Security Bulletin: Red Hat OpenShift on IBM Cloud is affected by a cri-o security vulnerability (CVE-2024-8676)

Summary Red Hat OpenShift on IBM Cloud is affected by a security vulnerability that may allow a malicious user to trick cri-o into restoring a pod that doesn't have CVE-2024-8676 Vulnerability Details CVEID: CVE-2024-8676 Description: A vulnerability was found in CRI-O, where it can be requested ...

cri-o: Checkpoint restore can be triggered from different namespaces

A vulnerability was found in CRI-O, where it can be requested to take a checkpoint archive of a container and later be asked to restore it. When it does that restoration, it attempts to restore the mounts from the restore archive instead of the pod request. As a result, the validations run on the...

SUSE CVE-2024-8676

A vulnerability was found in CRI-O, where it can be requested to take a checkpoint archive of a container and later be asked to restore it. When it does that restoration, it attempts to restore the mounts from the restore archive instead of the pod request. As a result, the validations run on the...

AZL-53540 CVE-2024-8676 affecting package cri-o 1.30.1-1

A vulnerability was found in CRI-O, where it can be requested to take a checkpoint archive of a container and later be asked to restore it. When it does that restoration, it attempts to restore the mounts from the restore archive instead of the pod request. As a result, the validations run on the...