CVE-2022-38065

Name of the Vulnerable Software and Affected Versions OpenStack versions prior to git master 05194e7618

Description A privilege escalation issue exists in the oslo.privsep functionality of OpenStack. This is due to overly permissive functionality within tools that leverage this library within a container, which can lead to increased privileges. The issue is related to insecure privilege management.

Recommendations For versions prior to git master 05194e7618, consider restricting access to the oslo.privsep functionality to minimize the risk of exploitation until a patch is available. As a temporary workaround, review and adjust the permissions and access controls within containers that utilize the oslo.privsep library to prevent unauthorized privilege escalation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.