CVE-2024-9341 affecting package cri-o for versions less than 1.22.3-9

🗓️ 14 Jan 2025 00:27:51Reported by CBL MarinerType

cbl_mariner

cbl_mariner👁 7 Views

CVE-2024-9341 affects cri-o versions below 1.22.3-9; a patched version is available.

Reporter	Title	Published	Views	Family All 256
IBM Security Bulletins	Security Bulletin: Additional security vulnerabilities are addressed with IBM Cloud Pak for Business Automation iFixes for April 2025.	3 May 202505:54	–	ibm
IBM Security Bulletins	Security Bulletin: IBM MQ Operator and Queue manager container images are vulnerable to gcc, github.com/opencontainers/runc and github.com/containers/common (CVE-2024-45310, CVE-2020-11023, CVE-2024-9341)	25 Mar 202512:50	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple security vulnerabilities in Go affects IBM Robotic Process Automation for Cloud Pak	9 Jun 202519:01	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in IBM Concert Software.	5 Jun 202506:12	–	ibm
Tenable Nessus	Alibaba Cloud Linux 3 : 0241: container-tools:rhel8 (ALINUX3-SA-2024:0241)	14 May 202500:00	–	nessus
Tenable Nessus	AlmaLinux 9 : podman (ALSA-2024:8039)	15 Oct 202400:00	–	nessus
Tenable Nessus	AlmaLinux 9 : buildah (ALSA-2024:8112)	16 Oct 202400:00	–	nessus
Tenable Nessus	AlmaLinux 8 : container-tools:rhel8 (ALSA-2024:8846)	6 Nov 202400:00	–	nessus
Tenable Nessus	Fedora 40 : buildah / podman (2024-054752ae69)	12 Nov 202400:00	–	nessus
Tenable Nessus	Fedora 41 : buildah / podman (2024-2e8c63e8bf)	14 Nov 202400:00	–	nessus

OS	OS Version	Architecture	Package	Package Version	Filename
CBL-Mariner	2.0	all	cri-o	1.22.3-9	UNKNOWN

14 Jan 2025 00:27Current

7High risk

Vulners AI Score7

CVSS 3.15.4 - 8.2

EPSS0.0099

SSVC

cve 2024 9341 cri-o package patched version