RLSA-2022:7822

See a problem?
Import Source
https://storage.googleapis.com/resf-osv-data/RLSA-2022:7822.json
JSON Data
https://api.osv.dev/v1/vulns/RLSA-2022:7822
Related
Published
2022-11-08T10:51:15Z
Modified
2023-02-02T13:53:45.984861Z
Severity
  • 7.1 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N CVSS Calculator
Summary
Low: container-tools:rhel8 security, bug fix, and enhancement update
Details

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc.

Security Fix(es):

  • podman: possible information disclosure and modification (CVE-2022-2989)

  • buildah: possible information disclosure and modification (CVE-2022-2990)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

  • podman creates lock file in /etc/cni/net.d/cni.lock instead of /run/lock/ (BZ#2125644)

  • (podman image trust) does not support the new trust type "sigstoreSigned " (BZ#2125645)

  • podman kill may deadlock (BZ#2125647)

  • Error: runc: exec failed: unable to start container process: open /dev/pts/0: operation not permitted: OCI permission denied [Rocky Linux 8.7] (BZ#2125648)

  • containers-common-1-44 is missing RPM-GPG-KEY-redhat-beta [Rocky Linux 8.7] (BZ#2125686)

  • ADD Dockerfile reference is not validating HTTP status code [Rocky Linux8-8.7.0] (BZ#2129767)

  • Two aardvark-dns instances trying to use the same port on the same interface. [Rocky Linux-8.7.0.z] (netavark) (BZ#2130234)

  • containers config.json gets empty after sudden power loss (BZ#2130236)

  • PANIC podman API service endpoint handler panic (BZ#2132412)

  • Podman container got global IPv6 address unexpectedly even when macvlan network is created for pure IPv4 network (BZ#2133390)

  • Skopeo push image to redhat quay with sigstore was failed (BZ#2136406)

  • Podman push image to redhat quay with sigstore was failed (BZ#2136433)

  • Buildah push image to redhat quay with sigstore was failed (BZ#2136438)

  • Two aardvark-dns instances trying to use the same port on the same interface. [Rocky Linux-8.8] (aardvark-dns) (BZ#2137295)

Enhancement(s):

  • [RFE]Podman support to perform custom actions on unhealthy containers (BZ#2130911)

  • [RFE] python-podman: Podman support to perform custom actions on unhealthy containers (BZ#2132360)

  • Podman volume plugin timeout should be configurable (BZ#2132992)

References
Credits
    • Rocky Enterprise Software Foundation
    • Red Hat

Affected packages

Rocky Linux:8 / aardvark-dns

Package

Name
aardvark-dns
Purl
pkg:rpm/rocky-linux/aardvark-dns?distro=rocky-linux-8&epoch=2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2:1.1.0-5.module+el8.7.0+1078+e72fcd4f

Rocky Linux:8 / buildah

Package

Name
buildah
Purl
pkg:rpm/rocky-linux/buildah?distro=rocky-linux-8&epoch=1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:1.27.2-2.module+el8.7.0+1078+e72fcd4f

Rocky Linux:8 / cockpit-podman

Package

Name
cockpit-podman
Purl
pkg:rpm/rocky-linux/cockpit-podman?distro=rocky-linux-8&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:53-1.module+el8.7.0+1078+e72fcd4f

Rocky Linux:8 / conmon

Package

Name
conmon
Purl
pkg:rpm/rocky-linux/conmon?distro=rocky-linux-8&epoch=2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2:2.1.4-1.module+el8.7.0+1077+0e4f03d4

Rocky Linux:8 / containernetworking-plugins

Package

Name
containernetworking-plugins
Purl
pkg:rpm/rocky-linux/containernetworking-plugins?distro=rocky-linux-8&epoch=1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:1.1.1-3.module+el8.7.0+1078+e72fcd4f

Rocky Linux:8 / containernetworking-plugins

Package

Name
containernetworking-plugins
Purl
pkg:rpm/rocky-linux/containernetworking-plugins?distro=rocky-linux-8-6-legacy&epoch=1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:1.1.1-3.module+el8.6.0+1054+50b00ff4

Rocky Linux:8 / containers-common

Package

Name
containers-common
Purl
pkg:rpm/rocky-linux/containers-common?distro=rocky-linux-8&epoch=2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2:1-43.module+el8.7.0+1078+e72fcd4f

Rocky Linux:8 / container-selinux

Package

Name
container-selinux
Purl
pkg:rpm/rocky-linux/container-selinux?distro=rocky-linux-8&epoch=2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2:2.189.0-1.module+el8.7.0+1076+9b1c11c1

Rocky Linux:8 / container-selinux

Package

Name
container-selinux
Purl
pkg:rpm/rocky-linux/container-selinux?distro=rocky-linux-8-6-legacy&epoch=2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2:2.189.0-1.module+el8.6.0+1054+50b00ff4

Rocky Linux:8 / criu

Package

Name
criu
Purl
pkg:rpm/rocky-linux/criu?distro=rocky-linux-8&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:3.15-3.module+el8.7.0+1077+0e4f03d4

Rocky Linux:8 / criu

Package

Name
criu
Purl
pkg:rpm/rocky-linux/criu?distro=rocky-linux-8-5-legacy&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:3.15-3.module+el8.5.0+710+4c471e88

Rocky Linux:8 / criu

Package

Name
criu
Purl
pkg:rpm/rocky-linux/criu?distro=rocky-linux-8-6-legacy&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:3.15-3.module+el8.6.0+1054+50b00ff4

Rocky Linux:8 / crun

Package

Name
crun
Purl
pkg:rpm/rocky-linux/crun?distro=rocky-linux-8&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:1.5-1.module+el8.7.0+1077+0e4f03d4

Rocky Linux:8 / crun

Package

Name
crun
Purl
pkg:rpm/rocky-linux/crun?distro=rocky-linux-8-6-legacy&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:1.5-1.module+el8.6.0+1054+50b00ff4

Rocky Linux:8 / fuse-overlayfs

Package

Name
fuse-overlayfs
Purl
pkg:rpm/rocky-linux/fuse-overlayfs?distro=rocky-linux-8&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:1.9-1.module+el8.7.0+1077+0e4f03d4

Rocky Linux:8 / fuse-overlayfs

Package

Name
fuse-overlayfs
Purl
pkg:rpm/rocky-linux/fuse-overlayfs?distro=rocky-linux-8-6-legacy&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:1.9-1.module+el8.6.0+1054+50b00ff4

Rocky Linux:8 / libslirp

Package

Name
libslirp
Purl
pkg:rpm/rocky-linux/libslirp?distro=rocky-linux-8&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:4.4.0-1.module+el8.7.0+1077+0e4f03d4

Rocky Linux:8 / libslirp

Package

Name
libslirp
Purl
pkg:rpm/rocky-linux/libslirp?distro=rocky-linux-8-5-legacy&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:4.4.0-1.module+el8.5.0+710+4c471e88

Rocky Linux:8 / libslirp

Package

Name
libslirp
Purl
pkg:rpm/rocky-linux/libslirp?distro=rocky-linux-8-6-legacy&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:4.4.0-1.module+el8.6.0+1054+50b00ff4

Rocky Linux:8 / netavark

Package

Name
netavark
Purl
pkg:rpm/rocky-linux/netavark?distro=rocky-linux-8&epoch=2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2:1.1.0-7.module+el8.7.0+1078+e72fcd4f

Rocky Linux:8 / oci-seccomp-bpf-hook

Package

Name
oci-seccomp-bpf-hook
Purl
pkg:rpm/rocky-linux/oci-seccomp-bpf-hook?distro=rocky-linux-8&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:1.2.6-1.module+el8.7.0+1078+e72fcd4f

Rocky Linux:8 / oci-seccomp-bpf-hook

Package

Name
oci-seccomp-bpf-hook
Purl
pkg:rpm/rocky-linux/oci-seccomp-bpf-hook?distro=rocky-linux-8-6-legacy&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:1.2.6-1.module+el8.6.0+1054+50b00ff4

Rocky Linux:8 / podman

Package

Name
podman
Purl
pkg:rpm/rocky-linux/podman?distro=rocky-linux-8&epoch=3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3:4.2.0-4.module+el8.7.0+1078+e72fcd4f

Rocky Linux:8 / python-podman

Package

Name
python-podman
Purl
pkg:rpm/rocky-linux/python-podman?distro=rocky-linux-8&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:4.2.1-1.module+el8.7.0+1078+e72fcd4f

Rocky Linux:8 / runc

Package

Name
runc
Purl
pkg:rpm/rocky-linux/runc?distro=rocky-linux-8&epoch=1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:1.1.4-1.module+el8.7.0+1077+0e4f03d4

Rocky Linux:8 / skopeo

Package

Name
skopeo
Purl
pkg:rpm/rocky-linux/skopeo?distro=rocky-linux-8&epoch=2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2:1.9.3-1.module+el8.7.0+1078+e72fcd4f

Rocky Linux:8 / slirp4netns

Package

Name
slirp4netns
Purl
pkg:rpm/rocky-linux/slirp4netns?distro=rocky-linux-8&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:1.2.0-2.module+el8.7.0+1078+e72fcd4f

Rocky Linux:8 / slirp4netns

Package

Name
slirp4netns
Purl
pkg:rpm/rocky-linux/slirp4netns?distro=rocky-linux-8-6-legacy&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:1.2.0-2.module+el8.6.0+1054+50b00ff4

Rocky Linux:8 / toolbox

Package

Name
toolbox
Purl
pkg:rpm/rocky-linux/toolbox?distro=rocky-linux-8&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:0.0.99.3-0.6.module+el8.7.0+1078+e72fcd4f

Rocky Linux:8 / toolbox

Package

Name
toolbox
Purl
pkg:rpm/rocky-linux/toolbox?distro=rocky-linux-8-6-legacy&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:0.0.99.3-0.6.module+el8.6.0+1054+50b00ff4

Rocky Linux:8 / udica

Package

Name
udica
Purl
pkg:rpm/rocky-linux/udica?distro=rocky-linux-8&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:0.2.6-3.module+el8.7.0+1077+0e4f03d4

Rocky Linux:8 / udica

Package

Name
udica
Purl
pkg:rpm/rocky-linux/udica?distro=rocky-linux-8-6-legacy&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:0.2.6-3.module+el8.6.0+971+69b94baf