Lucene search
OracleLinuxELSA-2024-3968HistoryJun 18, 2024 - 12:00 a.m.
container-tools:ol8 bug fix and enhancement update
2024-06-1800:00:00
linux.oracle.com
2
update
container tools
ol8
aardvark dns
buildah
cockpit podman
conmon
containernetworking plugins
containers common
container selinux
criu
crun
security
bug fix
enhancement
release
github
jira
rhel-2110
rhel-28725
rhel-25557
rhel-18390
rhel-12277
rhel-32671
rhel-32671
2176055
2175794.
4.9 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
7.3 High
AI Score
Confidence
Low
0.0005 Low
EPSS
Percentile
17.2%
aardvark-dns
[2:1.10.0-1]
- update to https://github.com/containers/aardvark-dns/releases/tag/v1.10.0
- Related: Jira:RHEL-2110
[2:1.9.0-1] - update to https://github.com/containers/aardvark-dns/releases/tag/v1.9.0
- Related: Jira:RHEL-2110
[2:1.8.0-1] - update to https://github.com/containers/aardvark-dns/releases/tag/v1.8.0
- Related: Jira:RHEL-2110
buildah
[2:1.33.7-2] - update to the latest content of https://github.com/containers/buildah/tree/release-1.33
(https://github.com/containers/buildah/commit/997beea) - Resolves: RHEL-28725
cockpit-podman
[84.1-1] - update to https://github.com/cockpit-project/cockpit-podman/releases/tag/84.1
- Related: Jira:RHEL-25557
[84-1] - update to https://github.com/cockpit-project/cockpit-podman/releases/tag/84
- Related: Jira:RHEL-2110
[83-1] - update to https://github.com/cockpit-project/cockpit-podman/releases/tag/83
- Related: Jira:RHEL-2110
[82-1] - update to https://github.com/cockpit-project/cockpit-podman/releases/tag/82
- Related: Jira:RHEL-2110
[81-1] - update to https://github.com/cockpit-project/cockpit-podman/releases/tag/81
- Related: Jira:RHEL-2110
[80-1] - update to https://github.com/cockpit-project/cockpit-podman/releases/tag/80
- Related: Jira:RHEL-2110
[79-1] - update to https://github.com/cockpit-project/cockpit-podman/releases/tag/79
- Related: Jira:RHEL-2110
[78-1] - update to https://github.com/cockpit-project/cockpit-podman/releases/tag/78
- Related: Jira:RHEL-2110
[77-1] - update to https://github.com/cockpit-project/cockpit-podman/releases/tag/77
- Related: Jira:RHEL-2110
[75-1] - update to https://github.com/cockpit-project/cockpit-podman/releases/tag/75
- Related: #2176055
conmon
[3:2.1.10-1] - update to https://github.com/containers/conmon/releases/tag/v2.1.10
- Related: Jira:RHEL-2110
[3:2.1.8-1] - update to https://github.com/containers/conmon/releases/tag/v2.1.8
- Related: #2176055
containernetworking-plugins
[1:1.4.0-2] - rebuild
- Resolves: RHEL-18390
[1:1.4.0-1] - update to https://github.com/containernetworking/plugins/releases/tag/v1.4.0
- Related: Jira:RHEL-2110
containers-common
[2:1-81.0.1] - Updated removed references [Orabug: 33473101] (Alex Burmashev)
- Adjust registries.conf (Nikita Gerasimov)
- remove references to RedHat registry (Nikita Gerasimov)
[2:1-81] - Update shortnames from Pyxis
- Related: Jira:RHEL-2110
[2:1-80] - bump release to preserve upgrade path
- Resolves: Jira:RHEL-12277
container-selinux
[2:2.229.0-2] - remove watch statements properly for RHEL8 and lower
- Related: Jira:RHEL-2110
[2:2.229.0-1] - update to https://github.com/containers/container-selinux/releases/tag/v2.229.0
- Related: Jira:RHEL-2110
[2:2.228.1-1] - update to https://github.com/containers/container-selinux/releases/tag/v2.228.1
- Related: Jira:RHEL-2110
[2:2.228.0-1] - update to https://github.com/containers/container-selinux/releases/tag/v2.228.0
- Related: Jira:RHEL-2110
[2:2.227.0-1] - update to https://github.com/containers/container-selinux/releases/tag/v2.227.0
- Related: Jira:RHEL-2110
[2:2.226.0-1] - update to https://github.com/containers/container-selinux/releases/tag/v2.226.0
- remove dependency on policycoreutils-python-utils as it pulls in python
- Related: Jira:RHEL-2110
[2:2.224.0-1] - update to https://github.com/containers/container-selinux/releases/tag/v2.224.0
- Related: Jira:RHEL-2110
[2:2.222.0-1] - update to https://github.com/containers/container-selinux/releases/tag/v2.222.0
- Related: Jira:RHEL-2110
criu
[3.18-5] - rebuild to preserve upgrade path
- Related: RHEL-32671
[3.18-4] - switch to egg-info on 8.9
- Related: #2176055
[3.18-3] - remove --progress-bar option
- Related: #2176055
[3.18-2] - update to 3.18
- Related: #2176055
[3.17-1] - update to 3.17
- Resolves: #2175794
crun
[1.14.3-2] - remove BR libgcrypt-devel, no longer needed
- Related: Jira:RHEL-2110
[1.14.3-1] - update to https://github.com/containers/crun/releases/tag/1.14.3
- Related: Jira:RHEL-2110
[1.14.1-1] - update to https://github.com/containers/crun/releases/tag/1.14.1
- Related: Jira:RHEL-2110
[1.14-1] - update to https://github.com/containers/crun/releases/tag/1.14
- Related: Jira:RHEL-2110
[1.13-1] - update to https://github.com/containers/crun/releases/tag/1.13
- Related: Jira:RHEL-2110
[1.12-1] - update to https://github.com/containers/crun/releases/tag/1.12
- Related: Jira:RHEL-2110
[1.11.2-1] - update to https://github.com/containers/crun/releases/tag/1.11.2
- Related: Jira:RHEL-2110
[1.11.1-1] - update to https://github.com/containers/crun/releases/tag/1.11.1
- Related: Jira:RHEL-2110
[1.11-1] - update to https://github.com/containers/crun/releases/tag/1.11
- Related: Jira:RHEL-2110
[1.9.2-1] - update to https://github.com/containers/crun/releases/tag/1.9.2
- Related: Jira:RHEL-2110
[1.9.1-1] - update to https://github.com/containers/crun/releases/tag/1.9.1
- Related: Jira:RHEL-2110
[1.9-1] - update to https://github.com/containers/crun/releases/tag/1.9
- Related: Jira:RHEL-2110
fuse-overlayfs
[1.13-1] - update to https://github.com/containers/fuse-overlayfs/releases/tag/v1.13
- Related: Jira:RHEL-2110
libslirp
[4.4.0-2] - rebuild to preserve upgrade path 8.9 -> 8.10
- Related: RHEL-32671
netavark
[2:1.10.3-1] - update to https://github.com/containers/netavark/releases/tag/v1.10.3
- Related: Jira:RHEL-2110
[2:1.10.2-1] - update to https://github.com/containers/netavark/releases/tag/v1.10.2
- Related: Jira:RHEL-2110
[2:1.10.1-1] - update to https://github.com/containers/netavark/releases/tag/v1.10.1
- Related: Jira:RHEL-2110
[2:1.10.0-1] - update to https://github.com/containers/netavark/releases/tag/v1.10.0
- Related: Jira:RHEL-2110
[2:1.9.0-1] - update to https://github.com/containers/netavark/releases/tag/v1.9.0
- Related: Jira:RHEL-2110
[2:1.8.0-2] - fix directory for systemd units
- Related: Jira:RHEL-2110
[2:1.8.0-1] - update to https://github.com/containers/netavark/releases/tag/v1.8.0
- Related: Jira:RHEL-2110
oci-seccomp-bpf-hook
[1.2.10-1] - update to https://github.com/containers/oci-seccomp-bpf-hook/releases/tag/v1.2.10
- Related: Jira:RHEL-2110
podman
[4:4.9.4-3.0.1] - Add devices on container startup, not on creation
[4:4.9.4-3] - BR: /usr/bin/man
- Related: RHEL-28727
[4:4.9.4-2] - update to the latest content of https://github.com/containers/podman/tree/v4.9-rhel
(https://github.com/containers/podman/commit/6464b2c) - Resolves: RHEL-28727
python-podman
[4.9.0-1] - update to https://github.com/containers/podman-py/releases/tag/v4.9.0
- Related: Jira:RHEL-2110
[4.8.2-1] - update to https://github.com/containers/podman-py/releases/tag/v4.8.2
- Related: Jira:RHEL-2110
[4.8.0.post1-1] - update to https://github.com/containers/podman-py/releases/tag/v4.8.0.post1
- Related: Jira:RHEL-2110
[4.7.0-1] - update to https://github.com/containers/podman-py/releases/tag/v4.7.0
- Related: Jira:RHEL-2110
runc
skopeo
[2:1.14.3-2] - update to the latest content of https://github.com/containers/skopeo/tree/release-1.14
(https://github.com/containers/skopeo/commit/5f2b9af) - Resolves: RHEL-28728
[2:1.14.3-1] - update to the latest content of https://github.com/containers/skopeo/tree/release-1.14
(https://github.com/containers/skopeo/commit/4a2bc3a) - Resolves: RHEL-28226
slirp4netns
[1.2.3-1] - update to https://github.com/rootless-containers/slirp4netns/releases/tag/v1.2.3
- Related: Jira:RHEL-2110
[1.2.2-1] - update to https://github.com/rootless-containers/slirp4netns/releases/tag/v1.2.2
- Related: Jira:RHEL-2110
udica
[0.2.6-21] - bump release to preserve update path
- Resolves: RHEL-32671
[0.2.6-20] - bump release to preserve update path
- Related: #2139052
Related
osv
osv
Moderate: container-tools:rhel8 bug fix and enhancement update
2024-06-18 00:00:00
Moderate: podman security and bug fix update
2024-06-14 14:00:40
Moderate: podman security and bug fix update
2024-06-11 00:00:00
openvas
openvas
Fedora: Security Advisory for apptainer (FEDORA-2024-453ee0b3b9)
2024-03-25 00:00:00
Fedora: Security Advisory for podman-tui (FEDORA-2024-831bad8f8f)
2024-04-03 00:00:00
Fedora: Security Advisory for podman-tui (FEDORA-2024-529fe8a802)
2024-04-03 00:00:00
fedora
fedora
[SECURITY] Fedora 39 Update: podman-tui-1.0.0-1.fc39
2024-03-30 01:09:53
[SECURITY] Fedora 38 Update: podman-tui-1.0.0-1.fc38
2024-03-30 01:44:44
[SECURITY] Fedora 39 Update: apptainer-1.3.0-1.fc39
2024-03-22 01:16:30
nessus
nessus
RHEL 8 : container-tools:rhel8 update (Moderate) (RHSA-2024:3968)
2024-06-18 00:00:00
Fedora 39 : apptainer (2024-453ee0b3b9)
2024-03-22 00:00:00
Fedora 38 : podman-tui (2024-529fe8a802)
2024-03-30 00:00:00
almalinux
almalinux
Moderate: container-tools:rhel8 bug fix and enhancement update
2024-06-18 00:00:00
Moderate: podman security and bug fix update
2024-06-11 00:00:00
Moderate: buildah security and bug fix update
2024-06-11 00:00:00
oraclelinux
oraclelinux
podman security and bug fix update
2024-06-11 00:00:00
buildah security and bug fix update
2024-06-11 00:00:00
skopeo security and bug fix update
2024-05-07 00:00:00
rocky
rocky
buildah security and bug fix update
2024-06-14 14:00:40
podman security and bug fix update
2024-06-14 14:00:40
skopeo security and bug fix update
2024-05-10 14:32:42
cbl_mariner
cbl_mariner
CVE-2024-28180 affecting package cri-o for versions less than 1.30.1-1
2024-06-21 09:32:44
CVE-2024-28180 affecting package keda for versions less than 2.14.0-1
2024-05-17 21:38:35
CVE-2024-28180 affecting package cri-o for versions less than 1.21.7-2
2024-04-30 01:31:53
veracode
veracode
Denial Of Service (DoS)
2024-03-08 07:28:34
Data Amplification
2024-03-08 10:52:31
github
github
prion
prion
Code injection
2024-03-09 01:15:00
Code injection
2024-03-09 01:15:00
debiancve
debiancve
CVE-2024-28180
2024-03-09 01:15:07
alpinelinux
alpinelinux
CVE-2024-28180
2024-03-09 01:15:07
redhatcve
redhatcve
CVE-2024-28180
2024-03-10 20:42:26
CVE-2024-28176
2024-03-10 20:07:12
ubuntucve
ubuntucve
CVE-2024-28180
2024-03-09 00:00:00
CVE-2024-28176
2024-03-09 00:00:00
cve
cve
CVE-2024-28180
2024-03-09 01:15:07
CVE-2024-28176
2024-03-09 01:15:07
redhat
redhat
cgr
cgr
CVE-2024-28180 vulnerabilities
2024-05-19 03:07:16
CVE-2024-28176 vulnerabilities
2024-05-19 03:07:16
wolfi
wolfi
CVE-2024-28180 vulnerabilities
2024-06-26 21:08:32
CVE-2024-28176 vulnerabilities
2024-06-26 21:08:32
cvelist
cvelist
nvd
nvd
CVE-2024-28180
2024-03-09 01:15:07
CVE-2024-28176
2024-03-09 01:15:07
4.9 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
7.3 High
AI Score
Confidence
Low
0.0005 Low
EPSS
Percentile
17.2%
Related for ELSA-2024-3968