CVE-2019-25067

CVSS v3.1

8.8

High

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Podman and Varlink version 1.5.1

Description A critical issue was found, affecting an unknown part of the component API. This leads to Remote Privilege Escalation and can be initiated remotely. The exploit has been disclosed publicly.

Recommendations For Podman and Varlink version 1.5.1, update to a version that addresses the Remote Privilege Escalation issue. As a temporary workaround, consider restricting access to the affected API component until a patch is available.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

ALT-PU-2019-3062

ALT-PU-2020-1645

CVE-2019-25067

Affected Products

Alt Linux

Podman

Varlink

CVE-2019-25067

Related Identifiers

Affected Products

References · 13