product_name":"podman","version":{"version_data":[{"version_affected":"=","version_value":"no fixed version known"}]}}]}}]}},"references":{"reference_data":[{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2121445","refsource":"MISC","name":"https://bugzilla.redhat.com/show_bug.cgi?id=2121445"},{"url":"https://www.benthamsgaze.org/2022/08/22/vulnerability-in-linux-containers-investigation-and-mitigation/","refsource":"MISC","name":"https://www.benthamsgaze.org/2022/08/22/vulnerability-in-linux-containers-investigation-and-mitigation/"}]}},"nvd":{"publishedDate":"2022-09-13 14:15:00","lastModifiedDate":"2023-02-12 22:15:00","problem_types":["CWE-842"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE","baseScore":7.1,"baseSeverity":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.2}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:podman_project:podman:*:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":null,"notes":[]}}}