1. Home
  2. Security Advisories
  3. Rocky Linux
  4. RLSA-2021:4154

[RLSA-2021:4154] container-tools:rhel8 security, bug fix, and enhancement update

Severity Moderate
Affected Packages 16
CVEs 2
Info Packages References Vulnerabilities

An update is available for fuse-overlayfs, container-selinux, udica, containers-common, runc, toolbox, podman, conmon, skopeo, crun, libslirp, oci-seccomp-bpf-hook, python-podman, slirp4netns, containernetworking-plugins, buildah, criu, cockpit-podman. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc.

Security Fix(es):

  • buildah: Host environment variables leaked in build container when using chroot isolation (CVE-2021-3602)

  • containers/storage: DoS via malicious image (CVE-2021-20291)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Rocky Linux 8.5 Release Notes linked from the References section.

Package Affected Version
pkg:rpm/rockylinux/slirp4netns?arch=x86_64&distro=rockylinux-8.7 < 1.1.8-1.module+el8.7.0+1076+9b1c11c1
pkg:rpm/rockylinux/slirp4netns?arch=aarch64&distro=rockylinux-8.7 < 1.1.8-1.module+el8.7.0+1076+9b1c11c1
pkg:rpm/rockylinux/python3-criu?arch=x86_64&distro=rockylinux-8.7 < 3.15-3.module+el8.7.0+1077+0e4f03d4
pkg:rpm/rockylinux/python3-criu?arch=aarch64&distro=rockylinux-8.7 < 3.15-3.module+el8.7.0+1077+0e4f03d4
pkg:rpm/rockylinux/libslirp?arch=x86_64&distro=rockylinux-8.7 < 4.4.0-1.module+el8.7.0+1077+0e4f03d4
pkg:rpm/rockylinux/libslirp?arch=aarch64&distro=rockylinux-8.7 < 4.4.0-1.module+el8.7.0+1077+0e4f03d4
pkg:rpm/rockylinux/libslirp-devel?arch=x86_64&distro=rockylinux-8.7 < 4.4.0-1.module+el8.7.0+1077+0e4f03d4
pkg:rpm/rockylinux/libslirp-devel?arch=aarch64&distro=rockylinux-8.7 < 4.4.0-1.module+el8.7.0+1077+0e4f03d4
pkg:rpm/rockylinux/criu?arch=x86_64&distro=rockylinux-8.7 < 3.15-3.module+el8.7.0+1077+0e4f03d4
pkg:rpm/rockylinux/criu?arch=aarch64&distro=rockylinux-8.7 < 3.15-3.module+el8.7.0+1077+0e4f03d4
pkg:rpm/rockylinux/criu-libs?arch=x86_64&distro=rockylinux-8.7 < 3.15-3.module+el8.7.0+1077+0e4f03d4
pkg:rpm/rockylinux/criu-libs?arch=aarch64&distro=rockylinux-8.7 < 3.15-3.module+el8.7.0+1077+0e4f03d4
pkg:rpm/rockylinux/criu-devel?arch=x86_64&distro=rockylinux-8.7 < 3.15-3.module+el8.7.0+1077+0e4f03d4
pkg:rpm/rockylinux/criu-devel?arch=aarch64&distro=rockylinux-8.7 < 3.15-3.module+el8.7.0+1077+0e4f03d4
pkg:rpm/rockylinux/crit?arch=x86_64&distro=rockylinux-8.7 < 3.15-3.module+el8.7.0+1077+0e4f03d4
pkg:rpm/rockylinux/crit?arch=aarch64&distro=rockylinux-8.7 < 3.15-3.module+el8.7.0+1077+0e4f03d4
ID
RLSA-2021:4154
Severity
moderate
URL
https://errata.rockylinux.org/RLSA-2021:4154
Published
2021-11-09T08:24:51
(2 years ago)
Modified
2023-02-02T13:28:35
(19 months ago)
Rights
Copyright 2024 Rocky Enterprise Software Foundation
Other Advisories
Source # ID Name URL
CVE CVE-2021-20291 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20291
CVE CVE-2021-3602 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3602
Bugzilla 1914687 https://bugzilla.redhat.com/show_bug.cgi?id=1914687
Bugzilla 1928935 https://bugzilla.redhat.com/show_bug.cgi?id=1928935
Bugzilla 1932399 https://bugzilla.redhat.com/show_bug.cgi?id=1932399
Bugzilla 1933775 https://bugzilla.redhat.com/show_bug.cgi?id=1933775
Bugzilla 1933776 https://bugzilla.redhat.com/show_bug.cgi?id=1933776
Bugzilla 1934415 https://bugzilla.redhat.com/show_bug.cgi?id=1934415
Bugzilla 1934480 https://bugzilla.redhat.com/show_bug.cgi?id=1934480
Bugzilla 1937641 https://bugzilla.redhat.com/show_bug.cgi?id=1937641
Bugzilla 1937830 https://bugzilla.redhat.com/show_bug.cgi?id=1937830
Bugzilla 1939485 https://bugzilla.redhat.com/show_bug.cgi?id=1939485
Bugzilla 1940037 https://bugzilla.redhat.com/show_bug.cgi?id=1940037
Bugzilla 1940054 https://bugzilla.redhat.com/show_bug.cgi?id=1940054
Bugzilla 1940082 https://bugzilla.redhat.com/show_bug.cgi?id=1940082
Bugzilla 1940493 https://bugzilla.redhat.com/show_bug.cgi?id=1940493
Bugzilla 1941380 https://bugzilla.redhat.com/show_bug.cgi?id=1941380
Bugzilla 1947432 https://bugzilla.redhat.com/show_bug.cgi?id=1947432
Bugzilla 1947999 https://bugzilla.redhat.com/show_bug.cgi?id=1947999
Bugzilla 1952204 https://bugzilla.redhat.com/show_bug.cgi?id=1952204
Bugzilla 1952698 https://bugzilla.redhat.com/show_bug.cgi?id=1952698
Bugzilla 1957299 https://bugzilla.redhat.com/show_bug.cgi?id=1957299
Bugzilla 1957840 https://bugzilla.redhat.com/show_bug.cgi?id=1957840
Bugzilla 1957904 https://bugzilla.redhat.com/show_bug.cgi?id=1957904
Bugzilla 1958353 https://bugzilla.redhat.com/show_bug.cgi?id=1958353
Bugzilla 1960948 https://bugzilla.redhat.com/show_bug.cgi?id=1960948
Bugzilla 1966538 https://bugzilla.redhat.com/show_bug.cgi?id=1966538
Bugzilla 1966872 https://bugzilla.redhat.com/show_bug.cgi?id=1966872
Bugzilla 1969264 https://bugzilla.redhat.com/show_bug.cgi?id=1969264
Bugzilla 1972150 https://bugzilla.redhat.com/show_bug.cgi?id=1972150
Bugzilla 1972209 https://bugzilla.redhat.com/show_bug.cgi?id=1972209
Bugzilla 1972211 https://bugzilla.redhat.com/show_bug.cgi?id=1972211
Bugzilla 1972282 https://bugzilla.redhat.com/show_bug.cgi?id=1972282
Bugzilla 1972648 https://bugzilla.redhat.com/show_bug.cgi?id=1972648
Bugzilla 1973418 https://bugzilla.redhat.com/show_bug.cgi?id=1973418
Bugzilla 1976283 https://bugzilla.redhat.com/show_bug.cgi?id=1976283
Bugzilla 1977280 https://bugzilla.redhat.com/show_bug.cgi?id=1977280
Bugzilla 1977673 https://bugzilla.redhat.com/show_bug.cgi?id=1977673
Bugzilla 1978415 https://bugzilla.redhat.com/show_bug.cgi?id=1978415
Bugzilla 1978556 https://bugzilla.redhat.com/show_bug.cgi?id=1978556
Bugzilla 1978647 https://bugzilla.redhat.com/show_bug.cgi?id=1978647
Bugzilla 1979497 https://bugzilla.redhat.com/show_bug.cgi?id=1979497
Bugzilla 1980212 https://bugzilla.redhat.com/show_bug.cgi?id=1980212
Bugzilla 1982593 https://bugzilla.redhat.com/show_bug.cgi?id=1982593
Bugzilla 1982762 https://bugzilla.redhat.com/show_bug.cgi?id=1982762
Bugzilla 1985499 https://bugzilla.redhat.com/show_bug.cgi?id=1985499
Bugzilla 1985905 https://bugzilla.redhat.com/show_bug.cgi?id=1985905
Bugzilla 1987049 https://bugzilla.redhat.com/show_bug.cgi?id=1987049
Bugzilla 1993209 https://bugzilla.redhat.com/show_bug.cgi?id=1993209
Bugzilla 1993249 https://bugzilla.redhat.com/show_bug.cgi?id=1993249
Bugzilla 1995041 https://bugzilla.redhat.com/show_bug.cgi?id=1995041
Bugzilla 1998191 https://bugzilla.redhat.com/show_bug.cgi?id=1998191
Bugzilla 1999144 https://bugzilla.redhat.com/show_bug.cgi?id=1999144
Bugzilla 2000943 https://bugzilla.redhat.com/show_bug.cgi?id=2000943
Bugzilla 2004562 https://bugzilla.redhat.com/show_bug.cgi?id=2004562
Bugzilla 2005018 https://bugzilla.redhat.com/show_bug.cgi?id=2005018
Self RLSA-2021:4154 https://errata.rockylinux.org/RLSA-2021:4154
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:rpm/rockylinux/slirp4netns?arch=x86_64&distro=rockylinux-8.7 rockylinux slirp4netns < 1.1.8-1.module+el8.7.0+1076+9b1c11c1 rockylinux-8.7 x86_64
Affected pkg:rpm/rockylinux/slirp4netns?arch=aarch64&distro=rockylinux-8.7 rockylinux slirp4netns < 1.1.8-1.module+el8.7.0+1076+9b1c11c1 rockylinux-8.7 aarch64
Affected pkg:rpm/rockylinux/python3-criu?arch=x86_64&distro=rockylinux-8.7 rockylinux python3-criu < 3.15-3.module+el8.7.0+1077+0e4f03d4 rockylinux-8.7 x86_64
Affected pkg:rpm/rockylinux/python3-criu?arch=aarch64&distro=rockylinux-8.7 rockylinux python3-criu < 3.15-3.module+el8.7.0+1077+0e4f03d4 rockylinux-8.7 aarch64
Affected pkg:rpm/rockylinux/libslirp?arch=x86_64&distro=rockylinux-8.7 rockylinux libslirp < 4.4.0-1.module+el8.7.0+1077+0e4f03d4 rockylinux-8.7 x86_64
Affected pkg:rpm/rockylinux/libslirp?arch=aarch64&distro=rockylinux-8.7 rockylinux libslirp < 4.4.0-1.module+el8.7.0+1077+0e4f03d4 rockylinux-8.7 aarch64
Affected pkg:rpm/rockylinux/libslirp-devel?arch=x86_64&distro=rockylinux-8.7 rockylinux libslirp-devel < 4.4.0-1.module+el8.7.0+1077+0e4f03d4 rockylinux-8.7 x86_64
Affected pkg:rpm/rockylinux/libslirp-devel?arch=aarch64&distro=rockylinux-8.7 rockylinux libslirp-devel < 4.4.0-1.module+el8.7.0+1077+0e4f03d4 rockylinux-8.7 aarch64
Affected pkg:rpm/rockylinux/criu?arch=x86_64&distro=rockylinux-8.7 rockylinux criu < 3.15-3.module+el8.7.0+1077+0e4f03d4 rockylinux-8.7 x86_64
Affected pkg:rpm/rockylinux/criu?arch=aarch64&distro=rockylinux-8.7 rockylinux criu < 3.15-3.module+el8.7.0+1077+0e4f03d4 rockylinux-8.7 aarch64
Affected pkg:rpm/rockylinux/criu-libs?arch=x86_64&distro=rockylinux-8.7 rockylinux criu-libs < 3.15-3.module+el8.7.0+1077+0e4f03d4 rockylinux-8.7 x86_64
Affected pkg:rpm/rockylinux/criu-libs?arch=aarch64&distro=rockylinux-8.7 rockylinux criu-libs < 3.15-3.module+el8.7.0+1077+0e4f03d4 rockylinux-8.7 aarch64
Affected pkg:rpm/rockylinux/criu-devel?arch=x86_64&distro=rockylinux-8.7 rockylinux criu-devel < 3.15-3.module+el8.7.0+1077+0e4f03d4 rockylinux-8.7 x86_64
Affected pkg:rpm/rockylinux/criu-devel?arch=aarch64&distro=rockylinux-8.7 rockylinux criu-devel < 3.15-3.module+el8.7.0+1077+0e4f03d4 rockylinux-8.7 aarch64
Affected pkg:rpm/rockylinux/crit?arch=x86_64&distro=rockylinux-8.7 rockylinux crit < 3.15-3.module+el8.7.0+1077+0e4f03d4 rockylinux-8.7 x86_64
Affected pkg:rpm/rockylinux/crit?arch=aarch64&distro=rockylinux-8.7 rockylinux crit < 3.15-3.module+el8.7.0+1077+0e4f03d4 rockylinux-8.7 aarch64
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date