RHSA-2024:10289

Description

Red Hat Security Advisory: container-tools:rhel8 security update

CVSS Metrics

• v3.1•HIGH•Score: 7.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Systems

• redhat•aardvark-dns

  < 2:1.10.1-2.module+el8.10.0+22417+2fb00970

• redhat•buildah

  < 2:1.33.11-1.module+el8.10.0+22417+2fb00970

• redhat•buildah-debuginfo

  < 2:1.33.11-1.module+el8.10.0+22417+2fb00970

• redhat•buildah-debugsource

  < 2:1.33.11-1.module+el8.10.0+22417+2fb00970

• redhat•buildah-tests

  < 2:1.33.11-1.module+el8.10.0+22417+2fb00970

• redhat•buildah-tests-debuginfo

  < 2:1.33.11-1.module+el8.10.0+22417+2fb00970

• redhat•cockpit-podman

  < 0:84.1-1.module+el8.10.0+22417+2fb00970

• redhat•conmon

  < 3:2.1.10-1.module+el8.10.0+22417+2fb00970

• redhat•conmon-debuginfo

  < 3:2.1.10-1.module+el8.10.0+22417+2fb00970

• redhat•conmon-debugsource

  < 3:2.1.10-1.module+el8.10.0+22417+2fb00970

• redhat•container-selinux

  < 2:2.229.0-2.module+el8.10.0+22417+2fb00970

• redhat•containernetworking-plugins

  < 1:1.4.0-5.module+el8.10.0+22417+2fb00970

• redhat•containernetworking-plugins-debuginfo

  < 1:1.4.0-5.module+el8.10.0+22417+2fb00970

• redhat•containernetworking-plugins-debugsource

  < 1:1.4.0-5.module+el8.10.0+22417+2fb00970

• redhat•containers-common

  < 2:1-82.module+el8.10.0+22417+2fb00970

• redhat•crit

  < 0:3.18-5.module+el8.10.0+22417+2fb00970

• redhat•criu

  < 0:3.18-5.module+el8.10.0+22417+2fb00970

• redhat•criu-debuginfo

  < 0:3.18-5.module+el8.10.0+22417+2fb00970

• redhat•criu-debugsource

  < 0:3.18-5.module+el8.10.0+22417+2fb00970

• redhat•criu-devel

  < 0:3.18-5.module+el8.10.0+22417+2fb00970

• redhat•criu-libs

  < 0:3.18-5.module+el8.10.0+22417+2fb00970

• redhat•criu-libs-debuginfo

  < 0:3.18-5.module+el8.10.0+22417+2fb00970

• redhat•crun

  < 0:1.14.3-2.module+el8.10.0+22417+2fb00970

• redhat•crun-debuginfo

  < 0:1.14.3-2.module+el8.10.0+22417+2fb00970

• redhat•crun-debugsource

  < 0:1.14.3-2.module+el8.10.0+22417+2fb00970

• redhat•fuse-overlayfs

  < 0:1.13-1.module+el8.10.0+22417+2fb00970

• redhat•fuse-overlayfs-debuginfo

  < 0:1.13-1.module+el8.10.0+22417+2fb00970

• redhat•fuse-overlayfs-debugsource

  < 0:1.13-1.module+el8.10.0+22417+2fb00970

• redhat•libslirp

  < 0:4.4.0-2.module+el8.10.0+22417+2fb00970

• redhat•libslirp-debuginfo

  < 0:4.4.0-2.module+el8.10.0+22417+2fb00970

• redhat•libslirp-debugsource

  < 0:4.4.0-2.module+el8.10.0+22417+2fb00970

• redhat•libslirp-devel

  < 0:4.4.0-2.module+el8.10.0+22417+2fb00970

• redhat•netavark

  < 2:1.10.3-1.module+el8.10.0+22417+2fb00970

• redhat•oci-seccomp-bpf-hook

  < 0:1.2.10-1.module+el8.10.0+22417+2fb00970

• redhat•oci-seccomp-bpf-hook-debuginfo

  < 0:1.2.10-1.module+el8.10.0+22417+2fb00970

• redhat•oci-seccomp-bpf-hook-debugsource

  < 0:1.2.10-1.module+el8.10.0+22417+2fb00970

• redhat•podman

  < 4:4.9.4-18.module+el8.10.0+22417+2fb00970

• redhat•podman-catatonit

  < 4:4.9.4-18.module+el8.10.0+22417+2fb00970

• redhat•podman-catatonit-debuginfo

  < 4:4.9.4-18.module+el8.10.0+22417+2fb00970

• redhat•podman-debuginfo

  < 4:4.9.4-18.module+el8.10.0+22417+2fb00970

• redhat•podman-debugsource

  < 4:4.9.4-18.module+el8.10.0+22417+2fb00970

• redhat•podman-docker

  < 4:4.9.4-18.module+el8.10.0+22417+2fb00970

• redhat•podman-gvproxy

  < 4:4.9.4-18.module+el8.10.0+22417+2fb00970

• redhat•podman-gvproxy-debuginfo

  < 4:4.9.4-18.module+el8.10.0+22417+2fb00970

• redhat•podman-plugins

  < 4:4.9.4-18.module+el8.10.0+22417+2fb00970

• redhat•podman-plugins-debuginfo

  < 4:4.9.4-18.module+el8.10.0+22417+2fb00970

• redhat•podman-remote

  < 4:4.9.4-18.module+el8.10.0+22417+2fb00970

• redhat•podman-remote-debuginfo

  < 4:4.9.4-18.module+el8.10.0+22417+2fb00970

• redhat•podman-tests

  < 4:4.9.4-18.module+el8.10.0+22417+2fb00970

• redhat•python-podman

  < 0:4.9.0-3.module+el8.10.0+22417+2fb00970

Showing first 50 affected entries in server-rendered view.

References (18)

• https://access.redhat.com/errata/RHSA-2024:10289
• https://access.redhat.com/security/updates/classification/#moderate
• https://bugzilla.redhat.com/show_bug.cgi?id=1989575
• https://bugzilla.redhat.com/show_bug.cgi?id=2026675
• https://bugzilla.redhat.com/show_bug.cgi?id=2317467
• https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_10289.json
• https://access.redhat.com/security/cve/CVE-2021-4024
• https://www.cve.org/CVERecord?id=CVE-2021-4024
• https://nvd.nist.gov/vuln/detail/CVE-2021-4024
• https://access.redhat.com/security/cve/CVE-2021-33198
• https://www.cve.org/CVERecord?id=CVE-2021-33198
• https://nvd.nist.gov/vuln/detail/CVE-2021-33198
• https://groups.google.com/g/golang-announce/c/RgCMkAEQjSI
• https://access.redhat.com/security/cve/CVE-2024-9676
• https://www.cve.org/CVERecord?id=CVE-2024-9676
• https://nvd.nist.gov/vuln/detail/CVE-2024-9676
• https://github.com/advisories/GHSA-wq2p-5pc6-wpgf
• https://github.com/containers/storage/commit/935c58f4b3e364a9c9d33ed06476a831e6ad5679