Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 896372 (CVE-2023-0778) - app-containers/podman: arbitrary host file access
Summary: app-containers/podman: arbitrary host file access
Alias: CVE-2023-0778
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
Whiteboard: B4 [ebuild]
Depends on:
Reported: 2023-02-25 01:13 UTC by John Helmert III
Modified: 2023-02-25 01:13 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2023-02-25 01:13:38 UTC
"## 4.4.2
- This release fixes CVE-2023-0778, which allowed a malicious user to potentially replace a normal file in a volume with a symlink while exporting the volume, allowing for access to arbitrary files on the host file system."

Please bump to 4.4.2.