RockyLinux 8 : container-tools:4.0 (RLSA-2023:2802)

🗓️ 03 Dec 2025 00:00:00Reported by TenableType

RockyLinux 8 container-tools 4.0 has multiple vulnerabilities per RLSA-2023:2802 impacting Go and Podman.

Reporter	Title	Published	Views	Family All 2018
IBM Security Bulletins	Security Bulletin: CVE-2022-2879, CVE-2022-41715, CVE-2022-2880, CVE-2022-41717, CVE-2022-41716 may affect IBM CICS TX Advanced	16 Mar 202315:24	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in Go may affect IBM CICS TX Standard	24 Feb 202310:43	–	ibm
IBM Security Bulletins	Security Bulletin:IBM MQ Operator and Queue manager container images are vulnerable to multiple vulnerabilities from openssl, pcre2 and Golang Go	31 Aug 202216:17	–	ibm
IBM Security Bulletins	Security Bulletin: Security vulnerabilities are addressed with IBM Cloud Pak for Business Automation iFixes for Febuary 2023	10 Mar 202318:29	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in Golang Go and Java SE might affect IBM Spectrum Copy Data Management (CVE-2022-41717, CVE-2023-21830, CVE-2023-21835, CVE-2023-21843)	16 Mar 202318:03	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in IBM API Connect	15 Mar 202500:18	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Cloud Pak System is vulnerable to multiple vulnerabilities in Golang Go	31 Mar 202314:14	–	ibm
IBM Security Bulletins	Security Bulletin: IBM App Connect Enterprise Certified Container operands and operator may be vulnerable to denial of service due to [CVE-2022-41717]	28 Apr 202311:48	–	ibm
IBM Security Bulletins	Security Bulletin: IBM App Connect Enterprise Certified Container operator and IntegrationServer operands may be vulnerable to denial of service due to CVE-2022-1962	4 Nov 202217:28	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Cloud Pak for Data is vulnerable to a variety of issues due to 3rd party software	27 Sep 202417:52	–	ibm

Source	Link
errata	www.errata.rockylinux.org/RLSA-2023:2802
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
bugzilla	www.bugzilla.redhat.com/show_bug.cgi

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The package checks in this plugin were extracted from
# Rocky Linux Security Advisory RLSA-2023:2802.
##

include('compat.inc');

if (description)
{
  script_id(277186);
  script_version("1.2");
  script_set_attribute(attribute:"plugin_modification_date", value:"2026/01/21");

  script_cve_id(
    "CVE-2022-1705",
    "CVE-2022-1962",
    "CVE-2022-2989",
    "CVE-2022-27664",
    "CVE-2022-28131",
    "CVE-2022-30630",
    "CVE-2022-30631",
    "CVE-2022-30632",
    "CVE-2022-30633",
    "CVE-2022-30635",
    "CVE-2022-32148",
    "CVE-2022-32189",
    "CVE-2022-41717",
    "CVE-2023-0778"
  );
  script_xref(name:"IAVB", value:"2022-B-0059-S");
  script_xref(name:"IAVB", value:"2023-B-0080-S");
  script_xref(name:"RLSA", value:"2023:2802");
  script_xref(name:"IAVB", value:"2022-B-0025-S");

  script_name(english:"RockyLinux 8 : container-tools:4.0 (RLSA-2023:2802)");

  script_set_attribute(attribute:"synopsis", value:
"The remote RockyLinux host is missing one or more security updates.");
  script_set_attribute(attribute:"description", value:
"The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the
RLSA-2023:2802 advisory.

    * golang: net/http: improper sanitization of Transfer-Encoding header (CVE-2022-1705)

    * golang: go/parser: stack exhaustion in all Parse* functions (CVE-2022-1962)

    * golang: net/http: handle server errors after sending GOAWAY (CVE-2022-27664)

    * golang: encoding/xml: stack exhaustion in Decoder.Skip (CVE-2022-28131)

    * golang: io/fs: stack exhaustion in Glob (CVE-2022-30630)

    * golang: compress/gzip: stack exhaustion in Reader.Read (CVE-2022-30631)

    * golang: path/filepath: stack exhaustion in Glob (CVE-2022-30632)

    * golang: encoding/xml: stack exhaustion in Unmarshal (CVE-2022-30633)

    * golang: encoding/gob: stack exhaustion in Decoder.Decode (CVE-2022-30635)

    * golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working (CVE-2022-32148)

    * golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests (CVE-2022-41717)

    * podman: symlink exchange attack in podman export volume (CVE-2023-0778)

    * podman: possible information disclosure and modification (CVE-2022-2989)

    * golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short,
    potentially allowing a denial of service (CVE-2022-32189)

Tenable has extracted the preceding description block directly from the RockyLinux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://errata.rockylinux.org/RLSA-2023:2802");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2107342");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2107371");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2107374");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2107376");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2107383");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2107386");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2107388");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2107390");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2107392");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2113814");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2121445");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2124669");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2161274");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2168256");
  script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:H/Au:S/C:C/I:C/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2023-0778");
  script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2022-2989");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2022/07/13");
  script_set_attribute(attribute:"patch_publication_date", value:"2025/11/28");
  script_set_attribute(attribute:"plugin_publication_date", value:"2025/12/03");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:cockpit-podman");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:crit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:criu");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:criu-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:criu-debugsource");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:criu-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:criu-libs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:criu-libs-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:libslirp");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:libslirp-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:libslirp-debugsource");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:libslirp-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:oci-seccomp-bpf-hook");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:oci-seccomp-bpf-hook-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:oci-seccomp-bpf-hook-debugsource");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:python3-criu");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:rocky:linux:8");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_set_attribute(attribute:"stig_severity", value:"I");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Rocky Linux Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2025-2026 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/RockyLinux/release", "Host/RockyLinux/rpm-list", "Host/cpu");

  exit(0);
}


include('rpm2.inc');

if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_product = get_kb_item('installed_os/local/SSH/0/product');
if (isnull(os_product) || 'Rocky Linux' >!< os_product) audit(AUDIT_OS_NOT, 'Rocky Linux');
var os_version = get_kb_item('installed_os/local/SSH/0/version');
if (isnull(os_version)) audit(AUDIT_UNKNOWN_APP_VER, 'Rocky Linux');
if (! preg(pattern:"^8([^0-9]|$)", string:os_version)) audit(AUDIT_OS_NOT, 'RockyLinux 8.x', 'Rocky Linux ' + os_version);

if (!get_kb_item('Host/RockyLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('aarch64' >!< cpu && 'ppc' >!< cpu && 's390' >!< cpu && 'x86_64' >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Rocky Linux', cpu);

var module_ver = get_kb_item('Host/RockyLinux/appstream/container-tools');
if (isnull(module_ver)) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module container-tools:4.0');
if ('4.0' >!< module_ver) audit(AUDIT_PACKAGE_NOT_AFFECTED, 'Module container-tools:' + module_ver);

var constraints = {
  'container-tools:4.0': [
    {
      'release': '8',
      'pkgs': [
        {'reference':'cockpit-podman-46-1.module+el8.9.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0', 'allowmaj':TRUE},
        {'reference':'crit-3.15-3.module+el8.9.0', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
        {'reference':'crit-3.15-3.module+el8.9.0', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
        {'reference':'criu-3.15-3.module+el8.9.0', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
        {'reference':'criu-3.15-3.module+el8.9.0', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
        {'reference':'criu-debuginfo-3.15-3.module+el8.9.0', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
        {'reference':'criu-debuginfo-3.15-3.module+el8.9.0', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
        {'reference':'criu-debugsource-3.15-3.module+el8.9.0', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
        {'reference':'criu-debugsource-3.15-3.module+el8.9.0', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
        {'reference':'criu-devel-3.15-3.module+el8.9.0', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
        {'reference':'criu-devel-3.15-3.module+el8.9.0', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
        {'reference':'criu-libs-3.15-3.module+el8.9.0', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
        {'reference':'criu-libs-3.15-3.module+el8.9.0', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
        {'reference':'criu-libs-debuginfo-3.15-3.module+el8.9.0', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
        {'reference':'criu-libs-debuginfo-3.15-3.module+el8.9.0', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
        {'reference':'libslirp-4.4.0-1.module+el8.9.0', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
        {'reference':'libslirp-4.4.0-1.module+el8.9.0', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
        {'reference':'libslirp-debuginfo-4.4.0-1.module+el8.9.0', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
        {'reference':'libslirp-debuginfo-4.4.0-1.module+el8.9.0', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
        {'reference':'libslirp-debugsource-4.4.0-1.module+el8.9.0', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
        {'reference':'libslirp-debugsource-4.4.0-1.module+el8.9.0', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
        {'reference':'libslirp-devel-4.4.0-1.module+el8.9.0', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
        {'reference':'libslirp-devel-4.4.0-1.module+el8.9.0', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
        {'reference':'oci-seccomp-bpf-hook-1.2.5-2.module+el8.9.0', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
        {'reference':'oci-seccomp-bpf-hook-1.2.5-2.module+el8.9.0', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
        {'reference':'oci-seccomp-bpf-hook-debuginfo-1.2.5-2.module+el8.9.0', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
        {'reference':'oci-seccomp-bpf-hook-debuginfo-1.2.5-2.module+el8.9.0', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
        {'reference':'oci-seccomp-bpf-hook-debugsource-1.2.5-2.module+el8.9.0', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
        {'reference':'oci-seccomp-bpf-hook-debugsource-1.2.5-2.module+el8.9.0', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
        {'reference':'python3-criu-3.15-3.module+el8.9.0', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
        {'reference':'python3-criu-3.15-3.module+el8.9.0', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'}
      ]
    }
  ]
};

var os_release = get_one_kb_item('installed_os/local/SSH/0/release');
var os_sp = get_one_kb_item('Host/*/minor_release');

var flag = 0;
var reference;
var sp;
var _cpu;
var el_string;
var rpm_spec_vers_cmp;
var epoch;
var allowmaj;
var exists_check;
var cves;
var appstreams_found = 0;
var appstream;
var appstream_name;
var appstream_version;
foreach var module (keys(constraints)) {
  appstream = NULL;
  appstream_name = NULL;
  appstream_version = NULL;
  appstream_split = split(module, sep:':', keep:FALSE);
  if (!empty_or_null(appstream_split)) {
    appstream_name = appstream_split[0];
    appstream_version = appstream_split[1];
    if (!empty_or_null(appstream_name)) appstream = get_one_kb_item('Host/RockyLinux/appstream/' + appstream_name);
  }
  if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {
    appstreams_found++;
    foreach var module_array ( constraints[module] ) {
      # Check that the target release is equal to the affected release
      if (!empty_or_null(module_array['release'])){
        if (module_array['release'] != os_release) continue;
      }
      if (!empty_or_null(module_array['sp'])){
        if (module_array['sp'] != os_sp) continue;
      }
      foreach var package_array ( module_array['pkgs'] ) {
        reference = NULL;
        sp = NULL;
        _cpu = NULL;
        el_string = NULL;
        rpm_spec_vers_cmp = NULL;
        epoch = NULL;
        allowmaj = NULL;
        exists_check = NULL;
        cves = NULL;
        if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
        if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
        if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];
        if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];
        if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
        if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];
        if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];
        if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];
        if (!empty_or_null(package_array['cves'])) cves = package_array['cves'];
        if (reference &&
            (!exists_check || rpm_exists(rpm:exists_check)) &&
            rpm_check(sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj, cves:cves)) flag++;
      }
    }
  }
}

if (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module container-tools:4.0');
if (flag)
{
  security_report_v4(
      port       : 0,
      severity   : SECURITY_WARNING,
      extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  var tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'cockpit-podman / crit / criu / criu-debuginfo / criu-debugsource / etc');
}

21 Jan 2026 00:00Current

7.1High risk

Vulners AI Score7.1

CVSS 3.17.5

EPSS0.00331

SSVC