[SUSE-SU-2022:2834-1] Security update for podman
Severity
Important
Affected Packages
10
CVEs
3
Security update for podman
This update for podman fixes the following issues:
Updated to version 3.4.7:
- CVE-2022-1227: Fixed an issue that could allow an attacker to publish
a malicious image to a public registry and run arbitrary code in the
victim's context via the 'podman top' command (bsc#1182428).
- CVE-2022-27191: Fixed a potential crash via SSH under specific
configurations (bsc#1197284).
- CVE-2022-21698: Fixed a potential denial of service that affected
servers that used Prometheus instrumentation (bsc#1196338).
| Package | Affected Version |
|---|---|
 pkg:rpm/suse/podman?arch=x86_64&distro=opensuse-leap-15.4
|
< 3.4.7-150400.4.3.1 |
|
pkg:rpm/suse/podman?arch=s390x&distro=opensuse-leap-15.4
|
< 3.4.7-150400.4.3.1 |
|
pkg:rpm/suse/podman?arch=ppc64le&distro=opensuse-leap-15.4
|
< 3.4.7-150400.4.3.1 |
|
pkg:rpm/suse/podman?arch=aarch64&distro=opensuse-leap-15.4
|
< 3.4.7-150400.4.3.1 |
|
pkg:rpm/suse/podman-remote?arch=x86_64&distro=opensuse-leap-15.4
|
< 3.4.7-150400.4.3.1 |
|
pkg:rpm/suse/podman-remote?arch=s390x&distro=opensuse-leap-15.4
|
< 3.4.7-150400.4.3.1 |
|
pkg:rpm/suse/podman-remote?arch=ppc64le&distro=opensuse-leap-15.4
|
< 3.4.7-150400.4.3.1 |
|
pkg:rpm/suse/podman-remote?arch=aarch64&distro=opensuse-leap-15.4
|
< 3.4.7-150400.4.3.1 |
|
pkg:rpm/suse/podman-docker?arch=noarch&distro=opensuse-leap-15.4
|
< 3.4.7-150400.4.3.1 |
|
pkg:rpm/suse/podman-cni-config?arch=noarch&distro=opensuse-leap-15.4
|
< 3.4.7-150400.4.3.1 |
- ID
- SUSE-SU-2022:2834-1
- Severity
- important
- URL
- https://www.suse.com/support/update/announcement/2022/suse-su-20222834-1/
- Published
-
2022-08-17T14:52:03
(2 years ago) - Modified
-
2022-08-17T14:52:03
(2 years ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
-
-
ALAS-2022-1635
-
ALAS-2023-1825
-
ALAS2-2022-1846
-
ALAS2-2022-1847
-
ALAS2-2022-1858
-
ALAS2-2022-1859
-
ALAS2-2022-1860
-
ALAS2-2022-1861
-
ALAS2-2022-1862
-
ALAS2-2022-1863
-
ALAS2-2022-1864
-
ALAS2-2022-1865
-
ALAS2-2023-2238
-
ALPINE:CVE-2022-1227
-
ALPINE:CVE-2022-21698
-
ALPINE:CVE-2022-27191
-
ALSA-2022:1762
-
ALSA-2022:2143
-
ALSA-2022:7469
-
ALSA-2022:7519
-
ALSA-2022:7529
-
ALSA-2022:7954
-
ALSA-2022:8008
-
ALSA-2022:8057
-
ELSA-2022-1762
-
ELSA-2022-2143
-
ELSA-2022-7457
-
ELSA-2022-7469
-
ELSA-2022-7519
-
ELSA-2022-7529
-
ELSA-2022-7954
-
ELSA-2022-8008
-
ELSA-2022-8057
-
FEDORA-2022-08ae2dd481
-
FEDORA-2022-13ad572b5a
-
FEDORA-2022-14712f9699
-
FEDORA-2022-2067702f06
-
FEDORA-2022-30c5ed5625
-
FEDORA-2022-3969b64d4b
-
FEDORA-2022-396c568c5e
-
FEDORA-2022-3a63897745
-
FEDORA-2022-3e1ade35db
-
FEDORA-2022-4a48180f3f
-
FEDORA-2022-4b5537c44c
-
FEDORA-2022-5038c3236c
-
FEDORA-2022-53e0f427dd
-
FEDORA-2022-5cbd6de569
-
FEDORA-2022-5e637f6cc6
-
FEDORA-2022-5ef0bd9a27
-
FEDORA-2022-5f253807ce
-
FEDORA-2022-6043a7b938
-
FEDORA-2022-6716cd0da2
-
FEDORA-2022-6c4cb64314
-
FEDORA-2022-739c7a0058
-
FEDORA-2022-741325e9a0
-
FEDORA-2022-83405f9d5b
-
FEDORA-2022-8bf5635efc
-
FEDORA-2022-92ef43c439
-
FEDORA-2022-932d07be95
-
FEDORA-2022-9986fbb3d7
-
FEDORA-2022-9a9a638d09
-
FEDORA-2022-9dd03cab55
-
FEDORA-2022-a4c9009f3e
-
FEDORA-2022-a7d438b30b
-
FEDORA-2022-b0bd0219ff
-
FEDORA-2022-ba365d3703
-
FEDORA-2022-c5383675d9
-
FEDORA-2022-c87047f163
-
FEDORA-2022-d37fb34309
-
FEDORA-2022-e244ad73d6
-
FEDORA-2022-e674d52438
-
FEDORA-2022-ea8f4e232d
-
FEDORA-2022-eda0e65b01
-
FEDORA-2022-fae3ecee19
-
FEDORA-2023-e8c27ba884
-
FEDORA-2024-80e062d21a
-
FEDORA-2024-9cc0e0c63e
-
FEDORA-2024-d652859efb
-
GO-2021-0356
-
GO-2022-0322
-
GO-2022-0558
-
MS:CVE-2022-1227
-
MS:CVE-2022-21698
-
RHSA-2022:1762
-
RHSA-2022:2143
-
RHSA-2022:7457
-
RHSA-2022:7469
-
RHSA-2022:7519
-
RHSA-2022:7529
-
RHSA-2022:7954
-
RHSA-2022:8008
-
RHSA-2022:8057
-
RLSA-2022:1762
-
RLSA-2022:2143
-
RLSA-2022:7457
-
RLSA-2022:7469
-
RLSA-2022:7519
-
RLSA-2022:7529
-
RLSA-2022:8057
-
SUSE-SU-2022:1433-1
-
SUSE-SU-2022:1434-1
-
SUSE-SU-2022:1435-1
-
SUSE-SU-2022:1507-1
-
SUSE-SU-2022:1531-1
-
SUSE-SU-2022:1545-1
-
SUSE-SU-2022:1689-1
-
SUSE-SU-2022:2134-1
-
SUSE-SU-2022:2137-1
-
SUSE-SU-2022:2139-1
-
SUSE-SU-2022:2140-1
-
SUSE-SU-2022:2145-1
-
SUSE-SU-2022:2839-1
-
SUSE-SU-2022:2839-2
-
SUSE-SU-2022:3745-1
-
SUSE-SU-2022:3747-1
-
SUSE-SU-2022:4409-1
-
SUSE-SU-2022:4463-1
-
SUSE-SU-2023:2183-1
-
SUSE-SU-2023:2185-1
-
SUSE-SU-2023:2187-1
-
SUSE-SU-2023:2579-1
-
SUSE-SU-2024:0191-1
-
| Source | # ID | Name | URL |
|---|---|---|---|
| Suse | SUSE ratings |
|
|
| Suse | URL of this CSAF notice |
|
|
| Suse | URL for SUSE-SU-2022:2834-1 |
|
|
| Suse | E-Mail link for SUSE-SU-2022:2834-1 |
|
|
| Bugzilla | SUSE Bug 1182428 |
|
|
| Bugzilla | SUSE Bug 1196338 |
|
|
| Bugzilla | SUSE Bug 1197284 |
|
|
| CVE | SUSE CVE CVE-2022-1227 page |
|
|
| CVE | SUSE CVE CVE-2022-21698 page |
|
|
| CVE | SUSE CVE CVE-2022-27191 page |
|
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:rpm/suse/podman?arch=x86_64&distro=opensuse-leap-15.4 | suse |
podman
|
< 3.4.7-150400.4.3.1 | opensuse-leap-15.4 | x86_64 | |
| Affected | pkg:rpm/suse/podman?arch=s390x&distro=opensuse-leap-15.4 | suse |
podman
|
< 3.4.7-150400.4.3.1 | opensuse-leap-15.4 | s390x | |
| Affected | pkg:rpm/suse/podman?arch=ppc64le&distro=opensuse-leap-15.4 | suse |
podman
|
< 3.4.7-150400.4.3.1 | opensuse-leap-15.4 | ppc64le | |
| Affected | pkg:rpm/suse/podman?arch=aarch64&distro=opensuse-leap-15.4 | suse |
podman
|
< 3.4.7-150400.4.3.1 | opensuse-leap-15.4 | aarch64 | |
| Affected | pkg:rpm/suse/podman-remote?arch=x86_64&distro=opensuse-leap-15.4 | suse |
podman-remote
|
< 3.4.7-150400.4.3.1 | opensuse-leap-15.4 | x86_64 | |
| Affected | pkg:rpm/suse/podman-remote?arch=s390x&distro=opensuse-leap-15.4 | suse |
podman-remote
|
< 3.4.7-150400.4.3.1 | opensuse-leap-15.4 | s390x | |
| Affected | pkg:rpm/suse/podman-remote?arch=ppc64le&distro=opensuse-leap-15.4 | suse |
podman-remote
|
< 3.4.7-150400.4.3.1 | opensuse-leap-15.4 | ppc64le | |
| Affected | pkg:rpm/suse/podman-remote?arch=aarch64&distro=opensuse-leap-15.4 | suse |
podman-remote
|
< 3.4.7-150400.4.3.1 | opensuse-leap-15.4 | aarch64 | |
| Affected | pkg:rpm/suse/podman-docker?arch=noarch&distro=opensuse-leap-15.4 | suse |
podman-docker
|
< 3.4.7-150400.4.3.1 | opensuse-leap-15.4 | noarch | |
| Affected | pkg:rpm/suse/podman-cni-config?arch=noarch&distro=opensuse-leap-15.4 | suse |
podman-cni-config
|
< 3.4.7-150400.4.3.1 | opensuse-leap-15.4 | noarch |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |