RLSA-2024:0748
- Source
- https://errata.rockylinux.org/RLSA-2024:0748
- Import Source
- https://storage.googleapis.com/resf-osv-data/RLSA-2024:0748.json
- JSON Data
- https://api.osv.dev/v1/vulns/RLSA-2024:0748
- Published
- 2025-05-07T19:11:47.341314Z
- Modified
- 2025-05-07T19:38:06.038380Z
- Upstream
- Severity
-
- 8.6 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H CVSS Calculator
- Summary
- Important: container-tools:4.0 security update
- Details
-
The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc.
Security Fix(es):
- runc: file descriptor leak ("Leaky Vessels") (CVE-2024-21626)
A Rocky Enterprise Software Foundation Security Bulletin which addresses further details about the Leaky Vessels flaw is available in the References section.
golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests (CVE-2023-39326)
golang: crypto/tls: Timing Side Channel attack in RSA based TLS key exchanges. (CVE-2023-45287)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
- References
- Credits
-
-
- Rocky Enterprise Software Foundation
-
- Red Hat
-
Affected packages
Rocky Linux:8 / buildah
Package
- Name
- buildah
- Purl
- pkg:rpm/rocky-linux/buildah?distro=rocky-linux-8&epoch=1
Rocky Linux:8 / cockpit-podman
Package
- Name
- cockpit-podman
- Purl
- pkg:rpm/rocky-linux/cockpit-podman?distro=rocky-linux-8&epoch=0
Rocky Linux:8 / conmon
Package
- Name
- conmon
- Purl
- pkg:rpm/rocky-linux/conmon?distro=rocky-linux-8&epoch=2
Rocky Linux:8 / containers-common
Package
- Name
- containers-common
- Purl
- pkg:rpm/rocky-linux/containers-common?distro=rocky-linux-8&epoch=2
Rocky Linux:8 / container-selinux
Package
- Name
- container-selinux
- Purl
- pkg:rpm/rocky-linux/container-selinux?distro=rocky-linux-8&epoch=2
Rocky Linux:8 / criu
Package
- Name
- criu
- Purl
- pkg:rpm/rocky-linux/criu?distro=rocky-linux-8&epoch=0
Rocky Linux:8 / fuse-overlayfs
Package
- Name
- fuse-overlayfs
- Purl
- pkg:rpm/rocky-linux/fuse-overlayfs?distro=rocky-linux-8&epoch=0
Rocky Linux:8 / libslirp
Package
- Name
- libslirp
- Purl
- pkg:rpm/rocky-linux/libslirp?distro=rocky-linux-8&epoch=0
Rocky Linux:8 / oci-seccomp-bpf-hook
Package
- Name
- oci-seccomp-bpf-hook
- Purl
- pkg:rpm/rocky-linux/oci-seccomp-bpf-hook?distro=rocky-linux-8&epoch=0
Rocky Linux:8 / python-podman
Package
- Name
- python-podman
- Purl
- pkg:rpm/rocky-linux/python-podman?distro=rocky-linux-8&epoch=0
Rocky Linux:8 / runc
Package
- Name
- runc
- Purl
- pkg:rpm/rocky-linux/runc?distro=rocky-linux-8&epoch=1
Rocky Linux:8 / runc
Package
- Name
- runc
- Purl
- pkg:rpm/rocky-linux/runc?distro=rocky-linux-8&epoch=1
Rocky Linux:8 / skopeo
Package
- Name
- skopeo
- Purl
- pkg:rpm/rocky-linux/skopeo?distro=rocky-linux-8&epoch=2
Rocky Linux:8 / slirp4netns
Package
- Name
- slirp4netns
- Purl
- pkg:rpm/rocky-linux/slirp4netns?distro=rocky-linux-8&epoch=0
Rocky Linux:8 / udica
Package
- Name
- udica
- Purl
- pkg:rpm/rocky-linux/udica?distro=rocky-linux-8&epoch=0