RHSA-2024:0748

Description

Red Hat Security Advisory: container-tools:4.0 security update

CVSS Metrics

• v3.1•HIGH•Score: 8.6CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

Affected Systems

• redhat•aardvark-dns

  < 2:1.0.1-38.module+el8.9.0+21242+944321bb

• redhat•buildah

  < 1:1.24.6-7.module+el8.9.0+21242+944321bb

• redhat•buildah-debuginfo

  < 1:1.24.6-7.module+el8.9.0+21242+944321bb

• redhat•buildah-debugsource

  < 1:1.24.6-7.module+el8.9.0+21242+944321bb

• redhat•buildah-tests

  < 1:1.24.6-7.module+el8.9.0+21242+944321bb

• redhat•buildah-tests-debuginfo

  < 1:1.24.6-7.module+el8.9.0+21242+944321bb

• redhat•cockpit-podman

  < 0:46-1.module+el8.9.0+21242+944321bb

• redhat•conmon

  < 2:2.1.4-2.module+el8.9.0+21242+944321bb

• redhat•conmon-debuginfo

  < 2:2.1.4-2.module+el8.9.0+21242+944321bb

• redhat•conmon-debugsource

  < 2:2.1.4-2.module+el8.9.0+21242+944321bb

• redhat•container-selinux

  < 2:2.205.0-3.module+el8.9.0+21242+944321bb

• redhat•containernetworking-plugins

  < 1:1.1.1-6.module+el8.9.0+21242+944321bb

• redhat•containernetworking-plugins-debuginfo

  < 1:1.1.1-6.module+el8.9.0+21242+944321bb

• redhat•containernetworking-plugins-debugsource

  < 1:1.1.1-6.module+el8.9.0+21242+944321bb

• redhat•containers-common

  < 2:1-38.module+el8.9.0+21242+944321bb

• redhat•crit

  < 0:3.15-3.module+el8.9.0+21242+944321bb

• redhat•criu

  < 0:3.15-3.module+el8.9.0+21242+944321bb

• redhat•criu-debuginfo

  < 0:3.15-3.module+el8.9.0+21242+944321bb

• redhat•criu-debugsource

  < 0:3.15-3.module+el8.9.0+21242+944321bb

• redhat•criu-devel

  < 0:3.15-3.module+el8.9.0+21242+944321bb

• redhat•criu-libs

  < 0:3.15-3.module+el8.9.0+21242+944321bb

• redhat•criu-libs-debuginfo

  < 0:3.15-3.module+el8.9.0+21242+944321bb

• redhat•crun

  < 0:1.8.7-1.module+el8.9.0+21242+944321bb

• redhat•crun-debuginfo

  < 0:1.8.7-1.module+el8.9.0+21242+944321bb

• redhat•crun-debugsource

  < 0:1.8.7-1.module+el8.9.0+21242+944321bb

• redhat•fuse-overlayfs

  < 0:1.9-2.module+el8.9.0+21242+944321bb

• redhat•fuse-overlayfs-debuginfo

  < 0:1.9-2.module+el8.9.0+21242+944321bb

• redhat•fuse-overlayfs-debugsource

  < 0:1.9-2.module+el8.9.0+21242+944321bb

• redhat•libslirp

  < 0:4.4.0-1.module+el8.9.0+21242+944321bb

• redhat•libslirp-debuginfo

  < 0:4.4.0-1.module+el8.9.0+21242+944321bb

• redhat•libslirp-debugsource

  < 0:4.4.0-1.module+el8.9.0+21242+944321bb

• redhat•libslirp-devel

  < 0:4.4.0-1.module+el8.9.0+21242+944321bb

• redhat•netavark

  < 2:1.0.1-38.module+el8.9.0+21242+944321bb

• redhat•oci-seccomp-bpf-hook

  < 0:1.2.5-2.module+el8.9.0+21242+944321bb

• redhat•oci-seccomp-bpf-hook-debuginfo

  < 0:1.2.5-2.module+el8.9.0+21242+944321bb

• redhat•oci-seccomp-bpf-hook-debugsource

  < 0:1.2.5-2.module+el8.9.0+21242+944321bb

• redhat•podman

  < 2:4.0.2-26.module+el8.9.0+21242+944321bb

• redhat•podman-catatonit

  < 2:4.0.2-26.module+el8.9.0+21242+944321bb

• redhat•podman-catatonit-debuginfo

  < 2:4.0.2-26.module+el8.9.0+21242+944321bb

• redhat•podman-debuginfo

  < 2:4.0.2-26.module+el8.9.0+21242+944321bb

• redhat•podman-debugsource

  < 2:4.0.2-26.module+el8.9.0+21242+944321bb

• redhat•podman-docker

  < 2:4.0.2-26.module+el8.9.0+21242+944321bb

• redhat•podman-gvproxy

  < 2:4.0.2-26.module+el8.9.0+21242+944321bb

• redhat•podman-gvproxy-debuginfo

  < 2:4.0.2-26.module+el8.9.0+21242+944321bb

• redhat•podman-plugins

  < 2:4.0.2-26.module+el8.9.0+21242+944321bb

• redhat•podman-plugins-debuginfo

  < 2:4.0.2-26.module+el8.9.0+21242+944321bb

• redhat•podman-remote

  < 2:4.0.2-26.module+el8.9.0+21242+944321bb

• redhat•podman-remote-debuginfo

  < 2:4.0.2-26.module+el8.9.0+21242+944321bb

• redhat•podman-tests

  < 2:4.0.2-26.module+el8.9.0+21242+944321bb

• redhat•python-podman

  < 0:4.0.0-2.module+el8.9.0+21242+944321bb

Showing first 50 affected entries in server-rendered view.

References (21)

• https://access.redhat.com/errata/RHSA-2024:0748
• https://access.redhat.com/security/updates/classification/#important
• https://access.redhat.com/security/vulnerabilities/RHSB-2024-001
• https://bugzilla.redhat.com/show_bug.cgi?id=2253193
• https://bugzilla.redhat.com/show_bug.cgi?id=2253330
• https://bugzilla.redhat.com/show_bug.cgi?id=2258725
• https://issues.redhat.com/browse/RHEL-15029
• https://issues.redhat.com/browse/RHEL-17145
• https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_0748.json
• https://access.redhat.com/security/cve/CVE-2023-39326
• https://www.cve.org/CVERecord?id=CVE-2023-39326
• https://nvd.nist.gov/vuln/detail/CVE-2023-39326
• https://pkg.go.dev/vuln/GO-2023-2382
• https://access.redhat.com/security/cve/CVE-2023-45287
• https://www.cve.org/CVERecord?id=CVE-2023-45287
• https://nvd.nist.gov/vuln/detail/CVE-2023-45287
• https://pkg.go.dev/vuln/GO-2023-2375
• https://access.redhat.com/security/cve/CVE-2024-21626
• https://www.cve.org/CVERecord?id=CVE-2024-21626
• https://nvd.nist.gov/vuln/detail/CVE-2024-21626
• https://github.com/opencontainers/runc/security/advisories/GHSA-xr7r-f8xq-vfvv