Oracle Linux 8 : container-tools (ELSA-2024-4246)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-4246 advisory. aardvark-dns 2:1.10.0-1 - update to https://github.com/containers/aardvark-dns/releases/tag/v1.10.0 - Related: Jira:RHEL-2110 2:1.9.0-1 - update to...

New “Snowblind” Android Malware Steals Logins, Bypasses Security Features

New Android Malware "Snowblind" bypasses security! It exploits Linux's seccomp to launch scalable attacks and steal your data. Download safely, update your device, and consider mobile security to stay protected...

RHEL 7 : kubernetes (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - kubernetes: Privilege escalation in the PodSecurityPolicy admission plugin CVE-2017-1000056 - In Kubernet...

container-tools:4.0 security update

An update is available for libslirp, module.buildah, module.crun, buildah, fuse-overlayfs, udica, module.oci-seccomp-bpf-hook, module.runc, conmon, module.containers-common, python-podman, module.libslirp, module.fuse-overlayfs, runc, criu, module.toolbox, module.container-selinux,...

container-tools:rhel8 security and bug fix update

An update is available for libslirp, module.buildah, module.crun, buildah, fuse-overlayfs, udica, module.oci-seccomp-bpf-hook, module.netavark, module.runc, conmon, module.containers-common, python-podman, module.libslirp, module.aardvark-dns, module.fuse-overlayfs, runc, criu, aardvark-dns,...

container-tools:4.0 security update

buildah 1.24.7-1 - bump to v1.24.7 - Resolves: RHEL-26767 cockpit-podman conmon containernetworking-plugins containers-common container-selinux criu crun fuse-overlayfs libslirp oci-seccomp-bpf-hook podman python-podman runc 1.1.12-1.0.1 - rebuild with golang 1.20.12 for CVE-2023-39326 skopeo...

container-tools:ol8 security and bug fix update

aardvark-dns buildah 1:1.31.5-1 - update to the latest content of https://github.com/containers/buildah/tree/release-1.31 https://github.com/containers/buildah/commit/5fd539c - Resolves: RHEL-26772 1:1.31.3-3 - Make the module buildable again - Resolves: RHEL-16299 1:1.31.3-2 - Rebuild with golan...

RHEL 7 : qemu-kvm-rhev (RHSA-2019:2425)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:2425 advisory. KVM Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provi...

container-tools:rhel8 bug fix update

An update is available for libslirp, module.buildah, module.crun, buildah, fuse-overlayfs, udica, module.oci-seccomp-bpf-hook, module.netavark, module.runc, conmon, module.containers-common, python-podman, module.libslirp, module.aardvark-dns, module.fuse-overlayfs, runc, criu, aardvark-dns,...

container-tools:4.0 security update

buildah cockpit-podman conmon containernetworking-plugins containers-common container-selinux criu crun fuse-overlayfs libslirp oci-seccomp-bpf-hook podman 2:4.0.2-26 - rebuild with golang 1.20.12 for CVE-2023-39326 python-podman runc 1:1.1.12-1.0.1 - rebuild with golang 1.20.12 for CVE-2023-3932...

container-tools:rhel8 security update

An update is available for libslirp, module.runc, module.libslirp, runc. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The container-tools module contains tool...

SUSE-SU-2024:0441-1 Security update for kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-tools-container, virt-operator-container, virt-pr-helper-container

This update for kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-tools-container, virt-operator-container, virt-pr-helper-container fixes the following issues: Update ...

Privilege Escalation

github.com/openshift/apiserver-library-go is vulnerable to Privilege Escalation. The vulnerability is caused due to improper input validation within strategy.go. This could allow low-privileged users to set the seccomp profile for pods they control to unconfined...

kernel: Unprivileged users may use PTRACE_SEIZE to set PTRACE_O_SUSPEND_SECCOMP option

A flaw was found in the Linux kernel. The PTRACESEIZE code path allows attackers to bypass intended restrictions on setting the PTSUSPENDSECCOMP flag, possibly disabling seccomp...

container-tools:4.0 security update

buildah 1:1.24.6-7 - rebuild for CVE-2023-29406 - Related: 2176055 cockpit-podman 46-1 - update to https://github.com/cockpit-project/cockpit-podman/releases/tag/46 - Related: 2061390 conmon 2:2.1.4-2 - update to https://github.com/containers/conmon/releases/tag/v2.1.4 - Related: 2176055...

Security Bulletin: CICS Transaction Gateway Containers are vulnerable to unwanted system calls such as unshare() (CVE-2022-0185).

Summary CICS Transaction Gateway Containers are vulnerable to CVE-2022-0185 if the SECCOMP profile is not configured so as to disable unwanted system calls such as unshare. Vulnerability Details CVEID:CVE-2022-0185 DESCRIPTION: Linux Kernel is vulnerable to a heap-based buffer overflow, caused by...

SUSE-SU-2023:4868-1 Security update for tracker-miners

This update for tracker-miners fixes the following issues: - CVE-2023-5557: Fixed a sandbox escape by adding seccomp rules and applying it to the whole process bsc1216199 - rebuild against current ICU 73...

tracker-miners security update

2.1.5-2.1 - Bump dist 2.1.5-2 - Backport stricter seccomp jail Resolves: RHEL-12466...

tracker-miners security update

3.1.2-4 - Backport stricter seccomp jail Resolves: RHEL-12469...

container-tools:rhel8 bug fix update

An update is available for libslirp, module.buildah, module.crun, buildah, fuse-overlayfs, udica, module.oci-seccomp-bpf-hook, module.netavark, module.runc, conmon, module.containers-common, python-podman, module.libslirp, module.aardvark-dns, module.fuse-overlayfs, runc, criu, aardvark-dns,...