Lucene search

RedHatRHSA-2024:1994

HistoryApr 23, 2024 - 1:24 p.m.

(RHSA-2024:1994) Moderate: container-tools:rhel8 security update

2024-04-2313:24:37

access.redhat.com

rhsa-2024

container-tools

rhel8

security update

podman

golang.org

cve-2022-32149

parsing

complex tags

cvss score

acknowledgments

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.8 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.001 Low

EPSS

Percentile

46.8%

JSON

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc.

Security Fix(es):

podman: golang.org/x/text/language: ParseAcceptLanguage takes a long time to parse complex tags (CVE-2022-32149)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

OSVersionArchitecturePackageVersionFilename
RedHatanyppc64lelibslirp-debuginfo< 4.4.0-1.module+el8.6.0+21266+3e24c7b3libslirp-debuginfo-4.4.0-1.module+el8.6.0+21266+3e24c7b3.ppc64le.rpm
RedHatanyaarch64criu-devel< 3.15-3.module+el8.6.0+21266+3e24c7b3criu-devel-3.15-3.module+el8.6.0+21266+3e24c7b3.aarch64.rpm
RedHatanyx86_64podman-tests< 4.2.0-2.module+el8.6.0+21674+8010760fpodman-tests-4.2.0-2.module+el8.6.0+21674+8010760f.x86_64.rpm
RedHatanys390xrunc-debugsource< 1.1.12-1.module+el8.6.0+21266+3e24c7b3runc-debugsource-1.1.12-1.module+el8.6.0+21266+3e24c7b3.s390x.rpm
RedHatanys390xpodman-catatonit< 4.2.0-2.module+el8.6.0+21674+8010760fpodman-catatonit-4.2.0-2.module+el8.6.0+21674+8010760f.s390x.rpm
RedHatanyppc64leskopeo-debuginfo< 1.9.1-1.module+el8.6.0+21266+3e24c7b3skopeo-debuginfo-1.9.1-1.module+el8.6.0+21266+3e24c7b3.ppc64le.rpm
RedHatanyppc64lecriu-libs< 3.15-3.module+el8.6.0+21266+3e24c7b3criu-libs-3.15-3.module+el8.6.0+21266+3e24c7b3.ppc64le.rpm
RedHatanys390xcriu< 3.15-3.module+el8.6.0+21266+3e24c7b3criu-3.15-3.module+el8.6.0+21266+3e24c7b3.s390x.rpm
RedHatanys390xcrun-debugsource< 1.5-1.module+el8.6.0+21266+3e24c7b3crun-debugsource-1.5-1.module+el8.6.0+21266+3e24c7b3.s390x.rpm
RedHatanyaarch64podman-remote< 4.2.0-2.module+el8.6.0+21674+8010760fpodman-remote-4.2.0-2.module+el8.6.0+21674+8010760f.aarch64.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	any	ppc64le	libslirp-debuginfo	< 4.4.0-1.module+el8.6.0+21266+3e24c7b3	libslirp-debuginfo-4.4.0-1.module+el8.6.0+21266+3e24c7b3.ppc64le.rpm
RedHat	any	aarch64	criu-devel	< 3.15-3.module+el8.6.0+21266+3e24c7b3	criu-devel-3.15-3.module+el8.6.0+21266+3e24c7b3.aarch64.rpm
RedHat	any	x86_64	podman-tests	< 4.2.0-2.module+el8.6.0+21674+8010760f	podman-tests-4.2.0-2.module+el8.6.0+21674+8010760f.x86_64.rpm
RedHat	any	s390x	runc-debugsource	< 1.1.12-1.module+el8.6.0+21266+3e24c7b3	runc-debugsource-1.1.12-1.module+el8.6.0+21266+3e24c7b3.s390x.rpm
RedHat	any	s390x	podman-catatonit	< 4.2.0-2.module+el8.6.0+21674+8010760f	podman-catatonit-4.2.0-2.module+el8.6.0+21674+8010760f.s390x.rpm
RedHat	any	ppc64le	skopeo-debuginfo	< 1.9.1-1.module+el8.6.0+21266+3e24c7b3	skopeo-debuginfo-1.9.1-1.module+el8.6.0+21266+3e24c7b3.ppc64le.rpm
RedHat	any	ppc64le	criu-libs	< 3.15-3.module+el8.6.0+21266+3e24c7b3	criu-libs-3.15-3.module+el8.6.0+21266+3e24c7b3.ppc64le.rpm
RedHat	any	s390x	criu	< 3.15-3.module+el8.6.0+21266+3e24c7b3	criu-3.15-3.module+el8.6.0+21266+3e24c7b3.s390x.rpm
RedHat	any	s390x	crun-debugsource	< 1.5-1.module+el8.6.0+21266+3e24c7b3	crun-debugsource-1.5-1.module+el8.6.0+21266+3e24c7b3.s390x.rpm
RedHat	any	aarch64	podman-remote	< 4.2.0-2.module+el8.6.0+21674+8010760f	podman-remote-4.2.0-2.module+el8.6.0+21674+8010760f.aarch64.rpm