DescriptionA vulnerability, which was classified as critical, was found in Podman and Varlink 1.5.1. This affects an unknown part of the component API. The manipulation leads to Privilege Escalation. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
libpod (PTS)bullseye3.0.1+dfsg1-3+deb11u1fixed
bookworm, sid3.4.7+ds1-3fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs

exploit demo script on client uses Python podman code which is not in Debian
refers to old versions of remote code which never made it to a Debian release
issue probably present in all versions with varlink, starting 1.6.2+dfsg-1
upstream (Fedora/RedHat) refuses to look into it:

Search for package or bug name: Reporting problems