Fedora: Security Advisory (FEDORA-2025-a8059b12d3)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 43 : cri-o1.34 (2025-a8059b12d3)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-a8059b12d3 advisory. Update to release v1.34.1 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

[SECURITY] Fedora 41 Update: cri-o1.33-1.33.5-1.fc41

Open Container Initiative-based implementation of Kubernetes Container Runtime Interface...

Fedora 41 : cri-o1.34 (2025-4f3ebd73fa)

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-4f3ebd73fa advisory. - Update to release v1.34.1 - Resolves: rhbz2333357, rhbz2398409, rhbz2398664, rhbz2399066, rhbz2399340 - Upstream fixes Tenable has extracted the...

AZL-57289 CVE-2025-22869 affecting package cri-o 1.30.1-1

SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to be read into memory, but never transmitted...

AZL-48525 CVE-2024-45310 affecting package cri-o 1.30.1-1

runc is a CLI tool for spawning and running containers according to the OCI specification. runc 1.1.13 and earlier, as well as 1.2.0-rc2 and earlier, can be tricked into creating empty files or directories in arbitrary locations in the host filesystem by sharing a volume between two containers an...

CVE-2022-3466

The version of cri-o as released for Red Hat OpenShift Container Platform 4.9.48, 4.10.31, and 4.11.6 via RHBA-2022:6316, RHBA-2022:6257, and RHBA-2022:6658, respectively, included an incorrect version of cri-o missing the fix for CVE-2022-27652, which was previously fixed in OCP 4.9.41 and 4.10....

Design/Logic Flaw

The version of cri-o as released for Red Hat OpenShift Container Platform 4.9.48, 4.10.31, and 4.11.6 via RHBA-2022:6316, RHBA-2022:6257, and RHBA-2022:6658, respectively, included an incorrect version of cri-o missing the fix for CVE-2022-27652, which was previously fixed in OCP 4.9.41 and 4.10....

Security fix for the ALT Linux 10 package cri-o version 1.26.2-alt1

1.26.2-alt1 built March 29, 2023 Alexander Stepchenko in task 317575 March 27, 2023 Alexander Stepchenko - 1.26.2 - Fixes: CVE-2022-2995, CVE-2022-27652, CVE-2022-4318...

CVE-2022-3466

The version of cri-o as released for Red Hat OpenShift Container Platform 4.9.48, 4.10.31, and 4.11.6 via RHBA-2022:6316, RHBA-2022:6257, and RHBA-2022:6658, respectively, included an incorrect version of cri-o missing the fix for CVE-2022-27652, which was previously fixed in OCP 4.9.41 and 4.10....

Security fix for the ALT Linux 10 package cri-o version 1.22.3-alt2

1.22.3-alt2 built March 24, 2022 Mikhail Gordeev in task 296969 March 21, 2022 Mikhail Gordeev - Add cve fix to changelog - Fixes: CVE-2022-0811...