RHSA-2022:7457
Vulnerability Summary
Timeline
Description
Red Hat Security Advisory: container-tools:rhel8 security, bug fix, and enhancement update
CVSS Metrics
- v3.1•HIGH•Score: 7.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Systems
- redhat•aardvark-dns
< 2:1.1.0-4.module+el8.7.0+16772+33343656
- redhat•buildah
< 1:1.27.0-2.module+el8.7.0+16772+33343656
- redhat•buildah-debuginfo
< 1:1.27.0-2.module+el8.7.0+16772+33343656
- redhat•buildah-debugsource
< 1:1.27.0-2.module+el8.7.0+16772+33343656
- redhat•buildah-tests
< 1:1.27.0-2.module+el8.7.0+16772+33343656
- redhat•buildah-tests-debuginfo
< 1:1.27.0-2.module+el8.7.0+16772+33343656
- redhat•cockpit-podman
< 0:53-1.module+el8.7.0+16772+33343656
- redhat•conmon
< 3:2.1.4-1.module+el8.7.0+16772+33343656
- redhat•conmon-debuginfo
< 3:2.1.4-1.module+el8.7.0+16772+33343656
- redhat•conmon-debugsource
< 3:2.1.4-1.module+el8.7.0+16772+33343656
- redhat•container-selinux
< 2:2.189.0-1.module+el8.7.0+16772+33343656
- redhat•containernetworking-plugins
< 1:1.1.1-3.module+el8.7.0+16772+33343656
- redhat•containernetworking-plugins-debuginfo
< 1:1.1.1-3.module+el8.7.0+16772+33343656
- redhat•containernetworking-plugins-debugsource
< 1:1.1.1-3.module+el8.7.0+16772+33343656
- redhat•containers-common
< 2:1-40.module+el8.7.0+16772+33343656
- redhat•crit
< 0:3.15-3.module+el8.7.0+16772+33343656
- redhat•criu
< 0:3.15-3.module+el8.7.0+16772+33343656
- redhat•criu-debuginfo
< 0:3.15-3.module+el8.7.0+16772+33343656
- redhat•criu-debugsource
< 0:3.15-3.module+el8.7.0+16772+33343656
- redhat•criu-devel
< 0:3.15-3.module+el8.7.0+16772+33343656
- redhat•criu-libs
< 0:3.15-3.module+el8.7.0+16772+33343656
- redhat•criu-libs-debuginfo
< 0:3.15-3.module+el8.7.0+16772+33343656
- redhat•crun
< 0:1.5-1.module+el8.7.0+16772+33343656
- redhat•crun-debuginfo
< 0:1.5-1.module+el8.7.0+16772+33343656
- redhat•crun-debugsource
< 0:1.5-1.module+el8.7.0+16772+33343656
- redhat•fuse-overlayfs
< 0:1.9-1.module+el8.7.0+16772+33343656
- redhat•fuse-overlayfs-debuginfo
< 0:1.9-1.module+el8.7.0+16772+33343656
- redhat•fuse-overlayfs-debugsource
< 0:1.9-1.module+el8.7.0+16772+33343656
- redhat•libslirp
< 0:4.4.0-1.module+el8.7.0+16772+33343656
- redhat•libslirp-debuginfo
< 0:4.4.0-1.module+el8.7.0+16772+33343656
- redhat•libslirp-debugsource
< 0:4.4.0-1.module+el8.7.0+16772+33343656
- redhat•libslirp-devel
< 0:4.4.0-1.module+el8.7.0+16772+33343656
- redhat•netavark
< 2:1.1.0-6.module+el8.7.0+16772+33343656
- redhat•oci-seccomp-bpf-hook
< 0:1.2.6-1.module+el8.7.0+16772+33343656
- redhat•oci-seccomp-bpf-hook-debuginfo
< 0:1.2.6-1.module+el8.7.0+16772+33343656
- redhat•oci-seccomp-bpf-hook-debugsource
< 0:1.2.6-1.module+el8.7.0+16772+33343656
- redhat•podman
< 3:4.2.0-1.module+el8.7.0+16772+33343656
- redhat•podman-catatonit
< 3:4.2.0-1.module+el8.7.0+16772+33343656
- redhat•podman-catatonit-debuginfo
< 3:4.2.0-1.module+el8.7.0+16772+33343656
- redhat•podman-debuginfo
< 3:4.2.0-1.module+el8.7.0+16772+33343656
- redhat•podman-debugsource
< 3:4.2.0-1.module+el8.7.0+16772+33343656
- redhat•podman-docker
< 3:4.2.0-1.module+el8.7.0+16772+33343656
- redhat•podman-gvproxy
< 3:4.2.0-1.module+el8.7.0+16772+33343656
- redhat•podman-gvproxy-debuginfo
< 3:4.2.0-1.module+el8.7.0+16772+33343656
- redhat•podman-plugins
< 3:4.2.0-1.module+el8.7.0+16772+33343656
- redhat•podman-plugins-debuginfo
< 3:4.2.0-1.module+el8.7.0+16772+33343656
- redhat•podman-remote
< 3:4.2.0-1.module+el8.7.0+16772+33343656
- redhat•podman-remote-debuginfo
< 3:4.2.0-1.module+el8.7.0+16772+33343656
- redhat•podman-tests
< 3:4.2.0-1.module+el8.7.0+16772+33343656
- redhat•python-podman
< 0:4.2.0-1.module+el8.7.0+16772+33343656
Showing first 50 affected entries in server-rendered view.
References (82)
- https://access.redhat.com/errata/RHSA-2022:7457
- https://access.redhat.com/security/updates/classification/#moderate
- https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.7_release_notes/index
- https://bugzilla.redhat.com/show_bug.cgi?id=1820551
- https://bugzilla.redhat.com/show_bug.cgi?id=1941727
- https://bugzilla.redhat.com/show_bug.cgi?id=1945929
- https://bugzilla.redhat.com/show_bug.cgi?id=1974423
- https://bugzilla.redhat.com/show_bug.cgi?id=1995656
- https://bugzilla.redhat.com/show_bug.cgi?id=1996050
- https://bugzilla.redhat.com/show_bug.cgi?id=2005866
- https://bugzilla.redhat.com/show_bug.cgi?id=2009264
- https://bugzilla.redhat.com/show_bug.cgi?id=2009346
- https://bugzilla.redhat.com/show_bug.cgi?id=2024938
- https://bugzilla.redhat.com/show_bug.cgi?id=2027662
- https://bugzilla.redhat.com/show_bug.cgi?id=2028408
- https://bugzilla.redhat.com/show_bug.cgi?id=2030195
- https://bugzilla.redhat.com/show_bug.cgi?id=2039045
- https://bugzilla.redhat.com/show_bug.cgi?id=2052697
- https://bugzilla.redhat.com/show_bug.cgi?id=2053990
- https://bugzilla.redhat.com/show_bug.cgi?id=2055313
- https://bugzilla.redhat.com/show_bug.cgi?id=2059666
- https://bugzilla.redhat.com/show_bug.cgi?id=2062697
- https://bugzilla.redhat.com/show_bug.cgi?id=2064702
- https://bugzilla.redhat.com/show_bug.cgi?id=2066145
- https://bugzilla.redhat.com/show_bug.cgi?id=2068006
- https://bugzilla.redhat.com/show_bug.cgi?id=2072452
- https://bugzilla.redhat.com/show_bug.cgi?id=2073958
- https://bugzilla.redhat.com/show_bug.cgi?id=2078925
- https://bugzilla.redhat.com/show_bug.cgi?id=2079759
- https://bugzilla.redhat.com/show_bug.cgi?id=2079761
- https://bugzilla.redhat.com/show_bug.cgi?id=2081836
- https://bugzilla.redhat.com/show_bug.cgi?id=2083570
- https://bugzilla.redhat.com/show_bug.cgi?id=2083997
- https://bugzilla.redhat.com/show_bug.cgi?id=2085361
- https://bugzilla.redhat.com/show_bug.cgi?id=2086398
- https://bugzilla.redhat.com/show_bug.cgi?id=2086757
- https://bugzilla.redhat.com/show_bug.cgi?id=2090609
- https://bugzilla.redhat.com/show_bug.cgi?id=2090920
- https://bugzilla.redhat.com/show_bug.cgi?id=2093079
- https://bugzilla.redhat.com/show_bug.cgi?id=2094610
- https://bugzilla.redhat.com/show_bug.cgi?id=2094875
- https://bugzilla.redhat.com/show_bug.cgi?id=2095097
- https://bugzilla.redhat.com/show_bug.cgi?id=2096264
- https://bugzilla.redhat.com/show_bug.cgi?id=2097865
- https://bugzilla.redhat.com/show_bug.cgi?id=2100740
- https://bugzilla.redhat.com/show_bug.cgi?id=2102140
- https://bugzilla.redhat.com/show_bug.cgi?id=2102361
- https://bugzilla.redhat.com/show_bug.cgi?id=2102381
- https://bugzilla.redhat.com/show_bug.cgi?id=2113941
- https://bugzilla.redhat.com/show_bug.cgi?id=2117699
- https://bugzilla.redhat.com/show_bug.cgi?id=2117928
- https://bugzilla.redhat.com/show_bug.cgi?id=2118231
- https://bugzilla.redhat.com/show_bug.cgi?id=2119072
- https://bugzilla.redhat.com/show_bug.cgi?id=2120651
- https://bugzilla.redhat.com/show_bug.cgi?id=2121453
- https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_7457.json
- https://access.redhat.com/security/cve/CVE-2021-36221
- https://www.cve.org/CVERecord?id=CVE-2021-36221
- https://nvd.nist.gov/vuln/detail/CVE-2021-36221
- https://groups.google.com/g/golang-announce/c/uHACNfXAZqk
- https://access.redhat.com/security/cve/CVE-2021-41190
- https://www.cve.org/CVERecord?id=CVE-2021-41190
- https://nvd.nist.gov/vuln/detail/CVE-2021-41190
- https://github.com/moby/moby/security/advisories/GHSA-xmmx-7jpf-fx42
- https://github.com/opencontainers/distribution-spec/security/advisories/GHSA-mc8v-mgrf-8f4m
- https://github.com/opencontainers/image-spec/security/advisories/GHSA-77vh-xpmg-72qh
- https://access.redhat.com/security/cve/CVE-2022-1708
- https://www.cve.org/CVERecord?id=CVE-2022-1708
- https://nvd.nist.gov/vuln/detail/CVE-2022-1708
- https://github.com/cri-o/cri-o/security/advisories/GHSA-fcm2-6c3h-pg6j
- https://access.redhat.com/security/cve/CVE-2022-2990
- https://www.cve.org/CVERecord?id=CVE-2022-2990
- https://nvd.nist.gov/vuln/detail/CVE-2022-2990
- https://www.benthamsgaze.org/2022/08/22/vulnerability-in-linux-containers-investigation-and-mitigation/
- https://access.redhat.com/security/cve/CVE-2022-27191
- https://www.cve.org/CVERecord?id=CVE-2022-27191
- https://nvd.nist.gov/vuln/detail/CVE-2022-27191
- https://groups.google.com/g/golang-announce/c/-cp44ypCT5s/m/wmegxkLiAQAJ
- https://access.redhat.com/security/cve/CVE-2022-29162
- https://www.cve.org/CVERecord?id=CVE-2022-29162
- https://nvd.nist.gov/vuln/detail/CVE-2022-29162
- https://github.com/opencontainers/runc/security/advisories/GHSA-f3fp-gc8g-vw66