CVE-2022-1227

HIGH

Podman < 4.0.0 - Privilege Escalation via Malicious Image in 'podman top' Command

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2022-1227. PoCs published by LouisLiuNova.

AI-analyzed exploit summary This repository contains a working proof-of-concept exploit for CVE-2022-1227, which leverages a vulnerability in Podman to break PID and network namespace isolation. The exploit demonstrates both a simple process kill across namespaces and a full socket-based communication escape.

Description

A privilege escalation flaw was found in Podman. This flaw allows an attacker to publish a malicious image to a public registry. Once this image is downloaded by a potential victim, the vulnerability is triggered after a user runs the 'podman top' command. This action gives the attacker access to the host filesystem, leading to information disclosure or denial of service.

Exploits (1)

nomisec WORKING POC 1 stars

by LouisLiuNova · poc

https://github.com/LouisLiuNova/CVE-2022-1227_Exploit

View Code ZIP pw:eip

This repository contains a working proof-of-concept exploit for CVE-2022-1227, which leverages a vulnerability in Podman to break PID and network namespace isolation. The exploit demonstrates both a simple process kill across namespaces and a full socket-based communication escape.

Classification

Working Poc 95%

Attack Type

Lpe

Complexity

Moderate

Reliability

Reliable

Target: Podman < 4.0.0

No auth needed

Prerequisites: Podman installed with version < 4.0.0 · Ubuntu 20.10 recommended · Container running with --userns=keep-id

MITRE ATT&CK

T1611 - Escape to Host T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4

Core References

Mailing List, Third Party Advisory vendor-advisory

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/

Issue Tracking, Third Party Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=2070368

Exploit, Issue Tracking, Third Party Advisory

https://github.com/containers/podman/issues/10941

Vendor Advisory

https://security.netapp.com/advisory/ntap-20240628-0001/

Scores

CVSS v3 8.8

EPSS 0.3327

EPSS Percentile 97.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE

CWE-269 CWE-281

Status published

Products (22)

containers/podman 0 - 3.4Go

containers/psgo 0 - 1.7.2Go

fedoraproject/fedora 34

fedoraproject/fedora 35

podman_project/podman < 4.0.0

psgo_project/psgo < 1.7.2

redhat/developer_tools 1.0

redhat/enterprise_linux 7.0

redhat/enterprise_linux 8.0

redhat/enterprise_linux_eus 8.6

... and 12 more

Published Apr 29, 2022

Tracked Since Feb 18, 2026