[ELSA-2024-12347] cri-o security update
Severity
Important
Affected Packages
24
CVEs
2
cri-o
[1.26.4-2]
- Address CVE-2024-24786
cri-tools
[1.26.1-5]
- Address CVE-2024-24786
etcd
[3.5.10-3]
- Address protobuf [CVE-2024-24786]
[3.5.10-1]
- Added Oracle specific build files
istio
[1.17.8-3]
- Address protobuf [CVE-2024-24786]
- Backport from 1.19.7 to address CVE-2024-23322, CVE-2024-23323, CVE-2024-23324, CVE-2024-23325, CVE-2024-23327
kubernetes
[1.26.15-1]
- Added Oracle specific build files for Kubernetes
olcne
[1.7.7-2]
- Fixed unable to deploy new module(s) using config file containing already existing modules
- Update Istio-1.17.8 to address CVE-2024-24786, CVE-2024-23322, CVE-2024-23323, CVE-2024-23324, CVE-2024-23325, CVE-2024-23327
- Update Kubernetes-1.26.15 and components to address CVE-2024-24786
- ID
- ELSA-2024-12347
- Severity
- important
- URL
- https://linux.oracle.com/errata/ELSA-2024-12347.html
- Published
-
2024-04-26T00:00:00
(4 months ago) - Modified
-
2024-04-26T00:00:00
(4 months ago) - Rights
- Copyright 2024 Oracle, Inc.
- Other Advisories
-
- ALAS2-2024-2550
- ALAS2-2024-2568
- ALAS2-2024-2618
- ALPINE:CVE-2024-24786
- ALSA-2024:2548
- ALSA-2024:2549
- ALSA-2024:2550
- ALSA-2024:3254
- ALSA-2024:4246
- ELSA-2024-12328
- ELSA-2024-12329
- ELSA-2024-12348
- ELSA-2024-2548
- ELSA-2024-2549
- ELSA-2024-2550
- ELSA-2024-3254
- ELSA-2024-4246
- FEDORA-2024-5bae6c0ea7
- GLSA-202407-12
- GLSA-202407-25
- GO-2024-2611
- RHSA-2024:1874
- RHSA-2024:2548
- RHSA-2024:2549
- RHSA-2024:2550
- RHSA-2024:3254
- RHSA-2024:4246
- RLSA-2024:2548
- RLSA-2024:2549
- RLSA-2024:2550
- SUSE-SU-2024:2031-1
- SUSE-SU-2024:2050-1
- SUSE-SU-2024:2050-2
- SUSE-SU-2024:2090-1
- SUSE-SU-2024:3094-1
- SUSE-SU-2024:3097-1
- SUSE-SU-2024:3098-1
- SUSE-SU-2024:3120-1
- USN-6746-1
- USN-6746-2
Source | # ID | Name | URL |
---|---|---|---|
elsa | ELSA-2024-12347 | https://linux.oracle.com/errata/ELSA-2024-12347.html | |
CVE | CVE-2024-23327 | https://linux.oracle.com/cve/CVE-2024-23327.html | |
CVE | CVE-2024-24786 | https://linux.oracle.com/cve/CVE-2024-24786.html |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/oraclelinux/olcnectl?distro=oraclelinux-9 | oraclelinux | olcnectl | < 1.7.7-2.el9 | oraclelinux-9 | ||
Affected | pkg:rpm/oraclelinux/olcne-utils?distro=oraclelinux-9 | oraclelinux | olcne-utils | < 1.7.7-2.el9 | oraclelinux-9 | ||
Affected | pkg:rpm/oraclelinux/olcne-rook-chart?distro=oraclelinux-9 | oraclelinux | olcne-rook-chart | < 1.7.7-2.el9 | oraclelinux-9 | ||
Affected | pkg:rpm/oraclelinux/olcne-prometheus-chart?distro=oraclelinux-9 | oraclelinux | olcne-prometheus-chart | < 1.7.7-2.el9 | oraclelinux-9 | ||
Affected | pkg:rpm/oraclelinux/olcne-olm-chart?distro=oraclelinux-9 | oraclelinux | olcne-olm-chart | < 1.7.7-2.el9 | oraclelinux-9 | ||
Affected | pkg:rpm/oraclelinux/olcne-oci-ccm-chart?distro=oraclelinux-9 | oraclelinux | olcne-oci-ccm-chart | < 1.7.7-2.el9 | oraclelinux-9 | ||
Affected | pkg:rpm/oraclelinux/olcne-nginx?distro=oraclelinux-9 | oraclelinux | olcne-nginx | < 1.7.7-2.el9 | oraclelinux-9 | ||
Affected | pkg:rpm/oraclelinux/olcne-multus-chart?distro=oraclelinux-9 | oraclelinux | olcne-multus-chart | < 1.7.7-2.el9 | oraclelinux-9 | ||
Affected | pkg:rpm/oraclelinux/olcne-metallb-chart?distro=oraclelinux-9 | oraclelinux | olcne-metallb-chart | < 1.7.7-2.el9 | oraclelinux-9 | ||
Affected | pkg:rpm/oraclelinux/olcne-kubevirt-chart?distro=oraclelinux-9 | oraclelinux | olcne-kubevirt-chart | < 1.7.7-2.el9 | oraclelinux-9 | ||
Affected | pkg:rpm/oraclelinux/olcne-istio-chart?distro=oraclelinux-9 | oraclelinux | olcne-istio-chart | < 1.7.7-2.el9 | oraclelinux-9 | ||
Affected | pkg:rpm/oraclelinux/olcne-grafana-chart?distro=oraclelinux-9 | oraclelinux | olcne-grafana-chart | < 1.7.7-2.el9 | oraclelinux-9 | ||
Affected | pkg:rpm/oraclelinux/olcne-gluster-chart?distro=oraclelinux-9 | oraclelinux | olcne-gluster-chart | < 1.7.7-2.el9 | oraclelinux-9 | ||
Affected | pkg:rpm/oraclelinux/olcne-calico-chart?distro=oraclelinux-9 | oraclelinux | olcne-calico-chart | < 1.7.7-2.el9 | oraclelinux-9 | ||
Affected | pkg:rpm/oraclelinux/olcne-api-server?distro=oraclelinux-9 | oraclelinux | olcne-api-server | < 1.7.7-2.el9 | oraclelinux-9 | ||
Affected | pkg:rpm/oraclelinux/olcne-agent?distro=oraclelinux-9 | oraclelinux | olcne-agent | < 1.7.7-2.el9 | oraclelinux-9 | ||
Affected | pkg:rpm/oraclelinux/kubelet?distro=oraclelinux-9 | oraclelinux | kubelet | < 1.26.15-1.el9 | oraclelinux-9 | ||
Affected | pkg:rpm/oraclelinux/kubectl?distro=oraclelinux-9 | oraclelinux | kubectl | < 1.26.15-1.el9 | oraclelinux-9 | ||
Affected | pkg:rpm/oraclelinux/kubeadm?distro=oraclelinux-9 | oraclelinux | kubeadm | < 1.26.15-1.el9 | oraclelinux-9 | ||
Affected | pkg:rpm/oraclelinux/istio?distro=oraclelinux-9 | oraclelinux | istio | < 1.17.8-3.el9 | oraclelinux-9 | ||
Affected | pkg:rpm/oraclelinux/istio-istioctl?distro=oraclelinux-9 | oraclelinux | istio-istioctl | < 1.17.8-3.el9 | oraclelinux-9 | ||
Affected | pkg:rpm/oraclelinux/etcd?distro=oraclelinux-9 | oraclelinux | etcd | < 3.5.10-3.el9 | oraclelinux-9 | ||
Affected | pkg:rpm/oraclelinux/cri-tools?distro=oraclelinux-9 | oraclelinux | cri-tools | < 1.26.1-5.el9 | oraclelinux-9 | ||
Affected | pkg:rpm/oraclelinux/cri-o?distro=oraclelinux-9 | oraclelinux | cri-o | < 1.26.4-2.el9 | oraclelinux-9 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |