Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

rocky логотип

RLSA-2022:1565

Опубликовано: 26 апр. 2022
Источник: rocky
Оценка: Moderate

Описание

Moderate: container-tools:3.0 security and bug fix update

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc.

Security Fix(es):

  • podman: Default inheritable capabilities for linux container should be empty (CVE-2022-27649)

  • buildah: Default inheritable capabilities for linux container should be empty (CVE-2022-27651)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

  • 3.0 stable stream: podman run --pid=host command causes OCI permission error (BZ#2070961)

Затронутые продукты

  • Rocky Linux 8

НаименованиеАрхитектураРелизRPM
cockpit-podmannoarch2.module+el8.7.0+1076+9b1c11c1cockpit-podman-29-2.module+el8.7.0+1076+9b1c11c1.noarch.rpm
containernetworking-pluginsx86_641.module+el8.7.0+1076+9b1c11c1containernetworking-plugins-0.9.1-1.module+el8.7.0+1076+9b1c11c1.x86_64.rpm
critx86_641.module+el8.7.0+1076+9b1c11c1crit-3.15-1.module+el8.7.0+1076+9b1c11c1.x86_64.rpm
criux86_641.module+el8.7.0+1076+9b1c11c1criu-3.15-1.module+el8.7.0+1076+9b1c11c1.x86_64.rpm
fuse-overlayfsx86_642.module+el8.7.0+1076+9b1c11c1fuse-overlayfs-1.4.0-2.module+el8.7.0+1076+9b1c11c1.x86_64.rpm
libslirpx86_641.module+el8.7.0+1076+9b1c11c1libslirp-4.3.1-1.module+el8.7.0+1076+9b1c11c1.x86_64.rpm
libslirp-develx86_641.module+el8.7.0+1076+9b1c11c1libslirp-devel-4.3.1-1.module+el8.7.0+1076+9b1c11c1.x86_64.rpm
oci-seccomp-bpf-hookx86_643.module+el8.7.0+1076+9b1c11c1oci-seccomp-bpf-hook-1.2.0-3.module+el8.7.0+1076+9b1c11c1.x86_64.rpm
python3-criux86_641.module+el8.7.0+1076+9b1c11c1python3-criu-3.15-1.module+el8.7.0+1076+9b1c11c1.x86_64.rpm
runcx86_6473.rc95.module+el8.7.0+1076+9b1c11c1runc-1.0.0-73.rc95.module+el8.7.0+1076+9b1c11c1.x86_64.rpm

Показывать по

Связанные CVE

CVE-2022-27649
CVE-2022-27651

Ссылки на источники

Исправления

Связанные уязвимости

rocky логотип

RLSA-2022:1566

rocky
около 3 лет назад

Moderate: container-tools:2.0 security update

oracle-oval логотип

ELSA-2022-1566

oracle-oval
около 3 лет назад

ELSA-2022-1566: container-tools:2.0 security update (MODERATE)

oracle-oval логотип

ELSA-2022-1565

oracle-oval
около 3 лет назад

ELSA-2022-1565: container-tools:3.0 security and bug fix update (MODERATE)

rocky логотип

RLSA-2022:1762

rocky
около 3 лет назад

Important: container-tools:rhel8 security, bug fix, and enhancement update

oracle-oval логотип

ELSA-2022-1762

oracle-oval
около 3 лет назад

ELSA-2022-1762: container-tools:ol8 security, bug fix, and enhancement update (IMPORTANT)