MiracleLinux 8 : container-tools:rhel8 (AXSA:2021-2808:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2808:01 advisory. buildah: Host environment variables leaked in build container when using chroot isolation CVE-2021-3602 containers/storage: DoS via malicious image...

MiracleLinux 9 : podman-4.9.4-16.el9_4 (AXSA:2024-8979:10)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8979:10 advisory. Buildah: Podman: Improper Input Validation in bind-propagation Option of Dockerfile RUN --mount Instruction CVE-2024-9407 buildah: Buildah allows...

AlmaLinux 10 : buildah (ALSA-2025:22012)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:22012 advisory. runc: container escape and denial of service due to arbitrary write gadgets and procfs write redirects CVE-2025-52881 golang: archive/tar: Unbounded...

RockyLinux 10 : buildah (RLSA-2025:22012)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:22012 advisory. runc: container escape and denial of service due to arbitrary write gadgets and procfs write redirects CVE-2025-52881 golang: archive/tar: Unbounded...

SUSE SLES15 Security Update : buildah (SUSE-SU-2025:4074-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2025:4074-1 advisory. - CVE-2025-52881: Fixed container breakouts by bypassing runc's restrictions for writing to arbitrary /proc files bsc1253096 Other fixes: -...

Linux Distros Unpatched Vulnerability : CVE-2024-9675

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in Buildah. Cache mounts do not properly validate that user-specified paths for the cache are within our cache directory, allowing a R...

Important: container-tools:rhel8 security update

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: podman: buildah: Container breakout by using --jobs=2 and a race condition when building a malicious Containerfile CVE-2024-11218 For more details about the security...

CVE-2024-11218 Podman: buildah: container breakout by using --jobs=2 and a race condition when building a malicious containerfile

A vulnerability was found in podman build and buildah. This issue occurs in a container breakout by using --jobs=2 and a race condition when building a malicious Containerfile. SELinux might mitigate it, but even with SELinux on, it still allows the enumeration of files and directories on the hos...

RHEL 8 : container-tools:rhel8 (RHSA-2024:8703)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:8703 advisory. The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: buildah: Buildah...

RHEL 9 : podman (RHSA-2024:8709)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:8709 advisory. The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods...