SUSE: 2023:4936-1 Important: Docker Rootlesskit Critical Issues

suse

December 20, 2023

* bsc#1170415 * bsc#1170446 * bsc#1178760 * bsc#1210141 * bsc#1213229

Summary

## This update for docker, rootlesskit fixes the following issues: docker: * Update to Docker 24.0.7-ce. See upstream changelong online at https://docs.docker.com/engine/release-notes/24.0/#2407>. bsc#1217513 * Deny containers access to /sys/devices/virtual/powercap by default. * CVE-2020-8694 bsc#1170415 * CVE-2020-8695 bsc#1170446 * CVE-2020-12912 bsc#1178760 * Update to Docker 24.0.6-ce. See upstream changelong online at https://docs.docker.com/engine/release-notes/24.0/#2406. bsc#1215323 * Add a docker.socket unit file, but with socket activation effectively disabled to ensure that Docker will always run even if you start the socket individually. Users should probably just ignore this unit file. bsc#1210141 * Update to Docker 24.0.5-ce. See upstream changelong online at

Topics Covered

security advisory important SUSE security issues docker rootlesskit

References

* bsc#1170415

* bsc#1170446

* bsc#1178760

* bsc#1210141

* bsc#1213229

* bsc#1213500

* bsc#1215323

* bsc#1217513

* jsc#PED-6180

Cross-

* CVE-2020-12912

* CVE-2020-8694

* CVE-2020-8695

CVSS scores:

* CVE-2020-12912 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

* CVE-2020-12912 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

* CVE-2020-8694 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

* CVE-2020-8694 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

* CVE-2020-8695 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N

* CVE-2020-8695 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Affected Products:

* Containers Module 15-SP4

* Containers Module 15-SP5

* openSUSE Leap 15.4

* openSUSE Leap 15.5

* openSUSE Leap Micro 5.3

Severity

important

Lowest

Low

Medium

High

Critical

Announcement ID: SUSE-SU-2023:4936-1

Rating: important

Topics Covered

security advisory important SUSE security issues docker rootlesskit

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2023:4936-1 Important: Docker Rootlesskit Critical Issues

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2023:4936-1 Important: Docker Rootlesskit Critical Issues

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!