2120 matches found
SUSE-SU-2021:1954-1 Security update for containerd, docker, runc
This update for containerd, docker, runc fixes the following issues: Docker was updated to 20.10.6-ce bsc1184768, bsc1182947, bsc1181594 Switch version to use -ce suffix rather than ce to avoid confusing other tools bsc1182476. CVE-2021-21284: Fixed a potential privilege escalation when the root...
runc security update
1.0.0-1.rc95 - Addresses CVE-2021-30465...
runc security update
1.0.0-1.rc95 - Addresses CVE-2021-30465...
runc: vulnerable to symlink exchange attack
The runc package is vulnerable to a symlink exchange attack whereby an attacker can request a seemingly innocuous container configuration that results in the host filesystem being bind-mounted into the container. The highest threat from this vulnerability is to data confidentiality and integrity ...
Important: Red Hat Security Advisory: container-tools:3.0 security update
An update for the container-tools:3.0 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...
Important: Red Hat Security Advisory: container-tools:rhel8 security update
An update for the container-tools:rhel8 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
runc: vulnerable to symlink exchange attack
The runc package is vulnerable to a symlink exchange attack whereby an attacker can request a seemingly innocuous container configuration that results in the host filesystem being bind-mounted into the container. The highest threat from this vulnerability is to data confidentiality and integrity ...
RLSA-2021:2371 Important: container-tools:rhel8 security update
The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: runc: vulnerable to symlink exchange attack CVE-2021-30465 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other...
Important: container-tools:rhel8 security update
The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: runc: vulnerable to symlink exchange attack CVE-2021-30465 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other...
Important: container-tools:3.0 security update
The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: runc: vulnerable to symlink exchange attack CVE-2021-30465 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other...
ALSA-2021:2370 Important: container-tools:3.0 security update
The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: runc: vulnerable to symlink exchange attack CVE-2021-30465 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other...
RLSA-2021:2370 Important: container-tools:3.0 security update
The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: runc: vulnerable to symlink exchange attack CVE-2021-30465 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other...
Oracle Linux 7 : runc (ELSA-2021-9298)
The remote Oracle Linux 7 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2021-9298 advisory. 1.0.0-1.rc95 - Addresses CVE-2021-30465 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus...
Oracle Linux 8 : container-tools:2.0 (ELSA-2021-2291)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-2291 advisory. - fix CVE-2021-30465 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not tested for...
SUSE SLES12 Security Update : runc (SUSE-SU-2021:1885-1)
The remote SUSE Linux SLES12 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2021:1885-1 advisory. - runc before 1.0.0-rc95 allows a Container Filesystem Breakout via Directory Traversal. To exploit the vulnerability, an attacker must be able to crea...
container-tools:2.0 security update
runc 1.0.0-65.rc10 - fix CVE-2021-30465 - Resolves: 1955650...
Important: Red Hat Security Advisory: OpenShift Container Platform 3.11.452 bug fix and security update
Red Hat OpenShift Container Platform release 3.11.452 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 3.11. Red Hat Product Security has rated this update as having a...
SUSE: Security Advisory (SUSE-SU-2019:2787-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2020:1664-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2020:1657-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...