Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

SUSE: 2023:4625-1 Important: Containerd, Docker, Runc Security Fix

suse
Calendar Grey December 1, 2023
Dist Suse Esm H88
Important security fix for containerd, Docker, and runc addresses multiple vulnerabilities. Ensure your systems are updated.
* bsc#1170415 * bsc#1170446 * bsc#1178760 * bsc#1217513

Summary

## This update for containerd, docker, runc fixes the following issues: containerd: -Update to containerd v1.7.8. Upstream release notes: https://github.com/containerd/containerd/releases/tag/v1.7.8 docker: * Update to Docker 24.0.7-ce. See upstream changelong online at https://docs.docker.com/engine/release-notes/24.0/#2407 (bsc#1217513) * Deny containers access to /sys/devices/virtual/powercap by default. * CVE-2020-8694 bsc#1170415 * CVE-2020-8695 bsc#1170446 * CVE-2020-12912 bsc#1178760 runc: * Update to runc v1.1.10. Upstream changelog is available from https://github.com/opencontainers/runc/releases/tag/v1.1.10 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".

Topics%20covered

Topics Covered

security advisory SUSE important fix docker runc containerd

References

* bsc#1170415

* bsc#1170446

* bsc#1178760

* bsc#1217513

Cross-

* CVE-2020-12912

* CVE-2020-8694

* CVE-2020-8695

CVSS scores:

* CVE-2020-12912 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

* CVE-2020-12912 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

* CVE-2020-8694 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

* CVE-2020-8694 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

* CVE-2020-8695 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N

* CVE-2020-8695 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Affected Products:

* Containers Module 12

* SUSE Linux Enterprise High Performance Computing 12 SP2

* SUSE Linux Enterprise High Performance Computing 12 SP3

* SUSE Linux Enterprise High Performance Computing 12 SP4

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2023:4625-1
Rating: important

Topics%20covered

Topics Covered

security advisory SUSE important fix docker runc containerd

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here