Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
oraclelinuxOracleLinuxELSA-2023-6938
HistoryNov 18, 2023 - 12:00 a.m.

container-tools:4.0 security and bug fix update

2023-11-1800:00:00
linux.oracle.com
20
buildah
cockpit-podman
conmon
containernetworking-plugins
containers-common
container-selinux
criu
crun
fuse-overlayfs
libslirp
oci-seccomp-bpf-hook
podman
python-podman
runc
skopeo
unix
cve-2023-29406
cve-2022-41724
cve-2022-41725
cve-2023-24538
cve-2023-24534
cve-2023-24536
cve-2022-41723
cve-2023-24539
cve-2023-24540
related: #2176055
related: #2179943
related: #2187341
related: #2187359
related: #2203677
related: #2207505
related: #2061390
related: #2179944
related: #2187342
related: #2187360
related: #2203693
related: #2207506
orabug: 33473101

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

8.4 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.02 Low

EPSS

Percentile

88.8%

JSON

buildah
[1:1.24.6-7]

  • rebuild for CVE-2023-29406
  • Related: #2176055
    [1:1.24.6-6]
  • rebuild for following CVEs:
    CVE-2022-41724 CVE-2022-41725 CVE-2023-24538 CVE-2023-24534 CVE-2023-24536 CVE-2022-41723 CVE-2023-24539 CVE-2023-24540 CVE-2023-29400
  • Resolves: #2179943
  • Resolves: #2187341
  • Resolves: #2187359
  • Resolves: #2203677
  • Resolves: #2207505
    cockpit-podman
    [46-1]
  • update to https://github.com/cockpit-project/cockpit-podman/releases/tag/46
  • Related: #2061390
    conmon
    [2:2.1.4-2]
  • update to https://github.com/containers/conmon/releases/tag/v2.1.4
  • Related: #2176055
    containernetworking-plugins
    [1:1.1.1-5]
  • add Epoch in Provides
  • Related: #2176055
    [1:1.1.1-4]
  • rebuild for following CVEs:
    CVE-2022-41724 CVE-2022-41725 CVE-2023-24538 CVE-2023-24534 CVE-2023-24536 CVE-2022-41723 CVE-2023-24539 CVE-2023-24540 CVE-2023-29400
  • Resolves: #2179944
  • Resolves: #2187342
  • Resolves: #2187360
  • Resolves: #2203693
  • Resolves: #2207506
    containers-common
    [1-38.0.1]
  • Updated removed references [Orabug: 33473101] (Alex Burmashev)
  • Adjust registries.conf (Nikita Gerasimov)
  • remove references to RedHat registry (Nikita Gerasimov)
    container-selinux
    [2:2.205.0-3]
  • fix build for stable module
  • Related: #2176055
    criu
    crun
    [1.8.3-1]
  • fix could not find symbol criu_set_lsm_mount_context in libcriu.so
  • Related: #2176055
    fuse-overlayfs
    [1.9-2]
  • update to https://github.com/containers/fuse-overlayfs/releases/tag/v1.9
  • Related: #2176055
    libslirp
    oci-seccomp-bpf-hook
    [1.2.5-2]
  • fix compatibility with the new bcc
  • Related: #2176055
    podman
    [2:4.0.2-24]
  • rebuild for CVE-2023-29406
  • Related: #2176055
    [2:4.0.2-23]
  • rebuild for following CVEs:
    CVE-2022-41724 CVE-2022-41725 CVE-2023-24537 CVE-2023-24538 CVE-2023-24534 CVE-2023-24536 CVE-2022-41723 CVE-2023-24539 CVE-2023-24540 CVE-2023-29400
  • Resolves: #2179945
  • Resolves: #2187315
  • Resolves: #2187361
  • Resolves: #2203678
  • Resolves: #2207507
    python-podman
    [4.0.0-2]
  • bump to v4.0.0
  • Related: #2176055
    runc
    [1:1.1.5-2]
  • rebuild for following CVEs:
    CVE-2022-41724
  • Resolves: #2179971
    skopeo
    [2:1.6.2-8]
  • rebuild for following CVEs:
    CVE-2022-41724 CVE-2022-41725 CVE-2023-24537 CVE-2023-24538 CVE-2023-24534 CVE-2023-24536 CVE-2022-41723 CVE-2023-24539 CVE-2023-24540 CVE-2023-29400
  • Resolves: #2179946
  • Resolves: #2187316
  • Resolves: #2187362
  • Resolves: #2203679
  • Resolves: #2207508
OSVersionArchitecturePackageVersionFilename
oracle linux8srcbuildah< 1.24.6-7.modulebuildah-1.24.6-7.module+el8.9.0+90044+a34bc939.src.rpm
oracle linux8srccockpit-podman< 46-1.modulecockpit-podman-46-1.module+el8.9.0+90044+a34bc939.src.rpm
oracle linux8srcconmon< 2.1.4-2.moduleconmon-2.1.4-2.module+el8.9.0+90044+a34bc939.src.rpm
oracle linux8srccontainer-selinux< 2.205.0-3.modulecontainer-selinux-2.205.0-3.module+el8.9.0+90044+a34bc939.src.rpm
oracle linux8srccontainernetworking-plugins< 1.1.1-5.modulecontainernetworking-plugins-1.1.1-5.module+el8.9.0+90044+a34bc939.src.rpm
oracle linux8srccontainers-common< 1-38.0.1.modulecontainers-common-1-38.0.1.module+el8.9.0+90044+a34bc939.src.rpm
oracle linux8srccriu< 3.15-3.modulecriu-3.15-3.module+el8.9.0+90044+a34bc939.src.rpm
oracle linux8srccrun< 1.8.3-1.modulecrun-1.8.3-1.module+el8.9.0+90044+a34bc939.src.rpm
oracle linux8srcfuse-overlayfs< 1.9-2.modulefuse-overlayfs-1.9-2.module+el8.9.0+90044+a34bc939.src.rpm
oracle linux8srclibslirp< 4.4.0-1.modulelibslirp-4.4.0-1.module+el8.9.0+90044+a34bc939.src.rpm
Rows per page:
1-10 of 981

Related

nessus 83
almalinux 8
redhat 31
oraclelinux 8
osv 10
ubuntu 2
redos 1
openvas 22
ibm 17
mageia 4
freebsd 2
altlinux 4
amazon 6
photon 1
nessus
nessus
Oracle Linux 8 : container-tools:4.0 (ELSA-2023-6938)
2023-11-21 00:00:00
RHEL 8 : container-tools:4.0 (RHSA-2023:6938)
2023-11-14 00:00:00
RHEL 9 : skopeo (RHSA-2023:6363)
2023-11-07 00:00:00
almalinux
almalinux
Moderate: container-tools:4.0 security and bug fix update
2023-11-14 00:00:00
Moderate: skopeo security update
2023-11-07 00:00:00
Moderate: container-tools:rhel8 security and bug fix update
2023-11-14 00:00:00
redhat
redhat
(RHSA-2023:6938) Moderate: container-tools:4.0 security and bug fix update
2023-11-14 08:40:57
(RHSA-2023:6363) Moderate: skopeo security update
2023-11-07 06:03:10
(RHSA-2023:6346) Moderate: toolbox security and bug fix update
2023-11-07 06:02:23
oraclelinux
oraclelinux
container-tools:ol8 security and bug fix update
2023-11-18 00:00:00
skopeo security update
2023-11-11 00:00:00
containernetworking-plugins security and bug fix update
2023-11-11 00:00:00
osv
osv
Moderate: container-tools:4.0 security and bug fix update
2023-11-14 00:00:00
Moderate: container-tools:rhel8 security and bug fix update
2023-11-14 00:00:00
Moderate: skopeo security update
2023-11-07 00:00:00
ubuntu
ubuntu
Go vulnerabilities
2023-06-06 00:00:00
runC vulnerabilities
2023-05-18 00:00:00
redos
redos
ROS-20240418-06
2024-04-18 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2023:2127-1)
2023-05-09 00:00:00
Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2023-2644)
2023-09-05 00:00:00
Ubuntu: Security Advisory (USN-6140-1)
2023-06-07 00:00:00
ibm
ibm
Security Bulletin: IBM Event Streams is affected by multiple Golang Go vulnerabilities
2023-07-25 06:06:32
Security Bulletin: Operations Dashboard is vulnerable to multiple vulnerabilities in Golang
2023-06-23 10:27:16
Security Bulletin: Multiple Vulnerabilities in CloudPak for Watson AIOps
2023-08-30 14:43:27
mageia
mageia
Updated golang packages fix security vulnerability
2023-04-15 22:03:44
Updated golang packages fix security vulnerability
2023-05-16 22:17:40
Updated opencontainers-runc packages fix security vulnerability
2023-04-07 00:20:12
freebsd
freebsd
go -- multiple vulnerabilities
2023-04-04 00:00:00
go -- multiple vulnerabilities
2023-02-14 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package golang version 1.19.8-alt1
2023-04-10 00:00:00
Security fix for the ALT Linux 10 package runc version 1.1.5-alt1
2023-04-20 00:00:00
Security fix for the ALT Linux 10 package golang version 1.19.9-alt1
2023-05-03 00:00:00
amazon
amazon
Important: amazon-ssm-agent
2023-10-12 15:09:00
Important: golang
2023-06-05 16:39:00
Important: golang
2023-04-13 19:28:00
photon
photon
Critical Photon OS Security Update - PHSA-2023-4.0-0425
2023-07-12 00:00:00

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

8.4 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.02 Low

EPSS

Percentile

88.8%

JSON
Related for ELSA-2023-6938
nessus83almalinux8redhat31oraclelinux8osv10ubuntu2redos1openvas22ibm17mageia4freebsd2altlinux4amazon6photon1