## This update for podman fixes the following issues: * CVE-2024-9676: github.com/containers/storage: Fixed symlink traversal vulnerability in the containers/storage library can cause Denial of Service (DoS) (bsc#1231698) * Load ip_tables and ip6_tables kernel module (bsc#1214612) * Required for rootless mode as a regular user has no permission to load kernel modules * CVE-2024-9675: Fixed cache arbitrary directory mount in buildah (bsc#1231499) * CVE-2024-9407: Fixed Improper Input Validation in bind-propagation Option of Dockerfile RUN --mount Instruction in buildah (bsc#1231208) * CVE-2024-9341: cri-o: FIPS Crypto-Policy Directory Mounting Issue in containers/common Go Library (bsc#1231230) * CVE-2024-1753: Fixed full container escape at build time in buildah (bsc#1221677)
* bsc#1214612
* bsc#1215807
* bsc#1215926
* bsc#1217828
* bsc#1221677
* bsc#1231208
* bsc#1231230
* bsc#1231499
* bsc#1231698
* bsc#1236270
Cross-
* CVE-2024-11218
* CVE-2024-1753
* CVE-2024-9341
* CVE-2024-9407
* CVE-2024-9675
* CVE-2024-9676
CVSS scores:
* CVE-2024-11218 ( SUSE ): 8.7
CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
* CVE-2024-11218 ( SUSE ): 7.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
* CVE-2024-11218 ( NVD ): 8.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
* CVE-2024-1753 ( SUSE ): 8.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
* CVE-2024-1753 ( NVD ): 8.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
* CVE-2024-9341 ( SUSE ): 5.8
CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:A/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N
Get the latest Linux and open source security news straight to your inbox.