SUSE: 2024:3324-1 Low Severity: runc File Creation Risk
suse
September 19, 2024
* bsc#1230092 Cross-References: * CVE-2024-45310
Summary
## This update for runc fixes the following issues: * Update to runc v1.1.14 * CVE-2024-45310: Fixed an issue where runc can be tricked into creating empty files/directories on host. (bsc#1230092) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Containers Module 12 zypper in -t patch SUSE-SLE-Module-Containers-12-2024-3324=1 ## Package List: * Containers Module 12 (ppc64le s390x x86_64) * runc-debuginfo-1.1.14-16.55.1 * runc-1.1.14-16.55.1
Topics Covered
References
* bsc#1230092
Cross-
* CVE-2024-45310
CVSS scores:
* CVE-2024-45310 ( SUSE ): 3.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
Affected Products:
* Containers Module 12
* SUSE Linux Enterprise High Performance Computing 12 SP2
* SUSE Linux Enterprise High Performance Computing 12 SP3
* SUSE Linux Enterprise High Performance Computing 12 SP4
* SUSE Linux Enterprise High Performance Computing 12 SP5
* SUSE Linux Enterprise Server 12
* SUSE Linux Enterprise Server 12 SP1
* SUSE Linux Enterprise Server 12 SP2
* SUSE Linux Enterprise Server 12 SP3
* SUSE Linux Enterprise Server 12 SP4
* SUSE Linux Enterprise Server 12 SP5
* SUSE Linux Enterprise Server for SAP Applications 12
* SUSE Linux Enterprise Server for SAP Applications 12 SP1
* SUSE Linux Enterprise Server for SAP Applications 12 SP2
PREVIOUS
NEXT
Severity
low
Lowest
Low
Medium
High
Critical
Announcement ID: SUSE-SU-2024:3324-1
Rating: low
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!