[ALSA-2024:3968] container-tools:rhel8 bug fix and enhancement update
Severity
Moderate
Affected Packages
63
CVEs
2
container-tools:rhel8 bug fix and enhancement update
The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc.
Security Fix(es):
- podman: jose-go: improper handling of highly compressed data (CVE-2024-28180)
- buildah: jose-go: improper handling of highly compressed data (CVE-2024-28180)
- podman: jose-go: resource exhaustion (CVE-2024-28176)
- buildah: jose-go: resource exhaustion (CVE-2024-28176)
- skopeo: jose-go: resource exhaustion (CVE-2024-28176)
Additional Changes:
For detailed information on changes in this release, see the AlmaLinuxRelease Notes linked from the References section.
- ID
- ALSA-2024:3968
- Severity
- moderate
- URL
- https://errata.almalinux.org/ALSA-2024:3968.html
- Published
-
2024-06-18T00:00:00
(3 months ago) - Modified
-
2024-06-19T09:17:27
(2 months ago) - Rights
- Copyright 2024 AlmaLinux OS
- Other Advisories
-
- ALAS2-2024-2618
- ALPINE:CVE-2024-28180
- ALSA-2024:2549
- ALSA-2024:3254
- ALSA-2024:3826
- ALSA-2024:3827
- ALSA-2024:5294
- ELSA-2024-2549
- ELSA-2024-3254
- ELSA-2024-3826
- ELSA-2024-3827
- ELSA-2024-3968
- ELSA-2024-5294
- FEDORA-2024-22f1e313dd
- FEDORA-2024-453ee0b3b9
- FEDORA-2024-45f0a1df95
- FEDORA-2024-529fe8a802
- FEDORA-2024-560a7aca85
- FEDORA-2024-831bad8f8f
- FEDORA-2024-9231308a4f
- FEDORA-2024-a8a4ce2864
- FEDORA-2024-c95d3199c5
- GO-2024-2631
- NPM:GHSA-HHHV-Q57G-882Q
- RHSA-2024:2549
- RHSA-2024:3254
- RHSA-2024:3826
- RHSA-2024:3827
- RHSA-2024:3968
- RHSA-2024:5294
- RLSA-2024:2549
- RLSA-2024:3826
- RLSA-2024:3827
- SUSE-SU-2024:1987-1
- SUSE-SU-2024:1987-2
- SUSE-SU-2024:2754-1
- SUSE-SU-2024:3120-1
- SUSE-SU-2024:3151-1
- SUSE-SU-2024:3186-1
Source | # ID | Name | URL |
---|---|---|---|
RHSA | RHSA-2024:3968 | https://access.redhat.com/errata/RHSA-2024:3968 | |
CVE | CVE-2024-28176 | https://access.redhat.com/security/cve/CVE-2024-28176 | |
CVE | CVE-2024-28180 | https://access.redhat.com/security/cve/CVE-2024-28180 | |
Bugzilla | 2268820 | https://bugzilla.redhat.com/2268820 | |
Bugzilla | 2268854 | https://bugzilla.redhat.com/2268854 | |
Self | ALSA-2024:3968 | https://errata.almalinux.org/8/ALSA-2024-3968.html |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/almalinux/udica?arch=noarch&distro=almalinux-8.1 | almalinux | udica | < 0.2.6-21.module_el8.10.0+3858+6ad51f9f | almalinux-8.1 | noarch | |
Affected | pkg:rpm/almalinux/toolbox?arch=x86_64&distro=almalinux-8.1 | almalinux | toolbox | < 0.0.99.5-2.module_el8.10.0+3845+87b84552 | almalinux-8.1 | x86_64 | |
Affected | pkg:rpm/almalinux/toolbox?arch=aarch64&distro=almalinux-8.1 | almalinux | toolbox | < 0.0.99.5-2.module_el8.10.0+3858+6ad51f9f | almalinux-8.1 | aarch64 | |
Affected | pkg:rpm/almalinux/toolbox-tests?arch=x86_64&distro=almalinux-8.1 | almalinux | toolbox-tests | < 0.0.99.5-2.module_el8.10.0+3845+87b84552 | almalinux-8.1 | x86_64 | |
Affected | pkg:rpm/almalinux/toolbox-tests?arch=aarch64&distro=almalinux-8.1 | almalinux | toolbox-tests | < 0.0.99.5-2.module_el8.10.0+3858+6ad51f9f | almalinux-8.1 | aarch64 | |
Affected | pkg:rpm/almalinux/slirp4netns?arch=x86_64&distro=almalinux-8.1 | almalinux | slirp4netns | < 1.2.3-1.module_el8.10.0+3845+87b84552 | almalinux-8.1 | x86_64 | |
Affected | pkg:rpm/almalinux/slirp4netns?arch=aarch64&distro=almalinux-8.1 | almalinux | slirp4netns | < 1.2.3-1.module_el8.10.0+3845+87b84552 | almalinux-8.1 | aarch64 | |
Affected | pkg:rpm/almalinux/skopeo?arch=x86_64&distro=almalinux-8.1 | almalinux | skopeo | < 1.14.3-2.module_el8.10.0+3858+6ad51f9f | almalinux-8.1 | x86_64 | |
Affected | pkg:rpm/almalinux/skopeo?arch=aarch64&distro=almalinux-8.1 | almalinux | skopeo | < 1.14.3-2.module_el8.10.0+3858+6ad51f9f | almalinux-8.1 | aarch64 | |
Affected | pkg:rpm/almalinux/skopeo-tests?arch=x86_64&distro=almalinux-8.1 | almalinux | skopeo-tests | < 1.14.3-2.module_el8.10.0+3845+87b84552 | almalinux-8.1 | x86_64 | |
Affected | pkg:rpm/almalinux/skopeo-tests?arch=aarch64&distro=almalinux-8.1 | almalinux | skopeo-tests | < 1.14.3-2.module_el8.10.0+3858+6ad51f9f | almalinux-8.1 | aarch64 | |
Affected | pkg:rpm/almalinux/runc?arch=x86_64&distro=almalinux-8.1 | almalinux | runc | < 1.1.12-1.module_el8.10.0+3845+87b84552 | almalinux-8.1 | x86_64 | |
Affected | pkg:rpm/almalinux/runc?arch=aarch64&distro=almalinux-8.1 | almalinux | runc | < 1.1.12-1.module_el8.10.0+3845+87b84552 | almalinux-8.1 | aarch64 | |
Affected | pkg:rpm/almalinux/python3-podman?arch=noarch&distro=almalinux-8.1 | almalinux | python3-podman | < 4.9.0-1.module_el8.10.0+3792+03eaed9c | almalinux-8.1 | noarch | |
Affected | pkg:rpm/almalinux/python3-criu?arch=x86_64&distro=almalinux-8.1 | almalinux | python3-criu | < 3.18-5.module_el8.10.0+3858+6ad51f9f | almalinux-8.1 | x86_64 | |
Affected | pkg:rpm/almalinux/python3-criu?arch=aarch64&distro=almalinux-8.1 | almalinux | python3-criu | < 3.18-5.module_el8.10.0+3845+87b84552 | almalinux-8.1 | aarch64 | |
Affected | pkg:rpm/almalinux/podman?arch=x86_64&distro=almalinux-8.1 | almalinux | podman | < 4.9.4-3.module_el8.10.0+3858+6ad51f9f | almalinux-8.1 | x86_64 | |
Affected | pkg:rpm/almalinux/podman?arch=aarch64&distro=almalinux-8.1 | almalinux | podman | < 4.9.4-3.module_el8.10.0+3858+6ad51f9f | almalinux-8.1 | aarch64 | |
Affected | pkg:rpm/almalinux/podman-tests?arch=x86_64&distro=almalinux-8.1 | almalinux | podman-tests | < 4.9.4-3.module_el8.10.0+3858+6ad51f9f | almalinux-8.1 | x86_64 | |
Affected | pkg:rpm/almalinux/podman-tests?arch=aarch64&distro=almalinux-8.1 | almalinux | podman-tests | < 4.9.4-3.module_el8.10.0+3858+6ad51f9f | almalinux-8.1 | aarch64 | |
Affected | pkg:rpm/almalinux/podman-remote?arch=x86_64&distro=almalinux-8.1 | almalinux | podman-remote | < 4.9.4-3.module_el8.10.0+3858+6ad51f9f | almalinux-8.1 | x86_64 | |
Affected | pkg:rpm/almalinux/podman-remote?arch=aarch64&distro=almalinux-8.1 | almalinux | podman-remote | < 4.9.4-3.module_el8.10.0+3858+6ad51f9f | almalinux-8.1 | aarch64 | |
Affected | pkg:rpm/almalinux/podman-plugins?arch=x86_64&distro=almalinux-8.1 | almalinux | podman-plugins | < 4.9.4-3.module_el8.10.0+3858+6ad51f9f | almalinux-8.1 | x86_64 | |
Affected | pkg:rpm/almalinux/podman-plugins?arch=aarch64&distro=almalinux-8.1 | almalinux | podman-plugins | < 4.9.4-3.module_el8.10.0+3858+6ad51f9f | almalinux-8.1 | aarch64 | |
Affected | pkg:rpm/almalinux/podman-gvproxy?arch=x86_64&distro=almalinux-8.1 | almalinux | podman-gvproxy | < 4.9.4-3.module_el8.10.0+3858+6ad51f9f | almalinux-8.1 | x86_64 | |
Affected | pkg:rpm/almalinux/podman-gvproxy?arch=aarch64&distro=almalinux-8.1 | almalinux | podman-gvproxy | < 4.9.4-3.module_el8.10.0+3858+6ad51f9f | almalinux-8.1 | aarch64 | |
Affected | pkg:rpm/almalinux/podman-docker?arch=noarch&distro=almalinux-8.1 | almalinux | podman-docker | < 4.9.4-3.module_el8.10.0+3858+6ad51f9f | almalinux-8.1 | noarch | |
Affected | pkg:rpm/almalinux/podman-catatonit?arch=x86_64&distro=almalinux-8.1 | almalinux | podman-catatonit | < 4.9.4-3.module_el8.10.0+3858+6ad51f9f | almalinux-8.1 | x86_64 | |
Affected | pkg:rpm/almalinux/podman-catatonit?arch=aarch64&distro=almalinux-8.1 | almalinux | podman-catatonit | < 4.9.4-3.module_el8.10.0+3858+6ad51f9f | almalinux-8.1 | aarch64 | |
Affected | pkg:rpm/almalinux/oci-seccomp-bpf-hook?arch=x86_64&distro=almalinux-8.1 | almalinux | oci-seccomp-bpf-hook | < 1.2.10-1.module_el8.10.0+3792+03eaed9c | almalinux-8.1 | x86_64 | |
Affected | pkg:rpm/almalinux/oci-seccomp-bpf-hook?arch=aarch64&distro=almalinux-8.1 | almalinux | oci-seccomp-bpf-hook | < 1.2.10-1.module_el8.10.0+3792+03eaed9c | almalinux-8.1 | aarch64 | |
Affected | pkg:rpm/almalinux/netavark?arch=x86_64&distro=almalinux-8.1 | almalinux | netavark | < 1.10.3-1.module_el8.10.0+3858+6ad51f9f | almalinux-8.1 | x86_64 | |
Affected | pkg:rpm/almalinux/netavark?arch=aarch64&distro=almalinux-8.1 | almalinux | netavark | < 1.10.3-1.module_el8.10.0+3858+6ad51f9f | almalinux-8.1 | aarch64 | |
Affected | pkg:rpm/almalinux/libslirp?arch=x86_64&distro=almalinux-8.1 | almalinux | libslirp | < 4.4.0-2.module_el8.10.0+3858+6ad51f9f | almalinux-8.1 | x86_64 | |
Affected | pkg:rpm/almalinux/libslirp?arch=aarch64&distro=almalinux-8.1 | almalinux | libslirp | < 4.4.0-2.module_el8.10.0+3845+87b84552 | almalinux-8.1 | aarch64 | |
Affected | pkg:rpm/almalinux/libslirp-devel?arch=x86_64&distro=almalinux-8.1 | almalinux | libslirp-devel | < 4.4.0-2.module_el8.10.0+3845+87b84552 | almalinux-8.1 | x86_64 | |
Affected | pkg:rpm/almalinux/libslirp-devel?arch=aarch64&distro=almalinux-8.1 | almalinux | libslirp-devel | < 4.4.0-2.module_el8.10.0+3858+6ad51f9f | almalinux-8.1 | aarch64 | |
Affected | pkg:rpm/almalinux/fuse-overlayfs?arch=x86_64&distro=almalinux-8.1 | almalinux | fuse-overlayfs | < 1.13-1.module_el8.10.0+3792+03eaed9c | almalinux-8.1 | x86_64 | |
Affected | pkg:rpm/almalinux/fuse-overlayfs?arch=aarch64&distro=almalinux-8.1 | almalinux | fuse-overlayfs | < 1.13-1.module_el8.10.0+3792+03eaed9c | almalinux-8.1 | aarch64 | |
Affected | pkg:rpm/almalinux/crun?arch=x86_64&distro=almalinux-8.1 | almalinux | crun | < 1.14.3-2.module_el8.10.0+3858+6ad51f9f | almalinux-8.1 | x86_64 | |
Affected | pkg:rpm/almalinux/crun?arch=aarch64&distro=almalinux-8.1 | almalinux | crun | < 1.14.3-2.module_el8.10.0+3845+87b84552 | almalinux-8.1 | aarch64 | |
Affected | pkg:rpm/almalinux/criu?arch=x86_64&distro=almalinux-8.1 | almalinux | criu | < 3.18-5.module_el8.10.0+3845+87b84552 | almalinux-8.1 | x86_64 | |
Affected | pkg:rpm/almalinux/criu?arch=aarch64&distro=almalinux-8.1 | almalinux | criu | < 3.18-5.module_el8.10.0+3845+87b84552 | almalinux-8.1 | aarch64 | |
Affected | pkg:rpm/almalinux/criu-libs?arch=x86_64&distro=almalinux-8.1 | almalinux | criu-libs | < 3.18-5.module_el8.10.0+3845+87b84552 | almalinux-8.1 | x86_64 | |
Affected | pkg:rpm/almalinux/criu-libs?arch=aarch64&distro=almalinux-8.1 | almalinux | criu-libs | < 3.18-5.module_el8.10.0+3845+87b84552 | almalinux-8.1 | aarch64 | |
Affected | pkg:rpm/almalinux/criu-devel?arch=x86_64&distro=almalinux-8.1 | almalinux | criu-devel | < 3.18-5.module_el8.10.0+3858+6ad51f9f | almalinux-8.1 | x86_64 | |
Affected | pkg:rpm/almalinux/criu-devel?arch=aarch64&distro=almalinux-8.1 | almalinux | criu-devel | < 3.18-5.module_el8.10.0+3858+6ad51f9f | almalinux-8.1 | aarch64 | |
Affected | pkg:rpm/almalinux/crit?arch=x86_64&distro=almalinux-8.1 | almalinux | crit | < 3.18-5.module_el8.10.0+3858+6ad51f9f | almalinux-8.1 | x86_64 | |
Affected | pkg:rpm/almalinux/crit?arch=aarch64&distro=almalinux-8.1 | almalinux | crit | < 3.18-5.module_el8.10.0+3845+87b84552 | almalinux-8.1 | aarch64 | |
Affected | pkg:rpm/almalinux/containers-common?arch=x86_64&distro=almalinux-8.1 | almalinux | containers-common | < 1-81.module_el8.10.0+3858+6ad51f9f | almalinux-8.1 | x86_64 | |
Affected | pkg:rpm/almalinux/containers-common?arch=aarch64&distro=almalinux-8.1 | almalinux | containers-common | < 1-81.module_el8.10.0+3858+6ad51f9f | almalinux-8.1 | aarch64 | |
Affected | pkg:rpm/almalinux/containernetworking-plugins?arch=x86_64&distro=almalinux-8.1 | almalinux | containernetworking-plugins | < 1.4.0-2.module_el8.10.0+3858+6ad51f9f | almalinux-8.1 | x86_64 | |
Affected | pkg:rpm/almalinux/containernetworking-plugins?arch=aarch64&distro=almalinux-8.1 | almalinux | containernetworking-plugins | < 1.4.0-2.module_el8.10.0+3858+6ad51f9f | almalinux-8.1 | aarch64 | |
Affected | pkg:rpm/almalinux/container-selinux?arch=noarch&distro=almalinux-8.1 | almalinux | container-selinux | < 2.229.0-2.module_el8.10.0+3858+6ad51f9f | almalinux-8.1 | noarch | |
Affected | pkg:rpm/almalinux/conmon?arch=x86_64&distro=almalinux-8.1 | almalinux | conmon | < 2.1.10-1.module_el8.10.0+3858+6ad51f9f | almalinux-8.1 | x86_64 | |
Affected | pkg:rpm/almalinux/conmon?arch=aarch64&distro=almalinux-8.1 | almalinux | conmon | < 2.1.10-1.module_el8.10.0+3858+6ad51f9f | almalinux-8.1 | aarch64 | |
Affected | pkg:rpm/almalinux/cockpit-podman?arch=noarch&distro=almalinux-8.1 | almalinux | cockpit-podman | < 84.1-1.module_el8.10.0+3858+6ad51f9f | almalinux-8.1 | noarch | |
Affected | pkg:rpm/almalinux/buildah?arch=x86_64&distro=almalinux-8.1 | almalinux | buildah | < 1.33.7-2.module_el8.10.0+3858+6ad51f9f | almalinux-8.1 | x86_64 | |
Affected | pkg:rpm/almalinux/buildah?arch=aarch64&distro=almalinux-8.1 | almalinux | buildah | < 1.33.7-2.module_el8.10.0+3858+6ad51f9f | almalinux-8.1 | aarch64 | |
Affected | pkg:rpm/almalinux/buildah-tests?arch=x86_64&distro=almalinux-8.1 | almalinux | buildah-tests | < 1.33.7-2.module_el8.10.0+3858+6ad51f9f | almalinux-8.1 | x86_64 | |
Affected | pkg:rpm/almalinux/buildah-tests?arch=aarch64&distro=almalinux-8.1 | almalinux | buildah-tests | < 1.33.7-2.module_el8.10.0+3858+6ad51f9f | almalinux-8.1 | aarch64 | |
Affected | pkg:rpm/almalinux/aardvark-dns?arch=x86_64&distro=almalinux-8.1 | almalinux | aardvark-dns | < 1.10.0-1.module_el8.10.0+3858+6ad51f9f | almalinux-8.1 | x86_64 | |
Affected | pkg:rpm/almalinux/aardvark-dns?arch=aarch64&distro=almalinux-8.1 | almalinux | aardvark-dns | < 1.10.0-1.module_el8.10.0+3792+03eaed9c | almalinux-8.1 | aarch64 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |