[ELSA-2023-12578] buildah security update
Severity
Important
Affected Packages
32
CVEs
3
runc
[1:1.1.4-1.0.1]
- rootless: fix /sys/fs/cgroup mounts to prevent CVE-2023-25809
- rootfs: prohibit symlinks that conflicts with readonlyPaths
and/or maskedPaths to prevent CVE-2023-27561
- Prohibit /proc and /sys to be symlinks to prevent CVE-2023-28642
- JIRA: OLDIS-25589
- ID
- ELSA-2023-12578
- Severity
- important
- URL
- https://linux.oracle.com/errata/ELSA-2023-12578.html
- Published
-
2023-07-19T00:00:00
(14 months ago) - Modified
-
2023-07-19T00:00:00
(14 months ago) - Rights
- Copyright 2023 Oracle, Inc.
- Other Advisories
-
- ALPINE:CVE-2023-25809
- ALPINE:CVE-2023-27561
- ALPINE:CVE-2023-28642
- ALSA-2023:6380
- ALSA-2023:6938
- ALSA-2023:6939
- ELSA-2023-12579
- ELSA-2023-6380
- ELSA-2023-6938
- ELSA-2023-6939
- FEDORA-2023-1ba499965f
- FEDORA-2023-1bcbb1db39
- FEDORA-2023-3cccbc4c95
- FEDORA-2023-6e6d9065e0
- FEDORA-2023-9edf2145fb
- GLSA-202408-25
- MS:CVE-2023-25809
- MS:CVE-2023-28642
- RHSA-2023:6380
- RHSA-2023:6938
- RHSA-2023:6939
- SUSE-SU-2023:1726-1
- SUSE-SU-2023:2003-1
- USN-6088-1
- USN-6088-2
Source | # ID | Name | URL |
---|---|---|---|
elsa | ELSA-2023-12578 | https://linux.oracle.com/errata/ELSA-2023-12578.html | |
CVE | CVE-2023-28642 | https://linux.oracle.com/cve/CVE-2023-28642.html | |
CVE | CVE-2023-25809 | https://linux.oracle.com/cve/CVE-2023-25809.html | |
CVE | CVE-2023-27561 | https://linux.oracle.com/cve/CVE-2023-27561.html |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/oraclelinux/udica?distro=oraclelinux-8.8 | oraclelinux | udica | < 0.2.6-3.module+el8.8.0+20984+ab6ce66c | oraclelinux-8.8 | ||
Affected | pkg:rpm/oraclelinux/slirp4netns?distro=oraclelinux-8.8 | oraclelinux | slirp4netns | < 1.1.8-2.module+el8.8.0+20984+ab6ce66c | oraclelinux-8.8 | ||
Affected | pkg:rpm/oraclelinux/skopeo?distro=oraclelinux-8.8 | oraclelinux | skopeo | < 1.6.2-6.module+el8.8.0+20984+ab6ce66c | oraclelinux-8.8 | ||
Affected | pkg:rpm/oraclelinux/skopeo-tests?distro=oraclelinux-8.8 | oraclelinux | skopeo-tests | < 1.6.2-6.module+el8.8.0+20984+ab6ce66c | oraclelinux-8.8 | ||
Affected | pkg:rpm/oraclelinux/runc?distro=oraclelinux-8.8 | oraclelinux | runc | < 1.1.4-1.0.1.module+el8.8.0+21118+db7590d7 | oraclelinux-8.8 | ||
Affected | pkg:rpm/oraclelinux/python3-podman?distro=oraclelinux-8.8 | oraclelinux | python3-podman | < 4.0.0-1.module+el8.8.0+20984+ab6ce66c | oraclelinux-8.8 | ||
Affected | pkg:rpm/oraclelinux/python3-criu?distro=oraclelinux-8.8 | oraclelinux | python3-criu | < 3.15-3.module+el8.8.0+20984+ab6ce66c | oraclelinux-8.8 | ||
Affected | pkg:rpm/oraclelinux/podman?distro=oraclelinux-8.8 | oraclelinux | podman | < 4.0.2-20.module+el8.8.0+20984+ab6ce66c | oraclelinux-8.8 | ||
Affected | pkg:rpm/oraclelinux/podman-tests?distro=oraclelinux-8.8 | oraclelinux | podman-tests | < 4.0.2-20.module+el8.8.0+20984+ab6ce66c | oraclelinux-8.8 | ||
Affected | pkg:rpm/oraclelinux/podman-remote?distro=oraclelinux-8.8 | oraclelinux | podman-remote | < 4.0.2-20.module+el8.8.0+20984+ab6ce66c | oraclelinux-8.8 | ||
Affected | pkg:rpm/oraclelinux/podman-plugins?distro=oraclelinux-8.8 | oraclelinux | podman-plugins | < 4.0.2-20.module+el8.8.0+20984+ab6ce66c | oraclelinux-8.8 | ||
Affected | pkg:rpm/oraclelinux/podman-gvproxy?distro=oraclelinux-8.8 | oraclelinux | podman-gvproxy | < 4.0.2-20.module+el8.8.0+20984+ab6ce66c | oraclelinux-8.8 | ||
Affected | pkg:rpm/oraclelinux/podman-docker?distro=oraclelinux-8.8 | oraclelinux | podman-docker | < 4.0.2-20.module+el8.8.0+20984+ab6ce66c | oraclelinux-8.8 | ||
Affected | pkg:rpm/oraclelinux/podman-catatonit?distro=oraclelinux-8.8 | oraclelinux | podman-catatonit | < 4.0.2-20.module+el8.8.0+20984+ab6ce66c | oraclelinux-8.8 | ||
Affected | pkg:rpm/oraclelinux/oci-seccomp-bpf-hook?distro=oraclelinux-8.8 | oraclelinux | oci-seccomp-bpf-hook | < 1.2.5-2.module+el8.8.0+20984+ab6ce66c | oraclelinux-8.8 | ||
Affected | pkg:rpm/oraclelinux/netavark?distro=oraclelinux-8.8 | oraclelinux | netavark | < 1.0.1-37.0.1.module+el8.8.0+20984+ab6ce66c | oraclelinux-8.8 | ||
Affected | pkg:rpm/oraclelinux/libslirp?distro=oraclelinux-8.8 | oraclelinux | libslirp | < 4.4.0-1.module+el8.8.0+20984+ab6ce66c | oraclelinux-8.8 | ||
Affected | pkg:rpm/oraclelinux/libslirp-devel?distro=oraclelinux-8.8 | oraclelinux | libslirp-devel | < 4.4.0-1.module+el8.8.0+20984+ab6ce66c | oraclelinux-8.8 | ||
Affected | pkg:rpm/oraclelinux/fuse-overlayfs?distro=oraclelinux-8.8 | oraclelinux | fuse-overlayfs | < 1.9-1.module+el8.8.0+20984+ab6ce66c | oraclelinux-8.8 | ||
Affected | pkg:rpm/oraclelinux/crun?distro=oraclelinux-8.8 | oraclelinux | crun | < 1.6-1.module+el8.8.0+20984+ab6ce66c | oraclelinux-8.8 | ||
Affected | pkg:rpm/oraclelinux/criu?distro=oraclelinux-8.8 | oraclelinux | criu | < 3.15-3.module+el8.8.0+20984+ab6ce66c | oraclelinux-8.8 | ||
Affected | pkg:rpm/oraclelinux/criu-libs?distro=oraclelinux-8.8 | oraclelinux | criu-libs | < 3.15-3.module+el8.8.0+20984+ab6ce66c | oraclelinux-8.8 | ||
Affected | pkg:rpm/oraclelinux/criu-devel?distro=oraclelinux-8.8 | oraclelinux | criu-devel | < 3.15-3.module+el8.8.0+20984+ab6ce66c | oraclelinux-8.8 | ||
Affected | pkg:rpm/oraclelinux/crit?distro=oraclelinux-8.8 | oraclelinux | crit | < 3.15-3.module+el8.8.0+20984+ab6ce66c | oraclelinux-8.8 | ||
Affected | pkg:rpm/oraclelinux/containers-common?distro=oraclelinux-8.8 | oraclelinux | containers-common | < 1-37.0.1.module+el8.8.0+20984+ab6ce66c | oraclelinux-8.8 | ||
Affected | pkg:rpm/oraclelinux/containernetworking-plugins?distro=oraclelinux-8.8 | oraclelinux | containernetworking-plugins | < 1.1.1-2.module+el8.8.0+20984+ab6ce66c | oraclelinux-8.8 | ||
Affected | pkg:rpm/oraclelinux/container-selinux?distro=oraclelinux-8.8 | oraclelinux | container-selinux | < 2.199.0-1.module+el8.8.0+20984+ab6ce66c | oraclelinux-8.8 | ||
Affected | pkg:rpm/oraclelinux/conmon?distro=oraclelinux-8.8 | oraclelinux | conmon | < 2.1.4-1.module+el8.8.0+20984+ab6ce66c | oraclelinux-8.8 | ||
Affected | pkg:rpm/oraclelinux/cockpit-podman?distro=oraclelinux-8.8 | oraclelinux | cockpit-podman | < 46-1.module+el8.8.0+20984+ab6ce66c | oraclelinux-8.8 | ||
Affected | pkg:rpm/oraclelinux/buildah?distro=oraclelinux-8.8 | oraclelinux | buildah | < 1.24.6-5.module+el8.8.0+20984+ab6ce66c | oraclelinux-8.8 | ||
Affected | pkg:rpm/oraclelinux/buildah-tests?distro=oraclelinux-8.8 | oraclelinux | buildah-tests | < 1.24.6-5.module+el8.8.0+20984+ab6ce66c | oraclelinux-8.8 | ||
Affected | pkg:rpm/oraclelinux/aardvark-dns?distro=oraclelinux-8.8 | oraclelinux | aardvark-dns | < 1.0.1-37.0.1.module+el8.8.0+20984+ab6ce66c | oraclelinux-8.8 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |