HIGH 7.8
PYSEC-2026-838
OpenStack Kolla sudo privilege escalation vulnerability
Details
A privilege escalation vulnerability exists in the sudo functionality of OpenStack Kolla git master 05194e7618. A misconfiguration in /etc/sudoers within a container can lead to increased privileges.
Are you affected?
Enter the version of the package you're using.
Affected packages
References
- https://nvd.nist.gov/vuln/detail/CVE-2022-38060 [ADVISORY]
- https://github.com/openstack/kolla/commit/2a4a8fce31c12114e8f472c24dd96864b5bd2bd2 [WEB]
- https://bugs.launchpad.net/kolla/+bug/1985784 [WEB]
- https://bugzilla.redhat.com/show_bug.cgi?id=2124758 [WEB]
- https://github.com/openstack/kolla [WEB]
- https://talosintelligence.com/vulnerability_reports/TALOS-2022-1589 [WEB]
- https://pypi.org/project/kolla [PACKAGE]
- https://github.com/advisories/GHSA-rvxr-pf5f-j2qj [ADVISORY]