Alerts This Week
Warning Icon 1 640
Alerts This Week
Warning Icon 1 640

SUSE Linux Micro 6.0: 2025:20107-1 important: buildkit vulnerabilities

suse
Calendar Grey June 4, 2025
Dist Suse Esm H88
SUSE's latest release tackles vital concerns related to buildkit, enhancing both security and overall robustness.
* bsc#1219267 * bsc#1219268 * bsc#1219438 Cross-References:

Summary

## This update for buildkit fixes the following issues: * Update to version 0.12.5: * update runc to v1.1.12 * exec: add extra validation for submount sources (fixes CVE-2024-23651, bsc#1219267) * oci: fix error handling on submount calls * executor: recheck mount stub path within root after container run (fixes CVE-2024-23652, bsc#1219268) * llbsolver: make sure interactive container API validates entitlements (fixes CVE-2024-23653, bsc#1219438) * gateway: pass executor with build and not access worker directly * pb: add extra validation to protobuf types * sourcepolicy: add validations for nil values * exporter: add validation for platforms key value * exporter: add validation for invalid platorm * exporter: validate null config metadata from gateway * ci: disable push if not upstream repo

References

* bsc#1219267

* bsc#1219268

* bsc#1219438

Cross-

* CVE-2024-23651

* CVE-2024-23652

* CVE-2024-23653

CVSS scores:

* CVE-2024-23651 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

* CVE-2024-23651 ( NVD ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

* CVE-2024-23652 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H

* CVE-2024-23652 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

* CVE-2024-23653 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

* CVE-2024-23653 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Products:

* SUSE Linux Micro 6.0

An update that solves three vulnerabilities can now be installed.

##

* https://www.suse.com/security/cve/CVE-2024-23651.html

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2025:20107-1
Release Date: 2025-02-03T09:18:58Z
Rating: important

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here