SUSE-SU-2025:20080-1
- Source
- https://www.suse.com/support/update/announcement/2025/suse-su-202520080-1/
- Import Source
- https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2025:20080-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/SUSE-SU-2025:20080-1
- Upstream
- Related
- Published
- 2025-02-03T09:06:00Z
- Modified
- 2026-03-23T04:48:09.240770Z
- Summary
- Security update for podman
- Details
-
This update for podman fixes the following issues:
- CVE-2024-9676: Fixed a denial of service via a symlink traversal in the containers/storage library (bsc#1231698)
- CVE-2024-9341: Fixed FIPS Crypto-Policy Directory Mounting Issue in containers/common Go Library (bsc#1231230)
- CVE-2024-9675: Fixed caching of arbitrary directory mount (bsc#1231499)
- CVE-2024-9407: Fixed improper input validation in bind-propagation option of Dockerfile RUN --mount instruction (bsc#1231208)
- References
-
- https://www.suse.com/support/update/announcement/2025/suse-su-202520080-1/
- https://bugzilla.suse.com/1231208
- https://bugzilla.suse.com/1231230
- https://bugzilla.suse.com/1231499
- https://bugzilla.suse.com/1231698
- https://www.suse.com/security/cve/CVE-2024-6104
- https://www.suse.com/security/cve/CVE-2024-9341
- https://www.suse.com/security/cve/CVE-2024-9407
- https://www.suse.com/security/cve/CVE-2024-9675
- https://www.suse.com/security/cve/CVE-2024-9676
Affected packages
SUSE:Linux Micro 6.0 / podman
Package
- Name
- podman
- Purl
- pkg:rpm/suse/podman&distro=SUSE%20Linux%20Micro%206.0
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.9.5-2.1