CRI-O has released a security update addressing a critical vulnerability—CVE-2022-0811—in CRI-O 1.19. A local attacker could exploit this vulnerability to take control of an affected Kubernetes environment as well as other software or platforms that use CRI-O runtime containers.
CISA encourages users and administrators to review the CRI-O Security Advisory and apply the necessary updates or workarounds.
Please share your thoughts.
We recently updated our anonymous product survey; we'd welcome your feedback.