Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

rocky логотип

RLSA-2025:1372

Опубликовано: 13 фев. 2025
Источник: rocky
Оценка: Important

Описание

Important: container-tools:rhel8 security update

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc.

Security Fix(es):

  • podman: buildah: Container breakout by using --jobs=2 and a race condition when building a malicious Containerfile (CVE-2024-11218)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Затронутые продукты

  • Rocky Linux 8

НаименованиеАрхитектураРелизRPM
aardvark-dnsx86_642.module+el8.10.0+1874+ce489889aardvark-dns-1.10.1-2.module+el8.10.0+1874+ce489889.x86_64.rpm
cockpit-podmannoarch1.module+el8.10.0+1815+5fe7415ecockpit-podman-84.1-1.module+el8.10.0+1815+5fe7415e.noarch.rpm
cockpit-podmannoarch1.module+el8.10.0+1815+5fe7415ecockpit-podman-84.1-1.module+el8.10.0+1815+5fe7415e.noarch.rpm
conmonx86_641.module+el8.10.0+1815+5fe7415econmon-2.1.10-1.module+el8.10.0+1815+5fe7415e.x86_64.rpm
containernetworking-pluginsx86_645.module+el8.10.0+1843+6892ab28containernetworking-plugins-1.4.0-5.module+el8.10.0+1843+6892ab28.x86_64.rpm
containers-commonx86_6482.module+el8.10.0+1843+6892ab28containers-common-1-82.module+el8.10.0+1843+6892ab28.x86_64.rpm
container-selinuxnoarch2.module+el8.10.0+1815+5fe7415econtainer-selinux-2.229.0-2.module+el8.10.0+1815+5fe7415e.noarch.rpm
container-selinuxnoarch2.module+el8.10.0+1815+5fe7415econtainer-selinux-2.229.0-2.module+el8.10.0+1815+5fe7415e.noarch.rpm
critx86_645.module+el8.10.0+1815+5fe7415ecrit-3.18-5.module+el8.10.0+1815+5fe7415e.x86_64.rpm
criux86_645.module+el8.10.0+1815+5fe7415ecriu-3.18-5.module+el8.10.0+1815+5fe7415e.x86_64.rpm

Показывать по

Связанные CVE

CVE-2024-11218

Ссылки на источники

Исправления

Связанные уязвимости

ubuntu логотип

CVE-2024-11218

CVSS3: 8.6
ubuntu
11 месяцев назад

A vulnerability was found in `podman build` and `buildah.` This issue occurs in a container breakout by using --jobs=2 and a race condition when building a malicious Containerfile. SELinux might mitigate it, but even with SELinux on, it still allows the enumeration of files and directories on the host.

redhat логотип

CVE-2024-11218

CVSS3: 8.6
redhat
11 месяцев назад

A vulnerability was found in `podman build` and `buildah.` This issue occurs in a container breakout by using --jobs=2 and a race condition when building a malicious Containerfile. SELinux might mitigate it, but even with SELinux on, it still allows the enumeration of files and directories on the host.

nvd логотип

CVE-2024-11218

CVSS3: 8.6
nvd
11 месяцев назад

A vulnerability was found in `podman build` and `buildah.` This issue occurs in a container breakout by using --jobs=2 and a race condition when building a malicious Containerfile. SELinux might mitigate it, but even with SELinux on, it still allows the enumeration of files and directories on the host.

msrc логотип

CVE-2024-11218

msrc
3 месяца назад

Podman: buildah: container breakout by using --jobs=2 and a race condition when building a malicious containerfile

debian логотип

CVE-2024-11218

CVSS3: 8.6
debian
11 месяцев назад

A vulnerability was found in `podman build` and `buildah.` This issue ...