PT-2023-14066 · Tinylab · Tinylab Linux-Lab+1
Fripside
·
Published
2023-10-19
·
Updated
2023-10-26
·
CVE-2022-42150
CVSS v3.1
10
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
TinyLab linux-lab version 1.1-rc1
TinyLab cloud-lab version 0.8-rc2
Description
The default configuration of TinyLab linux-lab and cloud-lab could cause Container Escape due to insecure permissions.
Recommendations
For TinyLab linux-lab version 1.1-rc1, consider updating the configuration to secure permissions and prevent Container Escape.
For TinyLab cloud-lab version 0.8-rc2, consider updating the configuration to secure permissions and prevent Container Escape.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Incorrect Default Permissions
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Tinylab Cloud-Lab
Tinylab Linux-Lab