RLSA-2021:2371

Import Source

https://storage.googleapis.com/resf-osv-data/RLSA-2021:2371.json

Related

CVE-2021-30465

Published

2021-06-10T07:45:39Z

Modified

2023-02-02T13:24:38.105545Z

Details

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc.

Security Fix(es):

runc: vulnerable to symlink exchange attack (CVE-2021-30465)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References

Affected packages

Rocky Linux:8 / buildah

Package

Name: buildah

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

0:1.19.7-2.module+el8.4.0+556+40122d08

Rocky Linux:8 / cockpit-podman

Package

Name: cockpit-podman

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

0:29-2.module+el8.7.0+1076+9b1c11c1

Rocky Linux:8 / cockpit-podman

Package

Name: cockpit-podman

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

0:29-2.module+el8.4.0+556+40122d08

Rocky Linux:8 / cockpit-podman

Package

Name: cockpit-podman

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

0:29-2.module+el8.5.0+709+440d5e7e

Rocky Linux:8 / cockpit-podman

Package

Name: cockpit-podman

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

0:29-2.module+el8.6.0+783+10209741

Rocky Linux:8 / conmon

Package

Name: conmon

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

2:2.0.26-3.module+el8.7.0+1076+9b1c11c1

Rocky Linux:8 / conmon

Package

Name: conmon

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

2:2.0.26-3.module+el8.4.0+556+40122d08

Rocky Linux:8 / containernetworking-plugins

Package

Name: containernetworking-plugins

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

0:0.9.1-1.module+el8.7.0+1076+9b1c11c1

Rocky Linux:8 / containernetworking-plugins

Package

Name: containernetworking-plugins

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

0:0.9.1-1.module+el8.4.0+556+40122d08

Rocky Linux:8 / containernetworking-plugins

Package

Name: containernetworking-plugins

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

0:0.9.1-1.module+el8.5.0+709+440d5e7e

Rocky Linux:8 / containernetworking-plugins

Package

Name: containernetworking-plugins

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

0:0.9.1-1.module+el8.6.0+783+10209741

Rocky Linux:8 / container-selinux

Package

Name: container-selinux

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

2:2.162.0-1.module+el8.4.0+556+40122d08

Rocky Linux:8 / criu

Package

Name: criu

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

0:3.15-1.module+el8.7.0+1076+9b1c11c1

Rocky Linux:8 / criu

Package

Name: criu

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

0:3.15-1.module+el8.4.0+556+40122d08

Rocky Linux:8 / criu

Package

Name: criu

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

0:3.15-1.module+el8.5.0+709+440d5e7e

Rocky Linux:8 / criu

Package

Name: criu

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

0:3.15-1.module+el8.6.0+783+10209741

Rocky Linux:8 / crun

Package

Name: crun

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

0:0.18-2.module+el8.4.0+556+40122d08

Rocky Linux:8 / crun

Package

Name: crun

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

0:0.18-2.module+el8.5.0+709+440d5e7e

Rocky Linux:8 / fuse-overlayfs

Package

Name: fuse-overlayfs

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

0:1.4.0-3.module+el8.4.0+556+40122d08

Rocky Linux:8 / libslirp

Package

Name: libslirp

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

0:4.3.1-1.module+el8.7.0+1076+9b1c11c1

Rocky Linux:8 / libslirp

Package

Name: libslirp

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

0:4.3.1-1.module+el8.4.0+556+40122d08

Rocky Linux:8 / libslirp

Package

Name: libslirp

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

0:4.3.1-1.module+el8.5.0+709+440d5e7e

Rocky Linux:8 / libslirp

Package

Name: libslirp

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

0:4.3.1-1.module+el8.6.0+783+10209741

Rocky Linux:8 / oci-seccomp-bpf-hook

Package

Name: oci-seccomp-bpf-hook

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

0:1.2.0-2.module+el8.4.0+556+40122d08

Rocky Linux:8 / podman

Package

Name: podman

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

0:3.0.1-7.module+el8.4.0+556+40122d08

Rocky Linux:8 / podman

Package

Name: podman

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

0:3.0.1-7.module+el8.5.0+734+8397cf81

Rocky Linux:8 / runc

Package

Name: runc

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

0:1.0.0-73.rc93.module+el8.4.0+556+40122d08

Rocky Linux:8 / skopeo

Package

Name: skopeo

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

1:1.2.2-10.module+el8.4.0+556+40122d08

Rocky Linux:8 / skopeo

Package

Name: skopeo

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

1:1.2.2-10.module+el8.5.0+709+440d5e7e

Rocky Linux:8 / slirp4netns

Package

Name: slirp4netns

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

0:1.1.8-1.module+el8.7.0+1076+9b1c11c1

Rocky Linux:8 / slirp4netns

Package

Name: slirp4netns

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

0:1.1.8-1.module+el8.4.0+537+38cf4e42

Rocky Linux:8 / slirp4netns

Package

Name: slirp4netns

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

0:1.1.8-1.module+el8.5.0+709+440d5e7e

Rocky Linux:8 / slirp4netns

Package

Name: slirp4netns

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

0:1.1.8-1.module+el8.6.0+783+10209741

Rocky Linux:8 / toolbox

Package

Name: toolbox

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

0:0.0.8-1.module+el8.4.0+556+40122d08

Rocky Linux:8 / udica

Package

Name: udica

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

0:0.2.4-1.module+el8.7.0+1076+9b1c11c1

Rocky Linux:8 / udica

Package

Name: udica

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

0:0.2.4-1.module+el8.4.0+556+40122d08

Rocky Linux:8 / udica

Package

Name: udica

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

0:0.2.4-1.module+el8.5.0+709+440d5e7e

Rocky Linux:8 / udica

Package

Name: udica

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

0:0.2.4-1.module+el8.6.0+783+10209741