185 matches found
DEBIAN-CVE-2023-25809
runc is a CLI tool for spawning and running containers according to the OCI specification. In affected versions it was found that rootless runc makes /sys/fs/cgroup writable in following conditons: 1. when runc is executed inside the user namespace, and the config.json does not specify the cgroup...
Design/Logic Flaw
runc is a CLI tool for spawning and running containers according to the OCI specification. In affected versions it was found that rootless runc makes /sys/fs/cgroup writable in following conditons: 1. when runc is executed inside the user namespace, and the config.json does not specify the cgroup...
UBUNTU-CVE-2023-25809
runc is a CLI tool for spawning and running containers according to the OCI specification. In affected versions it was found that rootless runc makes /sys/fs/cgroup writable in following conditons: 1. when runc is executed inside the user namespace, and the config.json does not specify the cgroup...
CVE-2023-25809 rootless: `/sys/fs/cgroup` is writable when cgroupns isn't unshared in runc
runc is a CLI tool for spawning and running containers according to the OCI specification. In affected versions it was found that rootless runc makes /sys/fs/cgroup writable in following conditons: 1. when runc is executed inside the user namespace, and the config.json does not specify the cgroup...
CVE-2023-25809 rootless: `/sys/fs/cgroup` is writable when cgroupns isn't unshared in runc
runc is a CLI tool for spawning and running containers according to the OCI specification. In affected versions it was found that rootless runc makes /sys/fs/cgroup writable in following conditons: 1. when runc is executed inside the user namespace, and the config.json does not specify the cgroup...
SUSE SLED15 / SLES15 Security Update : conmon, libcontainers-common, libseccomp, podman (SUSE-SU-2022:23018-1)
The remote SUSE Linux SLED15 / SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:23018-1 advisory. - An information disclosure vulnerability was found in containers/podman in versions before 2.0.5. When using the deprecated Varlink...
SUSE CVE-2021-20199
Rootless containers run with Podman, receive all traffic with a source IP address of 127.0.0.1 including from remote hosts. This impacts containerized applications that trust localhost 127.0.01 connections by default and do not require authentication. This issue affects Podman 1.8.0 onwards...
SUSE SLES15 Security Update : podman (SUSE-SU-2023:0326-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0326-1 advisory. podman was updated to version 4.3.1: 4.3.1: Bugfixes - Fixed a deadlock between the podman ps and podman container inspect commands...
SUSE SLES15 / openSUSE 15 Security Update : podman (SUSE-SU-2023:0187-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0187-1 advisory. podman was updated to version 4.3.1: 4.3.1: Bugfixes - Fixed a deadlock between the podman ps and podman container...
Oracle Linux 9 : podman (ELSA-2022-7954)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-7954 advisory. 2:4.2.0-3.0.1 - Drop nmap-ncat requirement and skip ignore-socket test case Orabug: 34117404 2:4.2.0-3 - fix dependency in test subpackage - Related:...
AlmaLinux 9 : podman (ALSA-2022:7954)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:7954 advisory. - In x/text in Go 1.15.4, an index out of range panic occurs in language.ParseAcceptLanguage while parsing the -u- extension. x/text/language is supposed ...
podman: Remote traffic to rootless containers is seen as orginating from localhost
A flaw was found in podman. Rootless containers receive all traffic with a source IP address of 127.0.0.1 including from remote hosts which impact containerized applications that trust localhost 127.0.01 connections by default and do not require authentication. The highest threat from this...
SUSE: Security Advisory (SUSE-SU-2022:3312-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
fuse-overlayfs bug fix and enhancement update
An update is available for fuse-overlayfs. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The fuse-overlayfs package provides an overlayfs FUSE implementation,...
Fedora: Security Advisory for golang-github-containerd-fuse-overlayfs-snapshotter (FEDORA-2022-5ef0bd9a27)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory for golang-github-containerd-fuse-overlayfs-snapshotter (FEDORA-2022-3969b64d4b)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] Fedora 36 Update: golang-github-containerd-fuse-overlayfs-snapshotter-1.0.2-7.fc36
Fuse-overlayfs plugin for rootless containerd...
openSUSE 15 Security Update : conmon, libcontainers-common, libseccomp, podman (openSUSE-SU-2022:23018-1)
The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:23018-1 advisory. - An information disclosure vulnerability was found in containers/podman in versions before 2.0.5. When using the deprecated Varlink API o...
SUSE-SU-2022:23018-1 Security update for conmon, libcontainers-common, libseccomp, podman
This update for conmon, libcontainers-common, libseccomp, podman fixes the following issues: podman was updated to 3.4.4. Security issues fixed: - fix CVE-2021-41190 bsc1193273, opencontainers: OCI manifest and index parsing confusion - fix CVE-2021-4024 bsc1193166, podman machine spawns gvproxy...
[SECURITY] Fedora 34 Update: xpra-4.3.2-1.fc34
Xpra is "screen for X": it allows you to run X programs, usually on a remote host, direct their display to your local machine, and then to disconnect from these programs and reconnect from the same or another machine, without losing any state. It gives you remote access to individual applications...