ELSA-2021-4154

Опубликовано: 16 нояб. 2021

Источник: oracle-oval

Платформа: Oracle Linux 8

Описание

ELSA-2021-4154: container-tools:ol8 security, bug fix, and enhancement update (MODERATE)

Обновленные пакеты

Oracle Linux 8

Oracle Linux aarch64

Module container-tools:ol8 is enabled

buildah

1.22.3-2.0.1.module+el8.5.0+20416+d687fed7

buildah-tests

1.22.3-2.0.1.module+el8.5.0+20416+d687fed7

cockpit-podman

33-1.module+el8.5.0+20416+d687fed7

conmon

2.0.29-1.module+el8.5.0+20416+d687fed7

container-selinux

2.167.0-1.module+el8.5.0+20416+d687fed7

containernetworking-plugins

1.0.0-1.module+el8.5.0+20416+d687fed7

containers-common

1-2.0.2.module+el8.5.0+20424+d687fed7

crit

3.15-3.module+el8.5.0+20416+d687fed7

criu

3.15-3.module+el8.5.0+20416+d687fed7

criu-devel

3.15-3.module+el8.5.0+20416+d687fed7

criu-libs

3.15-3.module+el8.5.0+20416+d687fed7

crun

1.0-1.module+el8.5.0+20416+d687fed7

fuse-overlayfs

1.7.1-1.module+el8.5.0+20416+d687fed7

libslirp

4.4.0-1.module+el8.5.0+20416+d687fed7

libslirp-devel

4.4.0-1.module+el8.5.0+20416+d687fed7

oci-seccomp-bpf-hook

1.2.3-3.module+el8.5.0+20416+d687fed7

podman

3.3.1-9.0.1.module+el8.5.0+20416+d687fed7

podman-catatonit

3.3.1-9.0.1.module+el8.5.0+20416+d687fed7

podman-docker

3.3.1-9.0.1.module+el8.5.0+20416+d687fed7

podman-gvproxy

3.3.1-9.0.1.module+el8.5.0+20416+d687fed7

podman-plugins

3.3.1-9.0.1.module+el8.5.0+20416+d687fed7

podman-remote

3.3.1-9.0.1.module+el8.5.0+20416+d687fed7

podman-tests

3.3.1-9.0.1.module+el8.5.0+20416+d687fed7

python3-criu

3.15-3.module+el8.5.0+20416+d687fed7

python3-podman

3.2.0-2.module+el8.5.0+20416+d687fed7

runc

1.0.2-1.module+el8.5.0+20416+d687fed7

skopeo

1.4.2-0.1.0.1.module+el8.5.0+20416+d687fed7

skopeo-tests

1.4.2-0.1.0.1.module+el8.5.0+20416+d687fed7

slirp4netns

1.1.8-1.module+el8.5.0+20416+d687fed7

udica

0.2.5-2.module+el8.5.0+20416+d687fed7

Oracle Linux x86_64

Module container-tools:ol8 is enabled

buildah

1.22.3-2.0.1.module+el8.5.0+20416+d687fed7

buildah-tests

1.22.3-2.0.1.module+el8.5.0+20416+d687fed7

cockpit-podman

33-1.module+el8.5.0+20416+d687fed7

conmon

2.0.29-1.module+el8.5.0+20416+d687fed7

container-selinux

2.167.0-1.module+el8.5.0+20416+d687fed7

containernetworking-plugins

1.0.0-1.module+el8.5.0+20416+d687fed7

containers-common

1-2.0.2.module+el8.5.0+20424+d687fed7

crit

3.15-3.module+el8.5.0+20416+d687fed7

criu

3.15-3.module+el8.5.0+20416+d687fed7

criu-devel

3.15-3.module+el8.5.0+20416+d687fed7

criu-libs

3.15-3.module+el8.5.0+20416+d687fed7

crun

1.0-1.module+el8.5.0+20416+d687fed7

fuse-overlayfs

1.7.1-1.module+el8.5.0+20416+d687fed7

libslirp

4.4.0-1.module+el8.5.0+20416+d687fed7

libslirp-devel

4.4.0-1.module+el8.5.0+20416+d687fed7

oci-seccomp-bpf-hook

1.2.3-3.module+el8.5.0+20416+d687fed7

podman

3.3.1-9.0.1.module+el8.5.0+20416+d687fed7

podman-catatonit

3.3.1-9.0.1.module+el8.5.0+20416+d687fed7

podman-docker

3.3.1-9.0.1.module+el8.5.0+20416+d687fed7

podman-gvproxy

3.3.1-9.0.1.module+el8.5.0+20416+d687fed7

podman-plugins

3.3.1-9.0.1.module+el8.5.0+20416+d687fed7

podman-remote

3.3.1-9.0.1.module+el8.5.0+20416+d687fed7

podman-tests

3.3.1-9.0.1.module+el8.5.0+20416+d687fed7

python3-criu

3.15-3.module+el8.5.0+20416+d687fed7

python3-podman

3.2.0-2.module+el8.5.0+20416+d687fed7

runc

1.0.2-1.module+el8.5.0+20416+d687fed7

skopeo

1.4.2-0.1.0.1.module+el8.5.0+20416+d687fed7

skopeo-tests

1.4.2-0.1.0.1.module+el8.5.0+20416+d687fed7

slirp4netns

1.1.8-1.module+el8.5.0+20416+d687fed7

udica

0.2.5-2.module+el8.5.0+20416+d687fed7

Связанные CVE

CVE-2021-20291

CVE-2021-3602

Ссылки на источники

Связанные уязвимости

RLSA-2021:4154

rocky

больше 3 лет назад

Moderate: container-tools:rhel8 security, bug fix, and enhancement update

SUSE-SU-2022:3312-1

suse-cvrf

почти 3 года назад

Security update for libcontainers-common

openSUSE-SU-2022:23018-1

suse-cvrf

больше 3 лет назад

Security update for conmon, libcontainers-common, libseccomp, podman

SUSE-SU-2022:23018-1

suse-cvrf

больше 3 лет назад

Security update for conmon, libcontainers-common, libseccomp, podman

CVE-2021-20291

CVSS3: 6.5

ubuntu

около 4 лет назад

A deadlock vulnerability was found in 'github.com/containers/storage' in versions before 1.28.1. When a container image is processed, each layer is unpacked using `tar`. If one of those layers is not a valid `tar` archive this causes an error leading to an unexpected situation where the code indefinitely waits for the tar unpacked stream, which never finishes. An attacker could use this vulnerability to craft a malicious image, which when downloaded and stored by an application using containers/storage, would then cause a deadlock leading to a Denial of Service (DoS).