RLSA-2024:0121

See a problem?
Please try reporting it to the source first.
Source
https://errata.rockylinux.org/RLSA-2024:0121
Import Source
https://storage.googleapis.com/resf-osv-data/RLSA-2024:0121.json
JSON Data
https://api.osv.dev/v1/vulns/RLSA-2024:0121
Published
2025-05-07T19:11:47.341314Z
Modified
2025-05-07T19:38:05.170896Z
Upstream
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N CVSS Calculator
Summary
Moderate: container-tools:4.0 security update
Details

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc.

Security Fix(es):

  • golang: archive/tar: unbounded memory consumption when reading headers (CVE-2022-2879)

  • golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters (CVE-2022-2880)

  • golang: net/http: handle server errors after sending GOAWAY (CVE-2022-27664)

  • golang: regexp/syntax: limit memory used by parsing regexps (CVE-2022-41715)

  • golang: crypto/tls: slow verification of certificate chains containing large RSA keys (CVE-2023-29409)

  • golang: html/template: improper handling of HTML-like comments within script contexts (CVE-2023-39318)

  • golang: html/template: improper handling of special tags within script contexts (CVE-2023-39319)

  • golang: crypto/tls: panic when processing post-handshake message on QUIC connections (CVE-2023-39321)

  • golang: crypto/tls: lack of a limit on buffered post-handshake (CVE-2023-39322)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References
Credits
    • Rocky Enterprise Software Foundation
    • Red Hat

Affected packages

Rocky Linux:8 / buildah

Package

Name
buildah
Purl
pkg:rpm/rocky-linux/buildah?distro=rocky-linux-8&epoch=1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:1.24.6-7.module+el8.9.0+1445+07728297

Rocky Linux:8 / cockpit-podman

Package

Name
cockpit-podman
Purl
pkg:rpm/rocky-linux/cockpit-podman?distro=rocky-linux-8&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:46-1.module+el8.9.0+1445+07728297

Rocky Linux:8 / conmon

Package

Name
conmon
Purl
pkg:rpm/rocky-linux/conmon?distro=rocky-linux-8&epoch=2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2:2.1.4-2.module+el8.9.0+1445+07728297

Rocky Linux:8 / containers-common

Package

Name
containers-common
Purl
pkg:rpm/rocky-linux/containers-common?distro=rocky-linux-8&epoch=2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2:1-38.module+el8.9.0+1445+07728297

Rocky Linux:8 / container-selinux

Package

Name
container-selinux
Purl
pkg:rpm/rocky-linux/container-selinux?distro=rocky-linux-8&epoch=2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2:2.205.0-3.module+el8.9.0+1445+07728297

Rocky Linux:8 / criu

Package

Name
criu
Purl
pkg:rpm/rocky-linux/criu?distro=rocky-linux-8&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:3.15-3.module+el8.9.0+1445+07728297

Rocky Linux:8 / fuse-overlayfs

Package

Name
fuse-overlayfs
Purl
pkg:rpm/rocky-linux/fuse-overlayfs?distro=rocky-linux-8&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:1.9-2.module+el8.9.0+1445+07728297

Rocky Linux:8 / libslirp

Package

Name
libslirp
Purl
pkg:rpm/rocky-linux/libslirp?distro=rocky-linux-8&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:4.4.0-1.module+el8.9.0+1445+07728297

Rocky Linux:8 / oci-seccomp-bpf-hook

Package

Name
oci-seccomp-bpf-hook
Purl
pkg:rpm/rocky-linux/oci-seccomp-bpf-hook?distro=rocky-linux-8&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:1.2.5-2.module+el8.9.0+1445+07728297

Rocky Linux:8 / python-podman

Package

Name
python-podman
Purl
pkg:rpm/rocky-linux/python-podman?distro=rocky-linux-8&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:4.0.0-2.module+el8.9.0+1445+07728297

Rocky Linux:8 / runc

Package

Name
runc
Purl
pkg:rpm/rocky-linux/runc?distro=rocky-linux-8&epoch=1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:1.1.5-2.module+el8.9.0+1445+07728297

Rocky Linux:8 / skopeo

Package

Name
skopeo
Purl
pkg:rpm/rocky-linux/skopeo?distro=rocky-linux-8&epoch=2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2:1.6.2-9.module+el8.9.0+1578+aa900b44

Rocky Linux:8 / slirp4netns

Package

Name
slirp4netns
Purl
pkg:rpm/rocky-linux/slirp4netns?distro=rocky-linux-8&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:1.1.8-3.module+el8.9.0+1445+07728297

Rocky Linux:8 / udica

Package

Name
udica
Purl
pkg:rpm/rocky-linux/udica?distro=rocky-linux-8&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:0.2.6-4.module+el8.9.0+1445+07728297