SUSE-SU-2025:20056-1 Security update for docker

This update for docker fixes the following issues: Security fixes: - CVE-2024-23651: Fixed arbitrary files write due to race condition on mounts bsc1219267 - CVE-2024-23652: Fixed insufficient validation of parent directory on mount bsc1219268 - CVE-2024-23653: Fixed insufficient validation on...

SUSE-SU-2025:0226-1 Security update for docker-stable

This update for docker-stable fixes the following issues: - CVE-2024-29018: Fixed external DNS request handling from 'internal' networks that could have led to data exfiltration bsc1234089. - CVE-2024-23650: Fixed possibile BuildKit daemon crash via malicious BuildKit client or frontend request...

Security update for docker-stable

This update for docker-stable fixes the following issues: CVE-2024-29018: Fixed external DNS request handling from 'internal' networks that could have led to data exfiltration bsc1234089. CVE-2024-23650: Fixed possibile BuildKit daemon crash via malicious BuildKit client or frontend request...

SUSE SLES15 / openSUSE 15 Security Update : docker-stable (SUSE-SU-2024:4204-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:4204-1 advisory. - CVE-2024-41110: Fixed Authz zero length regression bsc1228324. Bug fixes: - Allow users to disable SUSE secrets support by...

Security update for docker-stable

This update for docker-stable fixes the following issues: CVE-2024-41110: Fixed Authz zero length regression bsc1228324. Bug fixes: Allow users to disable SUSE secrets support by setting DOCKERSUSESECRETSENABLE=0 in /etc/sysconfig/docker bsc1231348. Import specfile changes for docker-buildx as we...

CVE-2024-36621

moby v25.0.5 is affected by a Race Condition in builder/builder-next/adapters/snapshot/layer.go. The vulnerability could be used to trigger concurrent builds that call the EnsureLayer function resulting in resource leaks/exhaustion...

CVE-2024-36623

moby through v25.0.3 has a Race Condition vulnerability in the streamformatter package which can be used to trigger multiple concurrent write operations resulting in data corruption or application crashes...

Astra Linux - уязвимость в libpod

BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. A malicious BuildKit client or frontend could craft a request that could lead to BuildKit daemon crashing with a panic. The issue has been fixed in v0.12.5. As a workaround, avoi...

Container vulnerabilities in Brocade SANnav docker containers (CVE-2024-23653 & CVE-2024-21626)

Brocade Security is aware of multiple vulnerabilities affecting Brocade SANnav docker container CVE-2024-23653 & CVE-2024-21626. CVE-2024-23653: Interactive containers API does not validate entitlements check. Description: Buildkit GRPC Security Mode privilege check: Build-time container breakout...

Malicious code in buildkit-discourse-integration (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 386870ecb90240b5c6c802a2a051da4b8eafa7a293f6c17ca1bfe46cbf8eb733 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-10242 Malicious code in buildkit-discourse-integration (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 386870ecb90240b5c6c802a2a051da4b8eafa7a293f6c17ca1bfe46cbf8eb733 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Security Bulletin: Vulnerabilities in Moby BuildKit affect IBM watsonx.data

Summary Moby BuildKit could allow a remote attacker to bypass security restrictions, allow a remote attacker to traverse directories on the system, or allow a remote attacker to gain elevated privileges on the system. These can affect IBM watsonx.data. Vulnerability Details CVEID:CVE-2024-23651...

Amazon Linux 2 : docker (ALASECS-2024-041)

The version of docker installed on the remote host is prior to 25.0.3-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2ECS-2024-041 advisory. A malicious HTTP sender can use chunk extensions to cause a receiver reading from a request or response body to read man...

SUSE SLES15 / openSUSE 15 Security Update : buildah, docker (SUSE-SU-2024:3120-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3120-1 advisory. Changes in docker: - CVE-2024-23651: Fixed arbitrary files write due to race condition on mounts bsc1219267 -...

Amazon Linux 2 : docker (ALASDOCKER-2024-044)

The version of docker installed on the remote host is prior to 25.0.3-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2DOCKER-2024-044 advisory. A malicious HTTP sender can use chunk extensions to cause a receiver reading from a request or response body to read...

Amazon Linux 2 : docker (ALASNITRO-ENCLAVES-2024-045)

The version of docker installed on the remote host is prior to 25.0.3-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2NITRO-ENCLAVES-2024-045 advisory. A malicious HTTP sender can use chunk extensions to cause a receiver reading from a request or response body ...

Important: docker

Issue Overview: A malicious HTTP sender can use chunk extensions to cause a receiver reading from a request or response body to read many more bytes from the network than are in the body. A malicious HTTP client can further exploit this to cause a server to automatically read a large amount of da...

Important: docker

Issue Overview: A malicious HTTP sender can use chunk extensions to cause a receiver reading from a request or response body to read many more bytes from the network than are in the body. A malicious HTTP client can further exploit this to cause a server to automatically read a large amount of da...

SUSE: Security Advisory (SUSE-SU-2024:2801-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP8 : docker-engine (EulerOS-SA-2024-2024)

According to the versions of the docker-engine packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Moby is an open-source project created by Docker to enable software containerization. The classic builder cache system is prone to cache...