Alerts This Week
Warning Icon 1 1,109
Alerts This Week
Warning Icon 1 1,109

SUSE: 2025:0267-1 important: podman security fixes for multiple issues

suse
Calendar Grey January 28, 2025
Dist Suse Esm H88
Canonical reveals significant updates to LXD, tackling various vulnerabilities, including privilege escalation and security misconfigurations.
* bsc#1214612 * bsc#1215807 * bsc#1215926 * bsc#1217828 * bsc#1221677

Summary

## This update for podman fixes the following issues: * CVE-2024-9676: github.com/containers/storage: Fixed symlink traversal vulnerability in the containers/storage library can cause Denial of Service (DoS) (bsc#1231698) * Load ip_tables and ip6_tables kernel module (bsc#1214612) * Required for rootless mode as a regular user has no permission to load kernel modules * CVE-2024-9675: Fixed cache arbitrary directory mount in buildah (bsc#1231499) * CVE-2024-9407: Fixed Improper Input Validation in bind-propagation Option of Dockerfile RUN --mount Instruction in buildah (bsc#1231208) * CVE-2024-9341: cri-o: FIPS Crypto-Policy Directory Mounting Issue in containers/common Go Library (bsc#1231230) * CVE-2024-1753: Fixed full container escape at build time in buildah (bsc#1221677)

References

* bsc#1214612

* bsc#1215807

* bsc#1215926

* bsc#1217828

* bsc#1221677

* bsc#1231208

* bsc#1231230

* bsc#1231499

* bsc#1231698

* bsc#1236270

Cross-

* CVE-2024-11218

* CVE-2024-1753

* CVE-2024-9341

* CVE-2024-9407

* CVE-2024-9675

* CVE-2024-9676

CVSS scores:

* CVE-2024-11218 ( SUSE ): 8.7

CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

* CVE-2024-11218 ( SUSE ): 7.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

* CVE-2024-11218 ( NVD ): 8.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

* CVE-2024-1753 ( SUSE ): 8.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

* CVE-2024-1753 ( NVD ): 8.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

* CVE-2024-9341 ( SUSE ): 5.8

CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:A/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2025:0267-1
Release Date: 2025-01-28T11:25:31Z
Rating: important

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here