[SUSE-SU-2024:0586-2] Security update for docker
Severity
Important
CVEs
3
Security update for docker
This update for docker fixes the following issues:
Vendor latest buildkit v0.11 including bugfixes for the following:
- CVE-2024-23653: BuildKit API doesn't validate entitlement on container creation (bsc#1219438).
- CVE-2024-23652: Fixed arbitrary deletion of files (bsc#1219268).
- CVE-2024-23651: Fixed race condition in mount (bsc#1219267).
- ID
- SUSE-SU-2024:0586-2
- Severity
- important
- URL
- https://www.suse.com/support/update/announcement/2024/suse-su-20240586-2/
- Published
-
2024-04-04T13:13:53
(5 months ago) - Modified
-
2024-04-04T13:13:53
(5 months ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
ALPINE:CVE-2024-23651
GLSA-202407-12
GO-2024-2493
MS:CVE-2024-23651| Source | # ID | Name | URL |
|---|---|---|---|
| Suse | SUSE ratings |
|
|
| Suse | URL of this CSAF notice |
|
|
| Suse | URL for SUSE-SU-2024:0586-2 |
|
|
| Suse | E-Mail link for SUSE-SU-2024:0586-2 |
|
|
| Bugzilla | SUSE Bug 1219267 |
|
|
| Bugzilla | SUSE Bug 1219268 |
|
|
| Bugzilla | SUSE Bug 1219438 |
|
|
| CVE | SUSE CVE CVE-2024-23651 page |
|
|
| CVE | SUSE CVE CVE-2024-23652 page |
|
|
| CVE | SUSE CVE CVE-2024-23653 page |
|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |