[ELSA-2024-12329] cri-o security update
Severity
Important
Affected Packages
22
CVEs
2
cri-o
[1.25.5-2]
- Address CVE-2024-24786
cri-tools
[1.25.0-4]
- Address CVE-2024-24786
etcd
[3.5.9-4]
- Address protobuf [CVE-2024-24786]
[3.5.9-3]
- Address CVE-2023-39326 by upgrading golang to version 1.20.12
istio
[1.16.7-4]
- Address protobuf [CVE-2024-24786]
- Backport from 1.19.7 to address CVE-2024-23322, CVE-2024-23323, CVE-2024-23324, CVE-2024-23325, CVE-2024-23327
kubernetes
[1.25.16-2]
- Fixed CoreDNS version check
olcne
[1.6.7-3]
- Fixed unable to deploy new module(s) using config file containing already existing modules
- Update Istio-1.16.7 to address CVE-2024-24786, CVE-2024-23322, CVE-2024-23323, CVE-2024-23324, CVE-2024-23325, CVE-2024-23327
- Update Kubernetes-1.25.16 and components to address CVE-2024-24786
- ID
- ELSA-2024-12329
- Severity
- important
- URL
- https://linux.oracle.com/errata/ELSA-2024-12329.html
- Published
-
2024-04-16T00:00:00
(4 months ago) - Modified
-
2024-04-16T00:00:00
(4 months ago) - Rights
- Copyright 2024 Oracle, Inc.
- Other Advisories
-
-
ALAS2-2024-2550
-
ALAS2-2024-2568
-
ALAS2-2024-2618
-
ALPINE:CVE-2024-24786
-
ALSA-2024:2548
-
ALSA-2024:2549
-
ALSA-2024:2550
-
ALSA-2024:3254
-
ALSA-2024:4246
-
ELSA-2024-12328
-
ELSA-2024-12347
-
ELSA-2024-12348
-
ELSA-2024-2548
-
ELSA-2024-2549
-
ELSA-2024-2550
-
ELSA-2024-3254
-
ELSA-2024-4246
-
FEDORA-2024-5bae6c0ea7
-
GLSA-202407-12
-
GLSA-202407-25
-
GO-2024-2611
-
RHSA-2024:1874
-
RHSA-2024:2548
-
RHSA-2024:2549
-
RHSA-2024:2550
-
RHSA-2024:3254
-
RHSA-2024:4246
-
RLSA-2024:2548
-
RLSA-2024:2549
-
RLSA-2024:2550
-
SUSE-SU-2024:2031-1
-
SUSE-SU-2024:2050-1
-
SUSE-SU-2024:2050-2
-
SUSE-SU-2024:2090-1
-
SUSE-SU-2024:3094-1
-
SUSE-SU-2024:3097-1
-
SUSE-SU-2024:3098-1
-
SUSE-SU-2024:3120-1
-
USN-6746-1
-
USN-6746-2
-
| Source | # ID | Name | URL |
|---|---|---|---|
| elsa | ELSA-2024-12329 |
|
|
| CVE | CVE-2024-23327 |
|
|
| CVE | CVE-2024-24786 |
|
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:rpm/oraclelinux/olcnectl?distro=oraclelinux-7 | oraclelinux |
 olcnectl
|
< 1.6.7-3.el7 | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/olcne-utils?distro=oraclelinux-7 | oraclelinux |
olcne-utils
|
< 1.6.7-3.el7 | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/olcne-prometheus-chart?distro=oraclelinux-7 | oraclelinux |
olcne-prometheus-chart
|
< 1.6.7-3.el7 | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/olcne-olm-chart?distro=oraclelinux-7 | oraclelinux |
olcne-olm-chart
|
< 1.6.7-3.el7 | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/olcne-oci-ccm-chart?distro=oraclelinux-7 | oraclelinux |
olcne-oci-ccm-chart
|
< 1.6.7-3.el7 | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/olcne-nginx?distro=oraclelinux-7 | oraclelinux |
olcne-nginx
|
< 1.6.7-3.el7 | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/olcne-multus-chart?distro=oraclelinux-7 | oraclelinux |
olcne-multus-chart
|
< 1.6.7-3.el7 | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/olcne-metallb-chart?distro=oraclelinux-7 | oraclelinux |
olcne-metallb-chart
|
< 1.6.7-3.el7 | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/olcne-istio-chart?distro=oraclelinux-7 | oraclelinux |
olcne-istio-chart
|
< 1.6.7-3.el7 | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/olcne-grafana-chart?distro=oraclelinux-7 | oraclelinux |
olcne-grafana-chart
|
< 1.6.7-3.el7 | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/olcne-gluster-chart?distro=oraclelinux-7 | oraclelinux |
olcne-gluster-chart
|
< 1.6.7-3.el7 | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/olcne-calico-chart?distro=oraclelinux-7 | oraclelinux |
olcne-calico-chart
|
< 1.6.7-3.el7 | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/olcne-api-server?distro=oraclelinux-7 | oraclelinux |
olcne-api-server
|
< 1.6.7-3.el7 | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/olcne-agent?distro=oraclelinux-7 | oraclelinux |
olcne-agent
|
< 1.6.7-3.el7 | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kubelet?distro=oraclelinux-7 | oraclelinux |
kubelet
|
< 1.25.16-2.el7 | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kubectl?distro=oraclelinux-7 | oraclelinux |
kubectl
|
< 1.25.16-2.el7 | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kubeadm?distro=oraclelinux-7 | oraclelinux |
kubeadm
|
< 1.25.16-2.el7 | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/istio?distro=oraclelinux-7 | oraclelinux |
istio
|
< 1.16.7-4.el7 | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/istio-istioctl?distro=oraclelinux-7 | oraclelinux |
istio-istioctl
|
< 1.16.7-4.el7 | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/etcd?distro=oraclelinux-7 | oraclelinux |
etcd
|
< 3.5.9-4.el7 | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/cri-tools?distro=oraclelinux-7 | oraclelinux |
cri-tools
|
< 1.25.0-4.el7 | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/cri-o?distro=oraclelinux-7 | oraclelinux |
cri-o
|
< 1.25.5-2.el7 | oraclelinux-7 |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |