ROS-20240711-02

A vulnerability in the github.com/containers/image library is related to the fact that an attacker can initiate unexpected authenticated registry accesses on behalf of a victim user. Exploitation of the vulnerability could allow an attacker acting remotely to cause resource depletion, local path...

USN-6894-1 apport vulnerabilities

Muqing Liu and neoni discovered that Apport incorrectly handled detecting if an executable was replaced after a crash. A local attacker could possibly use this issue to execute arbitrary code as the root user. CVE-2021-3899 Gerrit Venema discovered that Apport incorrectly handled connections to...

CBL Mariner 2.0 Security Update: containerized-data-importer / cri-o / ig / libcontainers-common / skopeo (CVE-2024-3727)

The version of containerized-data-importer / cri-o / ig / libcontainers-common / skopeo installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-3727 advisory. - A flaw was found in the...

GLSA-202407-25 : Buildah: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202407-25 Buildah: Multiple Vulnerabilities Please review the referenced CVE identifiers for details. Tenable has extracted the preceding description block directly from the Gentoo Linux security advisory. Note that Nessus has not...

CVE-2024-5652

In Docker Desktop on Windows before v4.31.0 allows a user in the docker-users group to cause a Windows Denial-of-Service through the exec-path Docker daemon config option in Windows containers mode...

Moderate: Red Hat Security Advisory: containernetworking-plugins security update

An update for containernetworking-plugins is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity ratin...

kernel: Reserved fields in guest message responses may not be zero initialized

A flaw was found in some AMD CPUs where the guest message responses have not been zero-initialized. This issue may allow a local attacker with the ability to run arbitrary code on a container or virtual machine to discover sensitive information contained in the host system's memory...

SUSE SLES15 / openSUSE 15 Security Update : kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-tools-container, virt-operator-container, virt-pr-helper-container (SUSE-SU-2024:2318-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2318-1 advisory. - Collect component Role rules under operator Role instead of ClusterRole bsc1223965, CVE-2024-33394 - Ensure procps is...

podman: Multiple Vulnerabilities

Background Podman is a tool for managing OCI containers and pods with a Docker-compatible CLI. Description Please review the referenced CVE identifiers for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known workaround at this time. Resolution Al...

containers/image: digest type does not guarantee valid type

A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks...

CBL Mariner 2.0 Security Update: kata-containers-cc / hvloader / kata-containers / nodejs18 (CVE-2023-4807)

The version of kata-containers-cc / hvloader / kata-containers / nodejs18 installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-4807 advisory. - Issue summary: The POLY1305 MAC message authentication co...

container-tools security update

aardvark-dns 2:1.10.0-1 - update to https://github.com/containers/aardvark-dns/releases/tag/v1.10.0 - Related: Jira:RHEL-2110 2:1.9.0-1 - update to https://github.com/containers/aardvark-dns/releases/tag/v1.9.0 - Related: Jira:RHEL-2110 2:1.8.0-1 - update to...

CBL Mariner 2.0 Security Update: kata-containers / kata-containers-cc / rpm-ostree (CVE-2024-27308)

The version of kata-containers / kata-containers-cc / rpm-ostree installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-27308 advisory. - Mio is a Metal I/O library for Rust. When using named pipes on...

CBL Mariner 2.0 Security Update: cloud-hypervisor-cvm / edk2 / hvloader / kata-containers / kata-containers-cc / nodejs (CVE-2023-5678)

The version of cloud-hypervisor-cvm / edk2 / hvloader / kata-containers / kata-containers-cc / nodejs installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-5678 advisory. - Issue summary: Generating...

CBL Mariner 2.0 Security Update: rust / netavark / kata-containers / rpm-ostree (CVE-2023-22466)

The version of rust / netavark / kata-containers / rpm-ostree installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-22466 advisory. - Tokio is a runtime for writing applications with Rust. Starting with...

CBL Mariner 2.0 Security Update: kata-containers (CVE-2023-41051)

The version of kata-containers installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-41051 advisory. - In a typical Virtual Machine Monitor VMM there are several components, such as boot loader, virtual...

CBL Mariner 2.0 Security Update: kata-containers / rpm-ostree (CVE-2023-26964)

The version of kata-containers / rpm-ostree installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-26964 advisory. - An issue was discovered in hyper v0.13.7. h2-0.2.4 Stream stacking occurs when the H2...

Oracle Linux 8 : container-tools (ELSA-2024-4246)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-4246 advisory. aardvark-dns 2:1.10.0-1 - update to https://github.com/containers/aardvark-dns/releases/tag/v1.10.0 - Related: Jira:RHEL-2110 2:1.9.0-1 - update to...

The vulnerability of the lxc-user-nic component of the LXC virtualization system, which allows a hacker to gain unauthorized access to protected information

The vulnerability of the lxc-user-nic component in the LXC virtualization system is related to the exposure of information through incompatibility. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

CVE-2024-3727

...