Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 569
Alerts This Week
Warning Icon 1 569

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 152 articles for you...
89

Fedora 41: FEDORA-2025-ce164bcfee critical: podman TLS verification

Automatic update for podman-5.5.2-1.fc41. security fix for CVE-2025-6032 Changelog for podman * Tue Jun 24 2025 Packit - 5:5.5.2-1 - Update to 5.5.2 upstream release. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-ce164bcfee 2025-06-28 01:45:12.871352+00:00 -------------------------------------------------------------------------------- Name : podman Product : Fedora 41 Version : 5.5.2 Release : 1.fc41 URL : https://podman.io/ Summary : Manage Pods, Containers and Container Images Description : podman (Pod Manager) is a fully featured container engine that is a simple daemonless tool. podman provides a Docker-CLI comparable command line that eases the transition from other container engines and allows the management of pods, containers and images. Simply put: alias docker=podman. Most podman commands can be run as a regular user, without requiring additional privileges. podman uses Buildah(1) internally to create container images. Both tools share image (not container) storage, hence each can use or manipulate images (but not containers) created by the other. -------------------------------------------------------------------------------- Update Information: Automatic update for podman-5.5.2-1.fc41. security fix for CVE-2025-6032 Changelog for podman * Tue Jun 24 2025 Packit - 5:5.5.2-1 - Update to 5.5.2 upstream release -------------------------------------------------------------------------------- ChangeLog: * Tue Jun 24 2025 Packit - 5:5.5.2-1 - Update to 5.5.2 upstream release -------------------------------------------------------------------------------- References: [ 1 ] Bug #2374581 - CVE-2025-6032 podman: podman missing TLS verification [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2374581 -------------------------------------------------------------------------------- This update can be installed with the "dnf" updateprogram. Use su -c 'dnf upgrade --advisory FEDORA-2025-ce164bcfee' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue . Essential security patch for podman version 5.5.2 in Fedora 41 mitigating CVE-2025-6032. Steps for updating are provided.. Fedora Podman Update, TLS Verification Fix, Podman Container Engine. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Jun 28, 2025 Critical Fedora
89

Fedora 42: FEDORA-2025-d6689393a3 critical: podman TLS verification

Automatic update for podman-5.5.2-1.fc42. security fix for CVE-2025-6032 Changelog for podman * Tue Jun 24 2025 Packit - 5:5.5.2-1 - Update to 5.5.2 upstream release. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-d6689393a3 2025-06-27 01:19:29.251112+00:00 -------------------------------------------------------------------------------- Name : podman Product : Fedora 42 Version : 5.5.2 Release : 1.fc42 URL : https://podman.io/ Summary : Manage Pods, Containers and Container Images Description : podman (Pod Manager) is a fully featured container engine that is a simple daemonless tool. podman provides a Docker-CLI comparable command line that eases the transition from other container engines and allows the management of pods, containers and images. Simply put: alias docker=podman. Most podman commands can be run as a regular user, without requiring additional privileges. podman uses Buildah(1) internally to create container images. Both tools share image (not container) storage, hence each can use or manipulate images (but not containers) created by the other. -------------------------------------------------------------------------------- Update Information: Automatic update for podman-5.5.2-1.fc42. security fix for CVE-2025-6032 Changelog for podman * Tue Jun 24 2025 Packit - 5:5.5.2-1 - Update to 5.5.2 upstream release -------------------------------------------------------------------------------- ChangeLog: * Tue Jun 24 2025 Packit - 5:5.5.2-1 - Update to 5.5.2 upstream release -------------------------------------------------------------------------------- References: [ 1 ] Bug #2374581 - CVE-2025-6032 podman: podman missing TLS verification [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2374581 -------------------------------------------------------------------------------- This update can be installed with the "dnf" updateprogram. Use su -c 'dnf upgrade --advisory FEDORA-2025-d6689393a3' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue . Urgent security patch available for podman on Fedora 42 addressing TLS inspection vulnerability. Prompt installation is advised.. podman update, Fedora 42 advisory, security fix, container engine, TLS verification. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Jun 27, 2025 Critical Fedora
217

Oracle Linux 9 ELSA-2025-9144 moderate: podman update for containers

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2025-9144 http://linux.oracle.com/errata/ELSA-2025-9144.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: podman-5.4.0-10.0.1.el9_6.x86_64.rpm podman-docker-5.4.0-10.0.1.el9_6.noarch.rpm podman-plugins-5.4.0-10.0.1.el9_6.x86_64.rpm podman-remote-5.4.0-10.0.1.el9_6.x86_64.rpm podman-tests-5.4.0-10.0.1.el9_6.x86_64.rpm aarch64: podman-5.4.0-10.0.1.el9_6.aarch64.rpm podman-docker-5.4.0-10.0.1.el9_6.noarch.rpm podman-plugins-5.4.0-10.0.1.el9_6.aarch64.rpm podman-remote-5.4.0-10.0.1.el9_6.aarch64.rpm podman-tests-5.4.0-10.0.1.el9_6.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//podman-5.4.0-10.0.1.el9_6.src.rpm Related CVEs: CVE-2025-22871 Description of changes: [5.4.0-10.0.1] - Add devices on container startup, not on creation - overlay: Put should ignore ENINVAL for Unmount [Orabug: 36234694] - Drop nmap-ncat requirement and skip ignore-socket test case [Orabug: 34117404] [5:5.4.0-10] - rebuild to fix CVE-2025-22871 podman: Request smuggling due to acceptance of invalid chunked data in net/http - Resolves: RHEL-90055 _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Oracle Linux 9 podman enhancement tackles a significant security vulnerability with essential patches. Maintain your safety!. Oracle Linux, podman, security advisory, updates, container issues. . LinuxSecurity.com Team

Calendar%202 Jun 18, 2025 Oracle
100

SUSE Linux Micro 6.0: 2025:20013-1 moderate: podman dependency issue

* bsc#1227052 Cross-References: * CVE-2024-1753 * CVE-2024-24786 . # Security update for podman Announcement ID: SUSE-SU-2025:20013-1 Release Date: 2025-02-03T08:48:39Z Rating: moderate References: * bsc#1227052 Cross-References: * CVE-2024-1753 * CVE-2024-24786 * CVE-2024-3727 * CVE-2024-6104 CVSS scores: * CVE-2024-1753 ( SUSE ): 8.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H * CVE-2024-1753 ( NVD ): 8.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H * CVE-2024-24786 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-24786 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-3727 ( SUSE ): 8.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H * CVE-2024-3727 ( NVD ): 8.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H * CVE-2024-6104 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N * CVE-2024-6104 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Micro 6.0 An update that solves four vulnerabilities can now be installed. ## Description: This update for podman fixes the following issues: * CVE-2024-6104: Fixed dependency issue with go-retryablehttp: url might write sensitive information to log file (bsc#1227052). * Update to version 4.9.5: * Bump to v4.9.5 * Update release notes for v4.9.5 * fix "concurrent map writes" in network ls compat endpoint * [v4.9] Fix for CVE-2024-3727 * Disable failing bud test * CI Maintenance: Disable machine tests * [CI:DOCS] Allow downgrade of WiX * [CI:DOCS] Force WiX 3.11 * [CI:DOCS] Fix windows installer action * Bump to v4.9.5-dev * Bump to v4.9.4 * Update release notes for v4.9.4 * [v4.9] Bump Buildah to v1.33.7, CVE-2024-1753, CVE-2024-24786 * Add farm command to commands list * Bump to FreeBSD 13.3 (13.2 vanished) * Update health-start-periods docs * Don't update health check status during initialDelaySeconds * image scp: don't require port for ssh URL * Ignore docker's end pointconfig when the final network mode isn't bridge. * Fix running container from docker client with rootful in rootless podman. * [skip-ci] Packit: remove koji and bodhi tasks for v4.9 * Bump to v4.9.4-dev * Remove gitleaks scanning ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-46=1 ## Package List: * SUSE Linux Micro 6.0 (aarch64 s390x x86_64) * podman-debuginfo-4.9.5-1.1 * podman-remote-4.9.5-1.1 * podman-remote-debuginfo-4.9.5-1.1 * podman-4.9.5-1.1 * SUSE Linux Micro 6.0 (noarch) * podman-docker-4.9.5-1.1 ## References: * https://www.suse.com/security/cve/CVE-2024-1753.html * https://www.suse.com/security/cve/CVE-2024-24786.html * https://www.suse.com/security/cve/CVE-2024-3727.html * https://www.suse.com/security/cve/CVE-2024-6104.html * https://bugzilla.suse.com/show_bug.cgi?id=1227052 . Podman receives a notable security enhancement addressing four vulnerabilities, one of which pertains to the exposure of confidential log data.. Podman Security Update, SUSE Linux Update, Dependency Issue. . LinuxSecurity.com Team

Calendar%202 Jun 04, 2025 SuSE
100

SUSE Linux Micro 6.0: 2025:20013-1 moderate: podman security fixes

* bsc#1227052 Cross-References: * CVE-2024-1753 * CVE-2024-24786 . # Security update for podman Announcement ID: SUSE-SU-2025:20013-1 Release Date: 2025-02-03T08:48:39Z Rating: moderate References: * bsc#1227052 Cross-References: * CVE-2024-1753 * CVE-2024-24786 * CVE-2024-3727 * CVE-2024-6104 CVSS scores: * CVE-2024-1753 ( SUSE ): 8.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H * CVE-2024-1753 ( NVD ): 8.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H * CVE-2024-24786 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-24786 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-3727 ( SUSE ): 8.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H * CVE-2024-3727 ( NVD ): 8.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H * CVE-2024-6104 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N * CVE-2024-6104 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Micro 6.0 An update that solves four vulnerabilities can now be installed. ## Description: This update for podman fixes the following issues: * CVE-2024-6104: Fixed dependency issue with go-retryablehttp: url might write sensitive information to log file (bsc#1227052). * Update to version 4.9.5: * Bump to v4.9.5 * Update release notes for v4.9.5 * fix "concurrent map writes" in network ls compat endpoint * [v4.9] Fix for CVE-2024-3727 * Disable failing bud test * CI Maintenance: Disable machine tests * [CI:DOCS] Allow downgrade of WiX * [CI:DOCS] Force WiX 3.11 * [CI:DOCS] Fix windows installer action * Bump to v4.9.5-dev * Bump to v4.9.4 * Update release notes for v4.9.4 * [v4.9] Bump Buildah to v1.33.7, CVE-2024-1753, CVE-2024-24786 * Add farm command to commands list * Bump to FreeBSD 13.3 (13.2 vanished) * Update health-start-periods docs * Don't update health check status during initialDelaySeconds * image scp: don't require port for ssh URL * Ignore docker's end pointconfig when the final network mode isn't bridge. * Fix running container from docker client with rootful in rootless podman. * [skip-ci] Packit: remove koji and bodhi tasks for v4.9 * Bump to v4.9.4-dev * Remove gitleaks scanning ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-46=1 ## Package List: * SUSE Linux Micro 6.0 (aarch64 s390x x86_64) * podman-debuginfo-4.9.5-1.1 * podman-remote-debuginfo-4.9.5-1.1 * podman-remote-4.9.5-1.1 * podman-4.9.5-1.1 * SUSE Linux Micro 6.0 (noarch) * podman-docker-4.9.5-1.1 ## References: * https://www.suse.com/security/cve/CVE-2024-1753.html * https://www.suse.com/security/cve/CVE-2024-24786.html * https://www.suse.com/security/cve/CVE-2024-3727.html * https://www.suse.com/security/cve/CVE-2024-6104.html * https://bugzilla.suse.com/show_bug.cgi?id=1227052 . Important security patch for Podman resolves several weaknesses in SUSE Linux Micro 6.0. Ensure your system is updated immediately!. SUSE Linux, podman update, security patch, CVE risks, moderate severity. . LinuxSecurity.com Team

Calendar%202 Jun 04, 2025 SuSE
100

SUSE Linux Micro: 2025:20080-1 moderate: podman multiple fixes

* bsc#1231208 * bsc#1231230 * bsc#1231499 * bsc#1231698 . # Security update for podman Announcement ID: SUSE-SU-2025:20080-1 Release Date: 2025-02-03T09:06:01Z Rating: moderate References: * bsc#1231208 * bsc#1231230 * bsc#1231499 * bsc#1231698 Cross-References: * CVE-2024-6104 * CVE-2024-9341 * CVE-2024-9407 * CVE-2024-9675 * CVE-2024-9676 CVSS scores: * CVE-2024-6104 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N * CVE-2024-6104 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-9341 ( SUSE ): 5.8 CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:A/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-9341 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:N * CVE-2024-9341 ( NVD ): 5.4 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:N * CVE-2024-9341 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N * CVE-2024-9407 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-9407 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:N * CVE-2024-9407 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:L/A:N * CVE-2024-9675 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N * CVE-2024-9675 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2024-9675 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-9676 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-9676 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-9676 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-9676 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves five vulnerabilities can now be installed. ## Description: This update for podman fixes the following issues: * CVE-2024-9676: Fixed a denial of service via a symlink traversal in the containers/storage library (bsc#1231698) *CVE-2024-9341: Fixed FIPS Crypto-Policy Directory Mounting Issue in containers/common Go Library (bsc#1231230) * CVE-2024-9675: Fixed caching of arbitrary directory mount (bsc#1231499) * CVE-2024-9407: Fixed improper input validation in bind-propagation option of Dockerfile RUN --mount instruction (bsc#1231208) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-95=1 ## Package List: * SUSE Linux Micro 6.0 (aarch64 s390x x86_64) * podman-4.9.5-2.1 * podman-debuginfo-4.9.5-2.1 * podman-remote-debuginfo-4.9.5-2.1 * podman-remote-4.9.5-2.1 * SUSE Linux Micro 6.0 (noarch) * podman-docker-4.9.5-2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-6104.html * https://www.suse.com/security/cve/CVE-2024-9341.html * https://www.suse.com/security/cve/CVE-2024-9407.html * https://www.suse.com/security/cve/CVE-2024-9675.html * https://www.suse.com/security/cve/CVE-2024-9676.html * https://bugzilla.suse.com/show_bug.cgi?id=1231208 * https://bugzilla.suse.com/show_bug.cgi?id=1231230 * https://bugzilla.suse.com/show_bug.cgi?id=1231499 * https://bugzilla.suse.com/show_bug.cgi?id=1231698 . Significant podman upgrade for SUSE Linux Micro 6.0 tackles multiple concerns including service disruption and input sanitation vulnerabilities. podman security advisory, SUSE Linux update, denial of service patch, Linux container security, input validation issues. . LinuxSecurity.com Team

Calendar%202 Jun 04, 2025 SuSE
100

SUSE Linux Micro: 2025:20143-1 important: podman security fixes

* bsc#1227052 * bsc#1236270 * bsc#1236507 * bsc#1237641 . # Security update for podman Announcement ID: SUSE-SU-2025:20143-1 Release Date: 2025-03-12T10:32:11Z Rating: important References: * bsc#1227052 * bsc#1236270 * bsc#1236507 * bsc#1237641 Cross-References: * CVE-2023-45288 * CVE-2024-11218 * CVE-2024-6104 * CVE-2024-9407 * CVE-2025-27144 CVSS scores: * CVE-2023-45288 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2023-45288 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-11218 ( SUSE ): 8.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2024-11218 ( SUSE ): 7.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H * CVE-2024-11218 ( NVD ): 8.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H * CVE-2024-6104 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N * CVE-2024-6104 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-9407 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-9407 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:N * CVE-2024-9407 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:L/A:N * CVE-2025-27144 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-27144 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-27144 ( NVD ): 6.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * SUSE Linux Micro 6.0 An update that solves five vulnerabilities can now be installed. ## Description: This update for podman fixes the following issues: * CVE-2025-27144: Fixed gopkg.in/square/go-jose.v2,gopkg.in/go-jose/go- jose.v2,github.com/go-jose/go-jose/v4,github.com/go-jose/go-jose/v3: Go JOSE's Parsing Vulnerable to Denial of Service(bsc#1237641): * CVE-2024-11218: Fixed github.com/containers/buildah: Container breakout by using --jobs=2 and a race condition when building a malicious Containerfile (bsc#1236270): * CVE-2023-45288: Fixed golang.org/x/net/http2: close connections when receiving too many headers (bsc#1236507): * CVE-2024-6104: Fixed hashicorp/go-retryablehttp: url might write sensitive information to log file (bsc#1227052): ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-238=1 ## Package List: * SUSE Linux Micro 6.0 (aarch64 s390x x86_64) * podman-remote-debuginfo-4.9.5-3.1 * podman-4.9.5-3.1 * podman-remote-4.9.5-3.1 * podman-debuginfo-4.9.5-3.1 * SUSE Linux Micro 6.0 (noarch) * podman-docker-4.9.5-3.1 ## References: * https://www.suse.com/security/cve/CVE-2023-45288.html * https://www.suse.com/security/cve/CVE-2024-11218.html * https://www.suse.com/security/cve/CVE-2024-6104.html * https://www.suse.com/security/cve/CVE-2024-9407.html * https://www.suse.com/security/cve/CVE-2025-27144.html * https://bugzilla.suse.com/show_bug.cgi?id=1227052 * https://bugzilla.suse.com/show_bug.cgi?id=1236270 * https://bugzilla.suse.com/show_bug.cgi?id=1236507 * https://bugzilla.suse.com/show_bug.cgi?id=1237641 . An essential notice for SUSE Linux Micro concerning various security updates for podman has been issued, particularly highlighting vulnerabilities related to Denial of Service attacks.. SUSE Linux, Podman Update, Security Fixes. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 04, 2025 Important SuSE
100

SUSE: 2025:20080-1 moderate security update for podman software

* bsc#1231208 * bsc#1231230 * bsc#1231499 * bsc#1231698 . # Security update for podman Announcement ID: SUSE-SU-2025:20080-1 Release Date: 2025-02-03T09:06:01Z Rating: moderate References: * bsc#1231208 * bsc#1231230 * bsc#1231499 * bsc#1231698 Cross-References: * CVE-2024-6104 * CVE-2024-9341 * CVE-2024-9407 * CVE-2024-9675 * CVE-2024-9676 CVSS scores: * CVE-2024-6104 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N * CVE-2024-6104 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-9341 ( SUSE ): 5.8 CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:A/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-9341 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:N * CVE-2024-9341 ( NVD ): 5.4 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:N * CVE-2024-9341 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N * CVE-2024-9407 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-9407 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:N * CVE-2024-9407 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:L/A:N * CVE-2024-9675 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N * CVE-2024-9675 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2024-9675 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-9676 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-9676 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-9676 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-9676 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves five vulnerabilities can now be installed. ## Description: This update for podman fixes the following issues: * CVE-2024-9676: Fixed a denial of service via a symlink traversal in the containers/storage library (bsc#1231698) *CVE-2024-9341: Fixed FIPS Crypto-Policy Directory Mounting Issue in containers/common Go Library (bsc#1231230) * CVE-2024-9675: Fixed caching of arbitrary directory mount (bsc#1231499) * CVE-2024-9407: Fixed improper input validation in bind-propagation option of Dockerfile RUN --mount instruction (bsc#1231208) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-95=1 ## Package List: * SUSE Linux Micro 6.0 (aarch64 s390x x86_64) * podman-remote-4.9.5-2.1 * podman-4.9.5-2.1 * podman-debuginfo-4.9.5-2.1 * podman-remote-debuginfo-4.9.5-2.1 * SUSE Linux Micro 6.0 (noarch) * podman-docker-4.9.5-2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-6104.html * https://www.suse.com/security/cve/CVE-2024-9341.html * https://www.suse.com/security/cve/CVE-2024-9407.html * https://www.suse.com/security/cve/CVE-2024-9675.html * https://www.suse.com/security/cve/CVE-2024-9676.html * https://bugzilla.suse.com/show_bug.cgi?id=1231208 * https://bugzilla.suse.com/show_bug.cgi?id=1231230 * https://bugzilla.suse.com/show_bug.cgi?id=1231499 * https://bugzilla.suse.com/show_bug.cgi?id=1231698 . This notice provides details regarding a patch for the SUSE podman application, underscoring vulnerabilities of moderate severity and their respective resolutions.. SUSE Podman Update, Security Fixes, Denial of Service, FIPS Compliance. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 04, 2025 Important SuSE
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200