CVE-2021-33622

Name of the Vulnerable Software and Affected Versions Sylabs Singularity versions 3.5.x through 3.6.x SingularityPRO versions prior to 3.5-8

Description The issue is related to an incorrect check of a function's return value in a software used for operating system-level virtualization, also known as containerization. This could allow a remote attacker to access confidential data, compromise its integrity, and cause a denial of service.

Recommendations For Sylabs Singularity versions 3.5.x through 3.6.x, update to a version that includes a fix for the incorrect check of a function's return value. For SingularityPRO versions prior to 3.5-8, update to version 3.5-8 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive data and functions to minimize the risk of exploitation.