Описание
Security update for podman
This update for podman fixes the following issues:
- CVE-2024-11218: Fixed a container breakout by using --jobs=2 and a race condition when building a malicious Containerfile. (bsc#1236270)
Список пакетов
Container suse/sle-micro/5.5:latest
podman-4.9.5-150500.3.31.1
Image SLES15-SP5-Manager-Proxy-5-0-BYOS
podman-4.9.5-150500.3.31.1
Image SLES15-SP5-Manager-Proxy-5-0-BYOS-Azure
podman-4.9.5-150500.3.31.1
Image SLES15-SP5-Manager-Server-5-0
podman-4.9.5-150500.3.31.1
Image SLES15-SP5-Manager-Server-5-0-Azure-llc
podman-4.9.5-150500.3.31.1
Image SLES15-SP5-Manager-Server-5-0-Azure-ltd
podman-4.9.5-150500.3.31.1
Image SLES15-SP5-Manager-Server-5-0-BYOS
podman-4.9.5-150500.3.31.1
Image SLES15-SP5-Manager-Server-5-0-BYOS-Azure
podman-4.9.5-150500.3.31.1
Image SLES15-SP5-Micro-5-5-BYOS
podman-4.9.5-150500.3.31.1
Image SLES15-SP5-Micro-5-5-BYOS-Azure
podman-4.9.5-150500.3.31.1
SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS
podman-4.9.5-150500.3.31.1
podman-docker-4.9.5-150500.3.31.1
podman-remote-4.9.5-150500.3.31.1
podmansh-4.9.5-150500.3.31.1
SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS
podman-4.9.5-150500.3.31.1
podman-docker-4.9.5-150500.3.31.1
podman-remote-4.9.5-150500.3.31.1
podmansh-4.9.5-150500.3.31.1
SUSE Linux Enterprise Micro 5.5
podman-4.9.5-150500.3.31.1
podman-docker-4.9.5-150500.3.31.1
podman-remote-4.9.5-150500.3.31.1
podmansh-4.9.5-150500.3.31.1
SUSE Linux Enterprise Module for Containers 15 SP6
podman-4.9.5-150500.3.31.1
podman-docker-4.9.5-150500.3.31.1
podman-remote-4.9.5-150500.3.31.1
podmansh-4.9.5-150500.3.31.1
SUSE Linux Enterprise Server 15 SP5-LTSS
podman-4.9.5-150500.3.31.1
podman-docker-4.9.5-150500.3.31.1
podman-remote-4.9.5-150500.3.31.1
podmansh-4.9.5-150500.3.31.1
SUSE Linux Enterprise Server for SAP Applications 15 SP5
podman-4.9.5-150500.3.31.1
podman-docker-4.9.5-150500.3.31.1
podman-remote-4.9.5-150500.3.31.1
podmansh-4.9.5-150500.3.31.1
openSUSE Leap 15.6
podman-4.9.5-150500.3.31.1
podman-docker-4.9.5-150500.3.31.1
podman-remote-4.9.5-150500.3.31.1
podmansh-4.9.5-150500.3.31.1
Ссылки
- Link for SUSE-SU-2025:0382-1
- E-Mail link for SUSE-SU-2025:0382-1
- SUSE Security Ratings
- SUSE Bug 1236270
- SUSE CVE CVE-2024-11218 page
Описание
A vulnerability was found in `podman build` and `buildah.` This issue occurs in a container breakout by using --jobs=2 and a race condition when building a malicious Containerfile. SELinux might mitigate it, but even with SELinux on, it still allows the enumeration of files and directories on the host.
Затронутые продукты
Container suse/sle-micro/5.5:latest:podman-4.9.5-150500.3.31.1
Image SLES15-SP5-Manager-Proxy-5-0-BYOS-Azure:podman-4.9.5-150500.3.31.1
Image SLES15-SP5-Manager-Proxy-5-0-BYOS:podman-4.9.5-150500.3.31.1
Image SLES15-SP5-Manager-Server-5-0-Azure-llc:podman-4.9.5-150500.3.31.1
Ссылки
- CVE-2024-11218
- SUSE Bug 1236269