RLSA-2024:8846
See a problem?- Import Source
- https://storage.googleapis.com/resf-osv-data/RLSA-2024:8846.json
- JSON Data
- https://api.osv.dev/v1/vulns/RLSA-2024:8846
- Related
- Published
- 2024-11-08T15:56:47.559546Z
- Modified
- 2024-11-08T15:59:30.140809Z
- Summary
- Important: container-tools:rhel8 security update
- Details
-
The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc.
Security Fix(es):
Podman: Buildah: cri-o: FIPS Crypto-Policy Directory Mounting Issue in containers/common Go Library (CVE-2024-9341)
Buildah: Podman: Improper Input Validation in bind-propagation Option of Dockerfile RUN --mount Instruction (CVE-2024-9407)
buildah: Buildah allows arbitrary directory mount (CVE-2024-9675)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
- References
- Credits
-
-
- Rocky Enterprise Software Foundation
-
- Red Hat
-
Affected packages
Rocky Linux:8 / aardvark-dns
Package
- Name
- aardvark-dns
- Purl
- pkg:rpm/rocky-linux/aardvark-dns?distro=rocky-linux-8&epoch=2
Rocky Linux:8 / buildah
Package
- Name
- buildah
- Purl
- pkg:rpm/rocky-linux/buildah?distro=rocky-linux-8&epoch=2
Rocky Linux:8 / cockpit-podman
Package
- Name
- cockpit-podman
- Purl
- pkg:rpm/rocky-linux/cockpit-podman?distro=rocky-linux-8&epoch=0
Rocky Linux:8 / conmon
Package
- Name
- conmon
- Purl
- pkg:rpm/rocky-linux/conmon?distro=rocky-linux-8&epoch=3
Rocky Linux:8 / containernetworking-plugins
Package
- Name
- containernetworking-plugins
- Purl
- pkg:rpm/rocky-linux/containernetworking-plugins?distro=rocky-linux-8&epoch=1
Rocky Linux:8 / containers-common
Package
- Name
- containers-common
- Purl
- pkg:rpm/rocky-linux/containers-common?distro=rocky-linux-8&epoch=2
Rocky Linux:8 / container-selinux
Package
- Name
- container-selinux
- Purl
- pkg:rpm/rocky-linux/container-selinux?distro=rocky-linux-8&epoch=2
Rocky Linux:8 / criu
Package
- Name
- criu
- Purl
- pkg:rpm/rocky-linux/criu?distro=rocky-linux-8&epoch=0
Rocky Linux:8 / crun
Package
- Name
- crun
- Purl
- pkg:rpm/rocky-linux/crun?distro=rocky-linux-8&epoch=0
Rocky Linux:8 / fuse-overlayfs
Package
- Name
- fuse-overlayfs
- Purl
- pkg:rpm/rocky-linux/fuse-overlayfs?distro=rocky-linux-8&epoch=0
Rocky Linux:8 / libslirp
Package
- Name
- libslirp
- Purl
- pkg:rpm/rocky-linux/libslirp?distro=rocky-linux-8&epoch=0
Rocky Linux:8 / netavark
Package
- Name
- netavark
- Purl
- pkg:rpm/rocky-linux/netavark?distro=rocky-linux-8&epoch=2
Rocky Linux:8 / oci-seccomp-bpf-hook
Package
- Name
- oci-seccomp-bpf-hook
- Purl
- pkg:rpm/rocky-linux/oci-seccomp-bpf-hook?distro=rocky-linux-8&epoch=0
Rocky Linux:8 / podman
Package
- Name
- podman
- Purl
- pkg:rpm/rocky-linux/podman?distro=rocky-linux-8&epoch=4
Rocky Linux:8 / python-podman
Package
- Name
- python-podman
- Purl
- pkg:rpm/rocky-linux/python-podman?distro=rocky-linux-8&epoch=0
Rocky Linux:8 / runc
Package
- Name
- runc
- Purl
- pkg:rpm/rocky-linux/runc?distro=rocky-linux-8&epoch=1
Rocky Linux:8 / skopeo
Package
- Name
- skopeo
- Purl
- pkg:rpm/rocky-linux/skopeo?distro=rocky-linux-8&epoch=2
Rocky Linux:8 / slirp4netns
Package
- Name
- slirp4netns
- Purl
- pkg:rpm/rocky-linux/slirp4netns?distro=rocky-linux-8&epoch=0
Rocky Linux:8 / toolbox
Package
- Name
- toolbox
- Purl
- pkg:rpm/rocky-linux/toolbox?distro=rocky-linux-8&epoch=0
Rocky Linux:8 / udica
Package
- Name
- udica
- Purl
- pkg:rpm/rocky-linux/udica?distro=rocky-linux-8&epoch=0