[SECURITY] Fedora 38 Update: podman-4.8.3-1.fc38

podman Pod Manager is a fully featured container engine that is a simple daemonless tool. podman provides a Docker-CLI comparable command line that eases the transition from other container engines and allows the management of pods, containers and images. Simply put: alias docker=3Dpodman. Most...

Fedora: Security Advisory (FEDORA-2024-3bb23c77f3)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 39 Update: podman-4.8.3-1.fc39

podman Pod Manager is a fully featured container engine that is a simple daemonless tool. podman provides a Docker-CLI comparable command line that eases the transition from other container engines and allows the management of pods, containers and images. Simply put: alias docker=3Dpodman. Most...

[SECURITY] Fedora 39 Update: podman-4.7.2-1.fc39

podman Pod Manager is a fully featured container engine that is a simple daemonless tool. podman provides a Docker-CLI comparable command line that eases the transition from other container engines and allows the management of pods, containers and images. Simply put: alias docker=3Dpodman. Most...

[SECURITY] Fedora 38 Update: podman-4.7.2-1.fc38

podman Pod Manager is a fully featured container engine that is a simple daemonless tool. podman provides a Docker-CLI comparable command line that eases the transition from other container engines and allows the management of pods, containers and images. Simply put: alias docker=3Dpodman. Most...

USN-6446-2: Linux kernel vulnerabilities

Ross Lagerwall discovered that the Xen netback backend driver in the Linux kernel did not properly handle certain unusual packets from a paravirtualized network frontend, leading to a buffer overflow. An attacker in a guest VM could use this to cause a denial of service host system crash or...

Advisory ROSA-SA-2023-2227

software: buildah 1.30.0 AXIS: ROSA-CHROME packageevrstring: buildah-1.30.0-2.src.rpm CVE-ID: CVE-2022-27651 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: There was a bug in the build that caused containers to incorrectly start with non-empty default permissions. A bug was discovered in Moby Docker...

cri-o: incorrect handling of the supplementary groups

Incorrect handling of the supplementary groups in the CRI-O container engine might lead to sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to execute...

USN-6027-1: Linux kernel vulnerabilities

It was discovered that the Traffic-Control Index TCINDEX implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-1281 Jiasheng Jiang discovered that the HSA...

[SECURITY] Fedora 38 Update: podman-4.4.4-3.fc38

podman Pod Manager is a fully featured container engine that is a simple daemonless tool. podman provides a Docker-CLI comparable command line that eases the transition from other container engines and allows the management of pods, containers and images. Simply put: alias docker=3Dpodman. Most...

Fedora: Security Advisory for podman (FEDORA-2023-c40519168b)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 37 Update: podman-4.4.4-3.fc37

podman Pod Manager is a fully featured container engine that is a simple daemonless tool. podman provides a Docker-CLI comparable command line that eases the transition from other container engines and allows the management of pods, containers and images. Simply put: alias docker=3Dpodman. Most...

USN-5982-1: Linux kernel vulnerabilities

It was discovered that the KVM VMX implementation in the Linux kernel did not properly handle indirect branch prediction isolation between L1 and L2 VMs. An attacker in a guest VM could use this to expose sensitive information from the host OS or other guest VMs. CVE-2022-2196 It was discovered...

USN-5917-1: Linux kernel vulnerabilities

It was discovered that the Upper Level Protocol ULP subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execut...

[SECURITY] Fedora 36 Update: podman-4.4.1-3.fc36

podman Pod Manager is a fully featured container engine that is a simple daemonless tool. podman provides a Docker-CLI comparable command line that eases the transition from other container engines and allows the management of pods, containers and images. Simply put: alias docker=3Dpodman. Most...

Fedora: Security Advisory for podman (FEDORA-2023-698b47d488)

The remote host is missing an update for the Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 37 Update: podman-4.4.1-3.fc37

podman Pod Manager is a fully featured container engine that is a simple daemonless tool. podman provides a Docker-CLI comparable command line that eases the transition from other container engines and allows the management of pods, containers and images. Simply put: alias docker=3Dpodman. Most...

cri-o: incorrect handling of the supplementary groups

Incorrect handling of the supplementary groups in the CRI-O container engine might lead to sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to execute...

SUSE SLES15 Security Update : buildah (SUSE-SU-2022:4350-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:4350-1 advisory. - A path traversal flaw was found in Buildah in versions before 1.14.5. This flaw allows an attacker to trick a user into building ...

Oracle Linux 9 : buildah (ELSA-2022-8008)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-8008 advisory. - fix CVE-2022-2990 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not...