Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2019-5736 (GCVE-0-2019-5736)
Vulnerability from cvelistv5 – Published: 2019-02-11 00:00 – Updated: 2024-08-04 20:01
VLAI
EPSS
Summary
runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers: (1) a new container with an attacker-controlled image, or (2) an existing container, to which the attacker previously had write access, that can be attached with docker exec. This occurs because of file-descriptor mishandling, related to /proc/self/exe.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
66 references
Date Public
2019-02-11 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T20:01:52.208Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/opencontainers/runc/commit/6635b4f0c6af3810594d2770f662f34ddc15b40d"
},
{
"name": "RHSA-2019:0408",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:0408"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/rancher/runc-cve"
},
{
"name": "RHSA-2019:0401",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:0401"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/docker/docker-ce/releases/tag/v18.09.2"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_19_06"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20190307-0008/"
},
{
"name": "RHSA-2019:0303",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:0303"
},
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190215-runc"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/q3k/cve-2019-5736-poc"
},
{
"name": "46359",
"tags": [
"exploit",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/46359/"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/opencontainers/runc/commit/0a8e4117e7f715d5fbeef398405813ce8e88558b"
},
{
"tags": [
"x_transferred"
],
"url": "https://aws.amazon.com/security/security-bulletins/AWS-2019-002/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2019/02/11/2"
},
{
"tags": [
"x_transferred"
],
"url": "https://kubernetes.io/blog/2019/02/11/runc-and-cve-2019-5736/"
},
{
"tags": [
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/cve-2019-5736"
},
{
"name": "46369",
"tags": [
"exploit",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/46369/"
},
{
"name": "RHSA-2019:0304",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:0304"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/Frichetten/CVE-2019-5736-PoC"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03913en_us"
},
{
"tags": [
"x_transferred"
],
"url": "https://brauner.github.io/2019/02/12/privileged-containers.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.twistlock.com/2019/02/11/how-to-mitigate-cve-2019-5736-in-runc-and-docker/"
},
{
"tags": [
"x_transferred"
],
"url": "https://cloud.google.com/kubernetes-engine/docs/security-bulletins#february-11-2019-runc"
},
{
"name": "106976",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/106976"
},
{
"tags": [
"x_transferred"
],
"url": "https://access.redhat.com/security/vulnerabilities/runcescape"
},
{
"tags": [
"x_transferred"
],
"url": "https://blog.dragonsector.pl/2019/02/cve-2019-5736-escape-from-docker-and.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1121967"
},
{
"name": "[mesos-dev] 20190323 CVE-2019-0204: Some Mesos components can be overwritten making arbitrary code execution possible.",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/b162dd624dc088cd634292f0402282a1d1d0ce853baeae8205bc033c%40%3Cdev.mesos.apache.org%3E"
},
{
"name": "[mesos-user] 20190323 CVE-2019-0204: Some Mesos components can be overwritten making arbitrary code execution possible.",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/a258757af84c5074dc7bf932622020fd4f60cef65a84290380386706%40%3Cuser.mesos.apache.org%3E"
},
{
"name": "[oss-security] 20190323 CVE-2019-0204: Some Mesos components can be overwritten making arbitrary code execution possible.",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2019/03/23/1"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.mesosphere.com/s/article/Known-Issue-Container-Runtime-Vulnerability-MSPH-2019-0003"
},
{
"name": "openSUSE-SU-2019:1079",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00044.html"
},
{
"name": "openSUSE-SU-2019:1227",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00074.html"
},
{
"name": "openSUSE-SU-2019:1275",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00091.html"
},
{
"name": "FEDORA-2019-bc70b381ad",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V6A4OSFM5GGOWW4ECELV5OHX2XRAUSPH/"
},
{
"name": "FEDORA-2019-6174b47003",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SWFJGIPYAAAMVSWWI3QWYXGA3ZBU2H4W/"
},
{
"tags": [
"x_transferred"
],
"url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03410944"
},
{
"name": "RHSA-2019:0975",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:0975"
},
{
"tags": [
"x_transferred"
],
"url": "https://azure.microsoft.com/en-us/updates/cve-2019-5736-and-runc-vulnerability/"
},
{
"tags": [
"x_transferred"
],
"url": "https://azure.microsoft.com/en-us/updates/iot-edge-fix-cve-2019-5736/"
},
{
"name": "[dlab-dev] 20190524 [jira] [Created] (DLAB-723) Runc vulnerability CVE-2019-5736",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/acacf018c12636e41667e94ac0a1e9244e887eef2debdd474640aa6e%40%3Cdev.dlab.apache.org%3E"
},
{
"name": "[dlab-dev] 20190524 [jira] [Updated] (DLAB-723) Runc vulnerability CVE-2019-5736",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/a585f64d14c31ab393b90c5f17e41d9765a1a17eec63856ce750af46%40%3Cdev.dlab.apache.org%3E"
},
{
"name": "openSUSE-SU-2019:1444",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00060.html"
},
{
"name": "openSUSE-SU-2019:1481",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00073.html"
},
{
"name": "openSUSE-SU-2019:1499",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00011.html"
},
{
"name": "openSUSE-SU-2019:1506",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00015.html"
},
{
"name": "[oss-security] 20190628 Re: linux-distros membership application - Microsoft",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2019/06/28/2"
},
{
"name": "[oss-security] 20190706 Re: linux-distros membership application - Microsoft",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2019/07/06/3"
},
{
"name": "[oss-security] 20190706 Re: linux-distros membership application - Microsoft",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2019/07/06/4"
},
{
"name": "USN-4048-1",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4048-1/"
},
{
"name": "openSUSE-SU-2019:2021",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00084.html"
},
{
"name": "FEDORA-2019-2baa1f7b19",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EGZKRCKI3Y7FMADO2MENMT4TU24QGHFR/"
},
{
"name": "FEDORA-2019-c1dac1b3b8",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DLC52IOJN6IQJWJ6CUI6AIUP6GVVG2QP/"
},
{
"name": "[dlab-dev] 20190923 [jira] [Assigned] (DLAB-723) Runc vulnerability CVE-2019-5736",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/24e54e3c6b2259e3903b6b8fe26896ac649c481ea99c5739468c92a3%40%3Cdev.dlab.apache.org%3E"
},
{
"name": "openSUSE-SU-2019:2245",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00007.html"
},
{
"name": "openSUSE-SU-2019:2286",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00029.html"
},
{
"name": "[oss-security] 20191023 Membership application for linux-distros - VMware",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2019/10/24/1"
},
{
"name": "[oss-security] 20191029 Re: Membership application for linux-distros - VMware",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2019/10/29/3"
},
{
"name": "GLSA-202003-21",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202003-21"
},
{
"name": "[dlab-dev] 20200525 [jira] [Deleted] (DLAB-723) Runc vulnerability CVE-2019-5736",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rc494623986d76593873ce5a40dd69cb3629400d10750d5d7e96b8587%40%3Cdev.dlab.apache.org%3E"
},
{
"name": "[geode-issues] 20200831 [jira] [Created] (GEODE-8471) Dependency security issues in geode-core-1.12",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2%40%3Cissues.geode.apache.org%3E"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/163339/Docker-Container-Escape.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/165197/Docker-runc-Command-Execution-Proof-Of-Concept.html"
},
{
"name": "[oss-security] 20240201 runc: CVE-2024-21626: high severity container breakout attack",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/01/31/6"
},
{
"name": "[oss-security] 20240201 Re: runc: CVE-2024-21626: high severity container breakout attack",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/02/01/1"
},
{
"name": "[oss-security] 20240202 Re: Re: runc: CVE-2024-21626: high severity container breakout attack",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/02/02/3"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2019-02-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers: (1) a new container with an attacker-controlled image, or (2) an existing container, to which the attacker previously had write access, that can be attached with docker exec. This occurs because of file-descriptor mishandling, related to /proc/self/exe."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-02T12:06:25.591Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/opencontainers/runc/commit/6635b4f0c6af3810594d2770f662f34ddc15b40d"
},
{
"name": "RHSA-2019:0408",
"tags": [
"vendor-advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:0408"
},
{
"url": "https://github.com/rancher/runc-cve"
},
{
"name": "RHSA-2019:0401",
"tags": [
"vendor-advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:0401"
},
{
"url": "https://github.com/docker/docker-ce/releases/tag/v18.09.2"
},
{
"url": "https://www.synology.com/security/advisory/Synology_SA_19_06"
},
{
"url": "https://security.netapp.com/advisory/ntap-20190307-0008/"
},
{
"name": "RHSA-2019:0303",
"tags": [
"vendor-advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:0303"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190215-runc"
},
{
"url": "https://github.com/q3k/cve-2019-5736-poc"
},
{
"name": "46359",
"tags": [
"exploit"
],
"url": "https://www.exploit-db.com/exploits/46359/"
},
{
"url": "https://github.com/opencontainers/runc/commit/0a8e4117e7f715d5fbeef398405813ce8e88558b"
},
{
"url": "https://aws.amazon.com/security/security-bulletins/AWS-2019-002/"
},
{
"url": "https://www.openwall.com/lists/oss-security/2019/02/11/2"
},
{
"url": "https://kubernetes.io/blog/2019/02/11/runc-and-cve-2019-5736/"
},
{
"url": "https://access.redhat.com/security/cve/cve-2019-5736"
},
{
"name": "46369",
"tags": [
"exploit"
],
"url": "https://www.exploit-db.com/exploits/46369/"
},
{
"name": "RHSA-2019:0304",
"tags": [
"vendor-advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:0304"
},
{
"url": "https://github.com/Frichetten/CVE-2019-5736-PoC"
},
{
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03913en_us"
},
{
"url": "https://brauner.github.io/2019/02/12/privileged-containers.html"
},
{
"url": "https://www.twistlock.com/2019/02/11/how-to-mitigate-cve-2019-5736-in-runc-and-docker/"
},
{
"url": "https://cloud.google.com/kubernetes-engine/docs/security-bulletins#february-11-2019-runc"
},
{
"name": "106976",
"tags": [
"vdb-entry"
],
"url": "http://www.securityfocus.com/bid/106976"
},
{
"url": "https://access.redhat.com/security/vulnerabilities/runcescape"
},
{
"url": "https://blog.dragonsector.pl/2019/02/cve-2019-5736-escape-from-docker-and.html"
},
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1121967"
},
{
"name": "[mesos-dev] 20190323 CVE-2019-0204: Some Mesos components can be overwritten making arbitrary code execution possible.",
"tags": [
"mailing-list"
],
"url": "https://lists.apache.org/thread.html/b162dd624dc088cd634292f0402282a1d1d0ce853baeae8205bc033c%40%3Cdev.mesos.apache.org%3E"
},
{
"name": "[mesos-user] 20190323 CVE-2019-0204: Some Mesos components can be overwritten making arbitrary code execution possible.",
"tags": [
"mailing-list"
],
"url": "https://lists.apache.org/thread.html/a258757af84c5074dc7bf932622020fd4f60cef65a84290380386706%40%3Cuser.mesos.apache.org%3E"
},
{
"name": "[oss-security] 20190323 CVE-2019-0204: Some Mesos components can be overwritten making arbitrary code execution possible.",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2019/03/23/1"
},
{
"url": "https://support.mesosphere.com/s/article/Known-Issue-Container-Runtime-Vulnerability-MSPH-2019-0003"
},
{
"name": "openSUSE-SU-2019:1079",
"tags": [
"vendor-advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00044.html"
},
{
"name": "openSUSE-SU-2019:1227",
"tags": [
"vendor-advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00074.html"
},
{
"name": "openSUSE-SU-2019:1275",
"tags": [
"vendor-advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00091.html"
},
{
"name": "FEDORA-2019-bc70b381ad",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V6A4OSFM5GGOWW4ECELV5OHX2XRAUSPH/"
},
{
"name": "FEDORA-2019-6174b47003",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SWFJGIPYAAAMVSWWI3QWYXGA3ZBU2H4W/"
},
{
"url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03410944"
},
{
"name": "RHSA-2019:0975",
"tags": [
"vendor-advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:0975"
},
{
"url": "https://azure.microsoft.com/en-us/updates/cve-2019-5736-and-runc-vulnerability/"
},
{
"url": "https://azure.microsoft.com/en-us/updates/iot-edge-fix-cve-2019-5736/"
},
{
"name": "[dlab-dev] 20190524 [jira] [Created] (DLAB-723) Runc vulnerability CVE-2019-5736",
"tags": [
"mailing-list"
],
"url": "https://lists.apache.org/thread.html/acacf018c12636e41667e94ac0a1e9244e887eef2debdd474640aa6e%40%3Cdev.dlab.apache.org%3E"
},
{
"name": "[dlab-dev] 20190524 [jira] [Updated] (DLAB-723) Runc vulnerability CVE-2019-5736",
"tags": [
"mailing-list"
],
"url": "https://lists.apache.org/thread.html/a585f64d14c31ab393b90c5f17e41d9765a1a17eec63856ce750af46%40%3Cdev.dlab.apache.org%3E"
},
{
"name": "openSUSE-SU-2019:1444",
"tags": [
"vendor-advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00060.html"
},
{
"name": "openSUSE-SU-2019:1481",
"tags": [
"vendor-advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00073.html"
},
{
"name": "openSUSE-SU-2019:1499",
"tags": [
"vendor-advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00011.html"
},
{
"name": "openSUSE-SU-2019:1506",
"tags": [
"vendor-advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00015.html"
},
{
"name": "[oss-security] 20190628 Re: linux-distros membership application - Microsoft",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2019/06/28/2"
},
{
"name": "[oss-security] 20190706 Re: linux-distros membership application - Microsoft",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2019/07/06/3"
},
{
"name": "[oss-security] 20190706 Re: linux-distros membership application - Microsoft",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2019/07/06/4"
},
{
"name": "USN-4048-1",
"tags": [
"vendor-advisory"
],
"url": "https://usn.ubuntu.com/4048-1/"
},
{
"name": "openSUSE-SU-2019:2021",
"tags": [
"vendor-advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00084.html"
},
{
"name": "FEDORA-2019-2baa1f7b19",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EGZKRCKI3Y7FMADO2MENMT4TU24QGHFR/"
},
{
"name": "FEDORA-2019-c1dac1b3b8",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DLC52IOJN6IQJWJ6CUI6AIUP6GVVG2QP/"
},
{
"name": "[dlab-dev] 20190923 [jira] [Assigned] (DLAB-723) Runc vulnerability CVE-2019-5736",
"tags": [
"mailing-list"
],
"url": "https://lists.apache.org/thread.html/24e54e3c6b2259e3903b6b8fe26896ac649c481ea99c5739468c92a3%40%3Cdev.dlab.apache.org%3E"
},
{
"name": "openSUSE-SU-2019:2245",
"tags": [
"vendor-advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00007.html"
},
{
"name": "openSUSE-SU-2019:2286",
"tags": [
"vendor-advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00029.html"
},
{
"name": "[oss-security] 20191023 Membership application for linux-distros - VMware",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2019/10/24/1"
},
{
"name": "[oss-security] 20191029 Re: Membership application for linux-distros - VMware",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2019/10/29/3"
},
{
"name": "GLSA-202003-21",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202003-21"
},
{
"name": "[dlab-dev] 20200525 [jira] [Deleted] (DLAB-723) Runc vulnerability CVE-2019-5736",
"tags": [
"mailing-list"
],
"url": "https://lists.apache.org/thread.html/rc494623986d76593873ce5a40dd69cb3629400d10750d5d7e96b8587%40%3Cdev.dlab.apache.org%3E"
},
{
"name": "[geode-issues] 20200831 [jira] [Created] (GEODE-8471) Dependency security issues in geode-core-1.12",
"tags": [
"mailing-list"
],
"url": "https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2%40%3Cissues.geode.apache.org%3E"
},
{
"url": "http://packetstormsecurity.com/files/163339/Docker-Container-Escape.html"
},
{
"url": "http://packetstormsecurity.com/files/165197/Docker-runc-Command-Execution-Proof-Of-Concept.html"
},
{
"name": "[oss-security] 20240201 runc: CVE-2024-21626: high severity container breakout attack",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2024/01/31/6"
},
{
"name": "[oss-security] 20240201 Re: runc: CVE-2024-21626: high severity container breakout attack",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2024/02/01/1"
},
{
"name": "[oss-security] 20240202 Re: Re: runc: CVE-2024-21626: high severity container breakout attack",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2024/02/02/3"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-5736",
"datePublished": "2019-02-11T00:00:00.000Z",
"dateReserved": "2019-01-08T00:00:00.000Z",
"dateUpdated": "2024-08-04T20:01:52.208Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2019-5736",
"date": "2026-05-30",
"epss": "0.59178",
"percentile": "0.98267"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2019-5736\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2019-02-11T19:29:00.297\",\"lastModified\":\"2024-11-21T04:45:24.603\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers: (1) a new container with an attacker-controlled image, or (2) an existing container, to which the attacker previously had write access, that can be attached with docker exec. This occurs because of file-descriptor mishandling, related to /proc/self/exe.\"},{\"lang\":\"es\",\"value\":\"runc, hasta la versi\u00f3n 1.0-rc6, tal y como se emplea en Docker, en versiones anteriores a la 18.09.2 y otros productos, permite que los atacantes sobrescriban el binario del host runc (y, as\u00ed, obtengan acceso root al host) aprovechando la capacidad para ejecutar un comando como root con uno de estos tipos de contenedores: (1) un nuevo contenedor con una imagen controlada por el atacante o (2) un contenedor existente, para el cual el atacante contaba previamente con acceso de escritura, que puede adjuntarse con docker exec. Esto ocurre debido a la gesti\u00f3n incorrecta del descriptor de archivos; esto est\u00e1 relacionado con /proc/self/exe.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\",\"baseScore\":8.6,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":6.0}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:C/I:C/A:C\",\"baseScore\":9.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.6,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-78\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"18.09.2\",\"matchCriteriaId\":\"A367C4FA-18DF-402F-B120-254B35F73BD1\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:linuxfoundation:runc:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"0.1.1\",\"matchCriteriaId\":\"D522E8C1-E7F0-4A3D-AF68-6D962944A0E5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:linuxfoundation:runc:1.0.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"949172CC-EBB5-47F6-B987-207C802EED0F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:linuxfoundation:runc:1.0.0:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"F6D87B50-2849-4F4D-A0F9-4F7EBA3C2647\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:linuxfoundation:runc:1.0.0:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"3E580E25-F94C-4DA4-8718-15D5F1C3ADAF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:linuxfoundation:runc:1.0.0:rc4:*:*:*:*:*:*\",\"matchCriteriaId\":\"FD565CE0-D9E9-4FD9-8998-8AC55030FAB7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:linuxfoundation:runc:1.0.0:rc5:*:*:*:*:*:*\",\"matchCriteriaId\":\"093326B1-448C-4E3B-886D-CAC8B6813BFF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:linuxfoundation:runc:1.0.0:rc6:*:*:*:*:*:*\",\"matchCriteriaId\":\"F672C421-789D-4F21-B483-DA3EB251BA1D\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:container_development_kit:3.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"48FAFDE5-1E73-4874-8F2E-3C74B1955096\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift:3.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"785C0A0D-5FF3-43D5-B89F-DCB2D6FDE310\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift:3.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E9955945-7509-4542-BF83-B7BA0B4D8D05\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift:3.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A52F7AE1-754D-4EE1-8EC1-7765292B4C2D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift:3.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"55349BC5-90EC-4954-8CEB-3C37D34742C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4CFF558-3C47-480D-A2F0-BABF26042943\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"51EF4996-72F4-4FA4-814F-F5991E7A8318\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:google:kubernetes_engine:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C2EB454-D0C9-47FC-B727-1D61A8811967\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:linuxcontainers:lxc:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.2.0\",\"matchCriteriaId\":\"1AF77BB2-6F7A-408A-9F54-60F1F53B3709\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hp:onesphere:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"41FF9E5A-7BD1-477E-9875-8525FD87B13F\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A3C19813-E823-456A-B1CE-EC0684CE1953\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A6E9EF0C-AFA8-4F7B-9FDC-1E0F7C26E737\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:mesos:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.4.0\",\"versionEndExcluding\":\"1.4.3\",\"matchCriteriaId\":\"CA0695E0-954A-4533-9D93-58257E9EA6D5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:mesos:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.5.0\",\"versionEndExcluding\":\"1.5.3\",\"matchCriteriaId\":\"B51B8DF0-FCE4-42A7-A582-0476226C6188\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:mesos:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.6.0\",\"versionEndExcluding\":\"1.6.2\",\"matchCriteriaId\":\"01878119-E05A-469B-B49D-5D19082CED28\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:mesos:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.7.0\",\"versionEndExcluding\":\"1.7.2\",\"matchCriteriaId\":\"1AB1BB7C-46A1-4676-9D15-D75EC1E4594C\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"D83DA865-E4A6-4FBF-AA1B-A969EBA6B2AD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"40513095-7E6E-46B3-B604-C926F1BA3568\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1E78106-58E6-4D59-990F-75DA575BFAD9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B620311B-34A3-48A6-82DF-6F078D7A4493\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:d2iq:kubernetes_engine:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.2.0-1.13.3\",\"matchCriteriaId\":\"632B24FA-F2D6-42B0-87C7-7F142E15EFC7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:d2iq:dc\\\\/os:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.10.10\",\"matchCriteriaId\":\"0AD20FA7-737F-47C0-B2AC-735438253AA9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:d2iq:dc\\\\/os:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.10.11\",\"versionEndExcluding\":\"1.11.9\",\"matchCriteriaId\":\"5E5AE03E-3AC4-4439-9D0D-45E097B2552C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:d2iq:dc\\\\/os:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.11.10\",\"versionEndExcluding\":\"1.12.1\",\"matchCriteriaId\":\"E2F3078E-08E0-4C76-A7A3-A93B953BEDD5\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D100F7CE-FC64-4CC6-852A-6136D72DA419\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"97A4B8DF-58DA-4AB6-A1F9-331B36409BA3\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07C312A0-CD2C-4B9C-B064-6409B25C278F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD783B0C-9246-47D9-A937-6144FE8BFF0F\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microfocus:service_management_automation:2018.02:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2DCFB2E7-D769-4365-9B99-952907563749\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microfocus:service_management_automation:2018.05:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3909E337-F1FC-45C8-A120-EEBDBFB0E4D0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microfocus:service_management_automation:2018.08:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"934D6CB3-E159-40F4-8E5B-CDDDD824CAA0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microfocus:service_management_automation:2018.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"82C0FD9D-6117-40DE-9386-7327867F9615\"}]}]}],\"references\":[{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00044.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00074.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00091.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00060.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00073.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00011.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00015.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00084.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00007.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00029.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://packetstormsecurity.com/files/163339/Docker-Container-Escape.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/165197/Docker-runc-Command-Execution-Proof-Of-Concept.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2019/03/23/1\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2019/06/28/2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2019/07/06/3\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2019/07/06/4\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2019/10/24/1\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2019/10/29/3\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/01/31/6\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/02/01/1\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/02/02/3\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/106976\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:0303\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:0304\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:0401\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:0408\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:0975\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/security/cve/cve-2019-5736\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/security/vulnerabilities/runcescape\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://aws.amazon.com/security/security-bulletins/AWS-2019-002/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://azure.microsoft.com/en-us/updates/cve-2019-5736-and-runc-vulnerability/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\",\"Vendor Advisory\"]},{\"url\":\"https://azure.microsoft.com/en-us/updates/iot-edge-fix-cve-2019-5736/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\",\"Vendor Advisory\"]},{\"url\":\"https://blog.dragonsector.pl/2019/02/cve-2019-5736-escape-from-docker-and.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Mitigation\",\"Third Party Advisory\"]},{\"url\":\"https://brauner.github.io/2019/02/12/privileged-containers.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Technical Description\",\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.suse.com/show_bug.cgi?id=1121967\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://cloud.google.com/kubernetes-engine/docs/security-bulletins#february-11-2019-runc\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/Frichetten/CVE-2019-5736-PoC\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/docker/docker-ce/releases/tag/v18.09.2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/opencontainers/runc/commit/0a8e4117e7f715d5fbeef398405813ce8e88558b\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/opencontainers/runc/commit/6635b4f0c6af3810594d2770f662f34ddc15b40d\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/q3k/cve-2019-5736-poc\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/rancher/runc-cve\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://kubernetes.io/blog/2019/02/11/runc-and-cve-2019-5736/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/24e54e3c6b2259e3903b6b8fe26896ac649c481ea99c5739468c92a3%40%3Cdev.dlab.apache.org%3E\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.apache.org/thread.html/a258757af84c5074dc7bf932622020fd4f60cef65a84290380386706%40%3Cuser.mesos.apache.org%3E\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.apache.org/thread.html/a585f64d14c31ab393b90c5f17e41d9765a1a17eec63856ce750af46%40%3Cdev.dlab.apache.org%3E\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.apache.org/thread.html/acacf018c12636e41667e94ac0a1e9244e887eef2debdd474640aa6e%40%3Cdev.dlab.apache.org%3E\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.apache.org/thread.html/b162dd624dc088cd634292f0402282a1d1d0ce853baeae8205bc033c%40%3Cdev.mesos.apache.org%3E\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.apache.org/thread.html/rc494623986d76593873ce5a40dd69cb3629400d10750d5d7e96b8587%40%3Cdev.dlab.apache.org%3E\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2%40%3Cissues.geode.apache.org%3E\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DLC52IOJN6IQJWJ6CUI6AIUP6GVVG2QP/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EGZKRCKI3Y7FMADO2MENMT4TU24QGHFR/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SWFJGIPYAAAMVSWWI3QWYXGA3ZBU2H4W/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V6A4OSFM5GGOWW4ECELV5OHX2XRAUSPH/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://security.gentoo.org/glsa/202003-21\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20190307-0008/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03410944\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03913en_us\",\"source\":\"cve@mitre.org\",\"tags\":[\"Permissions Required\"]},{\"url\":\"https://support.mesosphere.com/s/article/Known-Issue-Container-Runtime-Vulnerability-MSPH-2019-0003\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190215-runc\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/4048-1/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.exploit-db.com/exploits/46359/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://www.exploit-db.com/exploits/46369/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://www.openwall.com/lists/oss-security/2019/02/11/2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.synology.com/security/advisory/Synology_SA_19_06\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.twistlock.com/2019/02/11/how-to-mitigate-cve-2019-5736-in-runc-and-docker/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00044.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00074.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00091.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00060.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00073.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00011.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00015.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00084.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00007.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00029.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://packetstormsecurity.com/files/163339/Docker-Container-Escape.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/165197/Docker-runc-Command-Execution-Proof-Of-Concept.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2019/03/23/1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2019/06/28/2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2019/07/06/3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2019/07/06/4\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2019/10/24/1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2019/10/29/3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/01/31/6\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/02/01/1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/02/02/3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/106976\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:0303\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:0304\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:0401\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:0408\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:0975\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/security/cve/cve-2019-5736\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/security/vulnerabilities/runcescape\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://aws.amazon.com/security/security-bulletins/AWS-2019-002/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://azure.microsoft.com/en-us/updates/cve-2019-5736-and-runc-vulnerability/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\",\"Vendor Advisory\"]},{\"url\":\"https://azure.microsoft.com/en-us/updates/iot-edge-fix-cve-2019-5736/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\",\"Vendor Advisory\"]},{\"url\":\"https://blog.dragonsector.pl/2019/02/cve-2019-5736-escape-from-docker-and.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Mitigation\",\"Third Party Advisory\"]},{\"url\":\"https://brauner.github.io/2019/02/12/privileged-containers.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Technical Description\",\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.suse.com/show_bug.cgi?id=1121967\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://cloud.google.com/kubernetes-engine/docs/security-bulletins#february-11-2019-runc\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/Frichetten/CVE-2019-5736-PoC\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/docker/docker-ce/releases/tag/v18.09.2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/opencontainers/runc/commit/0a8e4117e7f715d5fbeef398405813ce8e88558b\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/opencontainers/runc/commit/6635b4f0c6af3810594d2770f662f34ddc15b40d\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/q3k/cve-2019-5736-poc\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/rancher/runc-cve\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://kubernetes.io/blog/2019/02/11/runc-and-cve-2019-5736/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/24e54e3c6b2259e3903b6b8fe26896ac649c481ea99c5739468c92a3%40%3Cdev.dlab.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/a258757af84c5074dc7bf932622020fd4f60cef65a84290380386706%40%3Cuser.mesos.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/a585f64d14c31ab393b90c5f17e41d9765a1a17eec63856ce750af46%40%3Cdev.dlab.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/acacf018c12636e41667e94ac0a1e9244e887eef2debdd474640aa6e%40%3Cdev.dlab.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/b162dd624dc088cd634292f0402282a1d1d0ce853baeae8205bc033c%40%3Cdev.mesos.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rc494623986d76593873ce5a40dd69cb3629400d10750d5d7e96b8587%40%3Cdev.dlab.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2%40%3Cissues.geode.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DLC52IOJN6IQJWJ6CUI6AIUP6GVVG2QP/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EGZKRCKI3Y7FMADO2MENMT4TU24QGHFR/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SWFJGIPYAAAMVSWWI3QWYXGA3ZBU2H4W/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V6A4OSFM5GGOWW4ECELV5OHX2XRAUSPH/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.gentoo.org/glsa/202003-21\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20190307-0008/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03410944\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03913en_us\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Permissions Required\"]},{\"url\":\"https://support.mesosphere.com/s/article/Known-Issue-Container-Runtime-Vulnerability-MSPH-2019-0003\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190215-runc\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/4048-1/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.exploit-db.com/exploits/46359/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://www.exploit-db.com/exploits/46369/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://www.openwall.com/lists/oss-security/2019/02/11/2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.synology.com/security/advisory/Synology_SA_19_06\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.twistlock.com/2019/02/11/how-to-mitigate-cve-2019-5736-in-runc-and-docker/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
}
}
SUSE-SU-2019:0385-1
Vulnerability from csaf_suse - Published: 2019-02-13 16:56 - Updated: 2019-02-13 16:56Summary
Security update for docker-runc
Severity
Important
Notes
Title of the patch: Security update for docker-runc
Description of the patch: This update for docker-runc fixes the following issues:
Security issue fixed:
- CVE-2019-5736: Effectively copying /proc/self/exe during re-exec to avoid
write attacks to the host runc binary, which could lead to a container
breakout (bsc#1121967)
Patchnames: SUSE-2019-385,SUSE-OpenStack-Cloud-6-LTSS-2019-385,SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2019-385,SUSE-SLE-Module-Containers-12-2019-385
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.5 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc5+gitr3562_69663f0bd4b6-1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc5+gitr3562_69663f0bd4b6-1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc5+gitr3562_69663f0bd4b6-1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 6-LTSS:docker-runc-1.0.0rc5+gitr3562_69663f0bd4b6-1.9.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
11 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for docker-runc",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for docker-runc fixes the following issues:\n\nSecurity issue fixed:\n\n- CVE-2019-5736: Effectively copying /proc/self/exe during re-exec to avoid\n write attacks to the host runc binary, which could lead to a container\n breakout (bsc#1121967)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2019-385,SUSE-OpenStack-Cloud-6-LTSS-2019-385,SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2019-385,SUSE-SLE-Module-Containers-12-2019-385",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2019_0385-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2019:0385-1",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20190385-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2019:0385-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2019-February/005114.html"
},
{
"category": "self",
"summary": "SUSE Bug 1121967",
"url": "https://bugzilla.suse.com/1121967"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-5736 page",
"url": "https://www.suse.com/security/cve/CVE-2019-5736/"
}
],
"title": "Security update for docker-runc",
"tracking": {
"current_release_date": "2019-02-13T16:56:08Z",
"generator": {
"date": "2019-02-13T16:56:08Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2019:0385-1",
"initial_release_date": "2019-02-13T16:56:08Z",
"revision_history": [
{
"date": "2019-02-13T16:56:08Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "docker-runc-1.0.0rc5+gitr3562_69663f0bd4b6-1.9.1.aarch64",
"product": {
"name": "docker-runc-1.0.0rc5+gitr3562_69663f0bd4b6-1.9.1.aarch64",
"product_id": "docker-runc-1.0.0rc5+gitr3562_69663f0bd4b6-1.9.1.aarch64"
}
},
{
"category": "product_version",
"name": "docker-runc-kubic-1.0.0rc5+gitr3562_69663f0bd4b6-1.9.1.aarch64",
"product": {
"name": "docker-runc-kubic-1.0.0rc5+gitr3562_69663f0bd4b6-1.9.1.aarch64",
"product_id": "docker-runc-kubic-1.0.0rc5+gitr3562_69663f0bd4b6-1.9.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "docker-runc-1.0.0rc5+gitr3562_69663f0bd4b6-1.9.1.i586",
"product": {
"name": "docker-runc-1.0.0rc5+gitr3562_69663f0bd4b6-1.9.1.i586",
"product_id": "docker-runc-1.0.0rc5+gitr3562_69663f0bd4b6-1.9.1.i586"
}
},
{
"category": "product_version",
"name": "docker-runc-kubic-1.0.0rc5+gitr3562_69663f0bd4b6-1.9.1.i586",
"product": {
"name": "docker-runc-kubic-1.0.0rc5+gitr3562_69663f0bd4b6-1.9.1.i586",
"product_id": "docker-runc-kubic-1.0.0rc5+gitr3562_69663f0bd4b6-1.9.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "docker-runc-kubic-test-1.0.0rc5+gitr3562_69663f0bd4b6-1.9.1.noarch",
"product": {
"name": "docker-runc-kubic-test-1.0.0rc5+gitr3562_69663f0bd4b6-1.9.1.noarch",
"product_id": "docker-runc-kubic-test-1.0.0rc5+gitr3562_69663f0bd4b6-1.9.1.noarch"
}
},
{
"category": "product_version",
"name": "docker-runc-test-1.0.0rc5+gitr3562_69663f0bd4b6-1.9.1.noarch",
"product": {
"name": "docker-runc-test-1.0.0rc5+gitr3562_69663f0bd4b6-1.9.1.noarch",
"product_id": "docker-runc-test-1.0.0rc5+gitr3562_69663f0bd4b6-1.9.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "docker-runc-1.0.0rc5+gitr3562_69663f0bd4b6-1.9.1.ppc64le",
"product": {
"name": "docker-runc-1.0.0rc5+gitr3562_69663f0bd4b6-1.9.1.ppc64le",
"product_id": "docker-runc-1.0.0rc5+gitr3562_69663f0bd4b6-1.9.1.ppc64le"
}
},
{
"category": "product_version",
"name": "docker-runc-kubic-1.0.0rc5+gitr3562_69663f0bd4b6-1.9.1.ppc64le",
"product": {
"name": "docker-runc-kubic-1.0.0rc5+gitr3562_69663f0bd4b6-1.9.1.ppc64le",
"product_id": "docker-runc-kubic-1.0.0rc5+gitr3562_69663f0bd4b6-1.9.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "docker-runc-1.0.0rc5+gitr3562_69663f0bd4b6-1.9.1.s390x",
"product": {
"name": "docker-runc-1.0.0rc5+gitr3562_69663f0bd4b6-1.9.1.s390x",
"product_id": "docker-runc-1.0.0rc5+gitr3562_69663f0bd4b6-1.9.1.s390x"
}
},
{
"category": "product_version",
"name": "docker-runc-kubic-1.0.0rc5+gitr3562_69663f0bd4b6-1.9.1.s390x",
"product": {
"name": "docker-runc-kubic-1.0.0rc5+gitr3562_69663f0bd4b6-1.9.1.s390x",
"product_id": "docker-runc-kubic-1.0.0rc5+gitr3562_69663f0bd4b6-1.9.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "docker-runc-1.0.0rc5+gitr3562_69663f0bd4b6-1.9.1.x86_64",
"product": {
"name": "docker-runc-1.0.0rc5+gitr3562_69663f0bd4b6-1.9.1.x86_64",
"product_id": "docker-runc-1.0.0rc5+gitr3562_69663f0bd4b6-1.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "docker-runc-kubic-1.0.0rc5+gitr3562_69663f0bd4b6-1.9.1.x86_64",
"product": {
"name": "docker-runc-kubic-1.0.0rc5+gitr3562_69663f0bd4b6-1.9.1.x86_64",
"product_id": "docker-runc-kubic-1.0.0rc5+gitr3562_69663f0bd4b6-1.9.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE OpenStack Cloud 6-LTSS",
"product": {
"name": "SUSE OpenStack Cloud 6-LTSS",
"product_id": "SUSE OpenStack Cloud 6-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-openstack-cloud-ltss:6"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Containers 12",
"product": {
"name": "SUSE Linux Enterprise Module for Containers 12",
"product_id": "SUSE Linux Enterprise Module for Containers 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-containers:12"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-runc-1.0.0rc5+gitr3562_69663f0bd4b6-1.9.1.x86_64 as component of SUSE OpenStack Cloud 6-LTSS",
"product_id": "SUSE OpenStack Cloud 6-LTSS:docker-runc-1.0.0rc5+gitr3562_69663f0bd4b6-1.9.1.x86_64"
},
"product_reference": "docker-runc-1.0.0rc5+gitr3562_69663f0bd4b6-1.9.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-runc-1.0.0rc5+gitr3562_69663f0bd4b6-1.9.1.ppc64le as component of SUSE Linux Enterprise Module for Containers 12",
"product_id": "SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc5+gitr3562_69663f0bd4b6-1.9.1.ppc64le"
},
"product_reference": "docker-runc-1.0.0rc5+gitr3562_69663f0bd4b6-1.9.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-runc-1.0.0rc5+gitr3562_69663f0bd4b6-1.9.1.s390x as component of SUSE Linux Enterprise Module for Containers 12",
"product_id": "SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc5+gitr3562_69663f0bd4b6-1.9.1.s390x"
},
"product_reference": "docker-runc-1.0.0rc5+gitr3562_69663f0bd4b6-1.9.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-runc-1.0.0rc5+gitr3562_69663f0bd4b6-1.9.1.x86_64 as component of SUSE Linux Enterprise Module for Containers 12",
"product_id": "SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc5+gitr3562_69663f0bd4b6-1.9.1.x86_64"
},
"product_reference": "docker-runc-1.0.0rc5+gitr3562_69663f0bd4b6-1.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 12"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-5736",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-5736"
}
],
"notes": [
{
"category": "general",
"text": "runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers: (1) a new container with an attacker-controlled image, or (2) an existing container, to which the attacker previously had write access, that can be attached with docker exec. This occurs because of file-descriptor mishandling, related to /proc/self/exe.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc5+gitr3562_69663f0bd4b6-1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc5+gitr3562_69663f0bd4b6-1.9.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc5+gitr3562_69663f0bd4b6-1.9.1.x86_64",
"SUSE OpenStack Cloud 6-LTSS:docker-runc-1.0.0rc5+gitr3562_69663f0bd4b6-1.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-5736",
"url": "https://www.suse.com/security/cve/CVE-2019-5736"
},
{
"category": "external",
"summary": "SUSE Bug 1121967 for CVE-2019-5736",
"url": "https://bugzilla.suse.com/1121967"
},
{
"category": "external",
"summary": "SUSE Bug 1122185 for CVE-2019-5736",
"url": "https://bugzilla.suse.com/1122185"
},
{
"category": "external",
"summary": "SUSE Bug 1173421 for CVE-2019-5736",
"url": "https://bugzilla.suse.com/1173421"
},
{
"category": "external",
"summary": "SUSE Bug 1218894 for CVE-2019-5736",
"url": "https://bugzilla.suse.com/1218894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc5+gitr3562_69663f0bd4b6-1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc5+gitr3562_69663f0bd4b6-1.9.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc5+gitr3562_69663f0bd4b6-1.9.1.x86_64",
"SUSE OpenStack Cloud 6-LTSS:docker-runc-1.0.0rc5+gitr3562_69663f0bd4b6-1.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc5+gitr3562_69663f0bd4b6-1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc5+gitr3562_69663f0bd4b6-1.9.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc5+gitr3562_69663f0bd4b6-1.9.1.x86_64",
"SUSE OpenStack Cloud 6-LTSS:docker-runc-1.0.0rc5+gitr3562_69663f0bd4b6-1.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-02-13T16:56:08Z",
"details": "moderate"
}
],
"title": "CVE-2019-5736"
}
]
}
SUSE-SU-2019:0495-1
Vulnerability from csaf_suse - Published: 2019-02-26 15:42 - Updated: 2019-02-26 15:42Summary
Security update for containerd, docker, docker-runc, golang-github-docker-libnetwork, runc
Severity
Important
Notes
Title of the patch: Security update for containerd, docker, docker-runc, golang-github-docker-libnetwork, runc
Description of the patch: This update for containerd, docker, docker-runc, golang-github-docker-libnetwork, runc fixes the following issues:
Security issues fixed:
- CVE-2018-16875: Fixed a CPU Denial of Service (bsc#1118899).
- CVE-2018-16874: Fixed a vulnerabity in go get command which could allow directory traversal in GOPATH mode (bsc#1118898).
- CVE-2018-16873: Fixed a vulnerability in go get command which could allow remote code execution when executed with -u in GOPATH mode (bsc#1118897).
- CVE-2019-5736: Effectively copying /proc/self/exe during re-exec to avoid write attacks to the host runc binary, which could lead to a container
breakout (bsc#1121967).
Other changes and fixes:
- Update shell completion to use Group: System/Shells.
- Add daemon.json file with rotation logs configuration (bsc#1114832)
- Update to Docker 18.09.1-ce (bsc#1124308) and to to runc 96ec2177ae84.
See upstream changelog in the packaged /usr/share/doc/packages/docker/CHANGELOG.md.
- Update go requirements to >= go1.10
- Use -buildmode=pie for tests and binary build (bsc#1048046 and bsc#1051429).
- Remove the usage of 'cp -r' to reduce noise in the build logs.
Patchnames: SUSE-2019-495,SUSE-SLE-Module-Containers-15-2019-495,SUSE-SLE-Module-Development-Tools-OBS-15-2019-495
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.5 (High)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:containerd-1.2.2-5.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:containerd-1.2.2-5.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:containerd-1.2.2-5.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-18.09.1_ce-6.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-18.09.1_ce-6.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-18.09.1_ce-6.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-bash-completion-18.09.1_ce-6.14.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.8 (Medium)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:containerd-1.2.2-5.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:containerd-1.2.2-5.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:containerd-1.2.2-5.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-18.09.1_ce-6.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-18.09.1_ce-6.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-18.09.1_ce-6.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-bash-completion-18.09.1_ce-6.14.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.9 (Medium)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:containerd-1.2.2-5.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:containerd-1.2.2-5.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:containerd-1.2.2-5.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-18.09.1_ce-6.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-18.09.1_ce-6.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-18.09.1_ce-6.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-bash-completion-18.09.1_ce-6.14.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:containerd-1.2.2-5.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:containerd-1.2.2-5.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:containerd-1.2.2-5.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-18.09.1_ce-6.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-18.09.1_ce-6.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-18.09.1_ce-6.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-bash-completion-18.09.1_ce-6.14.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
33 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for containerd, docker, docker-runc, golang-github-docker-libnetwork, runc",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for containerd, docker, docker-runc, golang-github-docker-libnetwork, runc fixes the following issues:\n\nSecurity issues fixed: \n\n- CVE-2018-16875: Fixed a CPU Denial of Service (bsc#1118899).\n- CVE-2018-16874: Fixed a vulnerabity in go get command which could allow directory traversal in GOPATH mode (bsc#1118898).\n- CVE-2018-16873: Fixed a vulnerability in go get command which could allow remote code execution when executed with -u in GOPATH mode (bsc#1118897).\n- CVE-2019-5736: Effectively copying /proc/self/exe during re-exec to avoid write attacks to the host runc binary, which could lead to a container\n breakout (bsc#1121967).\n\nOther changes and fixes: \n\n- Update shell completion to use Group: System/Shells.\n- Add daemon.json file with rotation logs configuration (bsc#1114832)\n- Update to Docker 18.09.1-ce (bsc#1124308) and to to runc 96ec2177ae84.\n See upstream changelog in the packaged /usr/share/doc/packages/docker/CHANGELOG.md.\n- Update go requirements to \u003e= go1.10 \n- Use -buildmode=pie for tests and binary build (bsc#1048046 and bsc#1051429).\n- Remove the usage of \u0027cp -r\u0027 to reduce noise in the build logs.\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2019-495,SUSE-SLE-Module-Containers-15-2019-495,SUSE-SLE-Module-Development-Tools-OBS-15-2019-495",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2019_0495-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2019:0495-1",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20190495-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2019:0495-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2019-February/005155.html"
},
{
"category": "self",
"summary": "SUSE Bug 1048046",
"url": "https://bugzilla.suse.com/1048046"
},
{
"category": "self",
"summary": "SUSE Bug 1051429",
"url": "https://bugzilla.suse.com/1051429"
},
{
"category": "self",
"summary": "SUSE Bug 1114832",
"url": "https://bugzilla.suse.com/1114832"
},
{
"category": "self",
"summary": "SUSE Bug 1118897",
"url": "https://bugzilla.suse.com/1118897"
},
{
"category": "self",
"summary": "SUSE Bug 1118898",
"url": "https://bugzilla.suse.com/1118898"
},
{
"category": "self",
"summary": "SUSE Bug 1118899",
"url": "https://bugzilla.suse.com/1118899"
},
{
"category": "self",
"summary": "SUSE Bug 1121967",
"url": "https://bugzilla.suse.com/1121967"
},
{
"category": "self",
"summary": "SUSE Bug 1124308",
"url": "https://bugzilla.suse.com/1124308"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16873 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16873/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16874 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16874/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16875 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16875/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-5736 page",
"url": "https://www.suse.com/security/cve/CVE-2019-5736/"
}
],
"title": "Security update for containerd, docker, docker-runc, golang-github-docker-libnetwork, runc",
"tracking": {
"current_release_date": "2019-02-26T15:42:38Z",
"generator": {
"date": "2019-02-26T15:42:38Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2019:0495-1",
"initial_release_date": "2019-02-26T15:42:38Z",
"revision_history": [
{
"date": "2019-02-26T15:42:38Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "containerd-1.2.2-5.9.1.aarch64",
"product": {
"name": "containerd-1.2.2-5.9.1.aarch64",
"product_id": "containerd-1.2.2-5.9.1.aarch64"
}
},
{
"category": "product_version",
"name": "containerd-ctr-1.2.2-5.9.1.aarch64",
"product": {
"name": "containerd-ctr-1.2.2-5.9.1.aarch64",
"product_id": "containerd-ctr-1.2.2-5.9.1.aarch64"
}
},
{
"category": "product_version",
"name": "containerd-kubic-1.2.2-5.9.1.aarch64",
"product": {
"name": "containerd-kubic-1.2.2-5.9.1.aarch64",
"product_id": "containerd-kubic-1.2.2-5.9.1.aarch64"
}
},
{
"category": "product_version",
"name": "containerd-kubic-ctr-1.2.2-5.9.1.aarch64",
"product": {
"name": "containerd-kubic-ctr-1.2.2-5.9.1.aarch64",
"product_id": "containerd-kubic-ctr-1.2.2-5.9.1.aarch64"
}
},
{
"category": "product_version",
"name": "docker-18.09.1_ce-6.14.1.aarch64",
"product": {
"name": "docker-18.09.1_ce-6.14.1.aarch64",
"product_id": "docker-18.09.1_ce-6.14.1.aarch64"
}
},
{
"category": "product_version",
"name": "docker-kubic-18.09.1_ce-6.14.1.aarch64",
"product": {
"name": "docker-kubic-18.09.1_ce-6.14.1.aarch64",
"product_id": "docker-kubic-18.09.1_ce-6.14.1.aarch64"
}
},
{
"category": "product_version",
"name": "docker-kubic-kubeadm-criconfig-18.09.1_ce-6.14.1.aarch64",
"product": {
"name": "docker-kubic-kubeadm-criconfig-18.09.1_ce-6.14.1.aarch64",
"product_id": "docker-kubic-kubeadm-criconfig-18.09.1_ce-6.14.1.aarch64"
}
},
{
"category": "product_version",
"name": "docker-kubic-test-18.09.1_ce-6.14.1.aarch64",
"product": {
"name": "docker-kubic-test-18.09.1_ce-6.14.1.aarch64",
"product_id": "docker-kubic-test-18.09.1_ce-6.14.1.aarch64"
}
},
{
"category": "product_version",
"name": "docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.aarch64",
"product": {
"name": "docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.aarch64",
"product_id": "docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.aarch64"
}
},
{
"category": "product_version",
"name": "docker-libnetwork-kubic-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.aarch64",
"product": {
"name": "docker-libnetwork-kubic-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.aarch64",
"product_id": "docker-libnetwork-kubic-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.aarch64"
}
},
{
"category": "product_version",
"name": "docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.aarch64",
"product": {
"name": "docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.aarch64",
"product_id": "docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.aarch64"
}
},
{
"category": "product_version",
"name": "docker-runc-kubic-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.aarch64",
"product": {
"name": "docker-runc-kubic-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.aarch64",
"product_id": "docker-runc-kubic-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.aarch64"
}
},
{
"category": "product_version",
"name": "docker-test-18.09.1_ce-6.14.1.aarch64",
"product": {
"name": "docker-test-18.09.1_ce-6.14.1.aarch64",
"product_id": "docker-test-18.09.1_ce-6.14.1.aarch64"
}
},
{
"category": "product_version",
"name": "golang-github-docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.aarch64",
"product": {
"name": "golang-github-docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.aarch64",
"product_id": "golang-github-docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.aarch64"
}
},
{
"category": "product_version",
"name": "golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.aarch64",
"product": {
"name": "golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.aarch64",
"product_id": "golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.aarch64"
}
},
{
"category": "product_version",
"name": "runc-1.0.0~rc6-1.3.1.aarch64",
"product": {
"name": "runc-1.0.0~rc6-1.3.1.aarch64",
"product_id": "runc-1.0.0~rc6-1.3.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "containerd-1.2.2-5.9.1.i586",
"product": {
"name": "containerd-1.2.2-5.9.1.i586",
"product_id": "containerd-1.2.2-5.9.1.i586"
}
},
{
"category": "product_version",
"name": "containerd-ctr-1.2.2-5.9.1.i586",
"product": {
"name": "containerd-ctr-1.2.2-5.9.1.i586",
"product_id": "containerd-ctr-1.2.2-5.9.1.i586"
}
},
{
"category": "product_version",
"name": "containerd-kubic-1.2.2-5.9.1.i586",
"product": {
"name": "containerd-kubic-1.2.2-5.9.1.i586",
"product_id": "containerd-kubic-1.2.2-5.9.1.i586"
}
},
{
"category": "product_version",
"name": "containerd-kubic-ctr-1.2.2-5.9.1.i586",
"product": {
"name": "containerd-kubic-ctr-1.2.2-5.9.1.i586",
"product_id": "containerd-kubic-ctr-1.2.2-5.9.1.i586"
}
},
{
"category": "product_version",
"name": "docker-18.09.1_ce-6.14.1.i586",
"product": {
"name": "docker-18.09.1_ce-6.14.1.i586",
"product_id": "docker-18.09.1_ce-6.14.1.i586"
}
},
{
"category": "product_version",
"name": "docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.i586",
"product": {
"name": "docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.i586",
"product_id": "docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.i586"
}
},
{
"category": "product_version",
"name": "docker-libnetwork-kubic-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.i586",
"product": {
"name": "docker-libnetwork-kubic-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.i586",
"product_id": "docker-libnetwork-kubic-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.i586"
}
},
{
"category": "product_version",
"name": "docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.i586",
"product": {
"name": "docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.i586",
"product_id": "docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.i586"
}
},
{
"category": "product_version",
"name": "docker-runc-kubic-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.i586",
"product": {
"name": "docker-runc-kubic-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.i586",
"product_id": "docker-runc-kubic-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.i586"
}
},
{
"category": "product_version",
"name": "docker-test-18.09.1_ce-6.14.1.i586",
"product": {
"name": "docker-test-18.09.1_ce-6.14.1.i586",
"product_id": "docker-test-18.09.1_ce-6.14.1.i586"
}
},
{
"category": "product_version",
"name": "golang-github-docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.i586",
"product": {
"name": "golang-github-docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.i586",
"product_id": "golang-github-docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.i586"
}
},
{
"category": "product_version",
"name": "golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.i586",
"product": {
"name": "golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.i586",
"product_id": "golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.i586"
}
},
{
"category": "product_version",
"name": "runc-1.0.0~rc6-1.3.1.i586",
"product": {
"name": "runc-1.0.0~rc6-1.3.1.i586",
"product_id": "runc-1.0.0~rc6-1.3.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "containerd-kubic-test-1.2.2-5.9.1.noarch",
"product": {
"name": "containerd-kubic-test-1.2.2-5.9.1.noarch",
"product_id": "containerd-kubic-test-1.2.2-5.9.1.noarch"
}
},
{
"category": "product_version",
"name": "containerd-test-1.2.2-5.9.1.noarch",
"product": {
"name": "containerd-test-1.2.2-5.9.1.noarch",
"product_id": "containerd-test-1.2.2-5.9.1.noarch"
}
},
{
"category": "product_version",
"name": "docker-bash-completion-18.09.1_ce-6.14.1.noarch",
"product": {
"name": "docker-bash-completion-18.09.1_ce-6.14.1.noarch",
"product_id": "docker-bash-completion-18.09.1_ce-6.14.1.noarch"
}
},
{
"category": "product_version",
"name": "docker-kubic-bash-completion-18.09.1_ce-6.14.1.noarch",
"product": {
"name": "docker-kubic-bash-completion-18.09.1_ce-6.14.1.noarch",
"product_id": "docker-kubic-bash-completion-18.09.1_ce-6.14.1.noarch"
}
},
{
"category": "product_version",
"name": "docker-kubic-zsh-completion-18.09.1_ce-6.14.1.noarch",
"product": {
"name": "docker-kubic-zsh-completion-18.09.1_ce-6.14.1.noarch",
"product_id": "docker-kubic-zsh-completion-18.09.1_ce-6.14.1.noarch"
}
},
{
"category": "product_version",
"name": "docker-runc-kubic-test-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.noarch",
"product": {
"name": "docker-runc-kubic-test-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.noarch",
"product_id": "docker-runc-kubic-test-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.noarch"
}
},
{
"category": "product_version",
"name": "docker-runc-test-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.noarch",
"product": {
"name": "docker-runc-test-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.noarch",
"product_id": "docker-runc-test-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.noarch"
}
},
{
"category": "product_version",
"name": "docker-zsh-completion-18.09.1_ce-6.14.1.noarch",
"product": {
"name": "docker-zsh-completion-18.09.1_ce-6.14.1.noarch",
"product_id": "docker-zsh-completion-18.09.1_ce-6.14.1.noarch"
}
},
{
"category": "product_version",
"name": "runc-test-1.0.0~rc6-1.3.1.noarch",
"product": {
"name": "runc-test-1.0.0~rc6-1.3.1.noarch",
"product_id": "runc-test-1.0.0~rc6-1.3.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "containerd-1.2.2-5.9.1.ppc64le",
"product": {
"name": "containerd-1.2.2-5.9.1.ppc64le",
"product_id": "containerd-1.2.2-5.9.1.ppc64le"
}
},
{
"category": "product_version",
"name": "containerd-ctr-1.2.2-5.9.1.ppc64le",
"product": {
"name": "containerd-ctr-1.2.2-5.9.1.ppc64le",
"product_id": "containerd-ctr-1.2.2-5.9.1.ppc64le"
}
},
{
"category": "product_version",
"name": "containerd-kubic-1.2.2-5.9.1.ppc64le",
"product": {
"name": "containerd-kubic-1.2.2-5.9.1.ppc64le",
"product_id": "containerd-kubic-1.2.2-5.9.1.ppc64le"
}
},
{
"category": "product_version",
"name": "containerd-kubic-ctr-1.2.2-5.9.1.ppc64le",
"product": {
"name": "containerd-kubic-ctr-1.2.2-5.9.1.ppc64le",
"product_id": "containerd-kubic-ctr-1.2.2-5.9.1.ppc64le"
}
},
{
"category": "product_version",
"name": "docker-18.09.1_ce-6.14.1.ppc64le",
"product": {
"name": "docker-18.09.1_ce-6.14.1.ppc64le",
"product_id": "docker-18.09.1_ce-6.14.1.ppc64le"
}
},
{
"category": "product_version",
"name": "docker-kubic-18.09.1_ce-6.14.1.ppc64le",
"product": {
"name": "docker-kubic-18.09.1_ce-6.14.1.ppc64le",
"product_id": "docker-kubic-18.09.1_ce-6.14.1.ppc64le"
}
},
{
"category": "product_version",
"name": "docker-kubic-kubeadm-criconfig-18.09.1_ce-6.14.1.ppc64le",
"product": {
"name": "docker-kubic-kubeadm-criconfig-18.09.1_ce-6.14.1.ppc64le",
"product_id": "docker-kubic-kubeadm-criconfig-18.09.1_ce-6.14.1.ppc64le"
}
},
{
"category": "product_version",
"name": "docker-kubic-test-18.09.1_ce-6.14.1.ppc64le",
"product": {
"name": "docker-kubic-test-18.09.1_ce-6.14.1.ppc64le",
"product_id": "docker-kubic-test-18.09.1_ce-6.14.1.ppc64le"
}
},
{
"category": "product_version",
"name": "docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.ppc64le",
"product": {
"name": "docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.ppc64le",
"product_id": "docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.ppc64le"
}
},
{
"category": "product_version",
"name": "docker-libnetwork-kubic-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.ppc64le",
"product": {
"name": "docker-libnetwork-kubic-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.ppc64le",
"product_id": "docker-libnetwork-kubic-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.ppc64le"
}
},
{
"category": "product_version",
"name": "docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.ppc64le",
"product": {
"name": "docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.ppc64le",
"product_id": "docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.ppc64le"
}
},
{
"category": "product_version",
"name": "docker-runc-kubic-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.ppc64le",
"product": {
"name": "docker-runc-kubic-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.ppc64le",
"product_id": "docker-runc-kubic-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.ppc64le"
}
},
{
"category": "product_version",
"name": "docker-test-18.09.1_ce-6.14.1.ppc64le",
"product": {
"name": "docker-test-18.09.1_ce-6.14.1.ppc64le",
"product_id": "docker-test-18.09.1_ce-6.14.1.ppc64le"
}
},
{
"category": "product_version",
"name": "golang-github-docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.ppc64le",
"product": {
"name": "golang-github-docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.ppc64le",
"product_id": "golang-github-docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.ppc64le"
}
},
{
"category": "product_version",
"name": "golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.ppc64le",
"product": {
"name": "golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.ppc64le",
"product_id": "golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.ppc64le"
}
},
{
"category": "product_version",
"name": "runc-1.0.0~rc6-1.3.1.ppc64le",
"product": {
"name": "runc-1.0.0~rc6-1.3.1.ppc64le",
"product_id": "runc-1.0.0~rc6-1.3.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "containerd-1.2.2-5.9.1.s390x",
"product": {
"name": "containerd-1.2.2-5.9.1.s390x",
"product_id": "containerd-1.2.2-5.9.1.s390x"
}
},
{
"category": "product_version",
"name": "containerd-ctr-1.2.2-5.9.1.s390x",
"product": {
"name": "containerd-ctr-1.2.2-5.9.1.s390x",
"product_id": "containerd-ctr-1.2.2-5.9.1.s390x"
}
},
{
"category": "product_version",
"name": "containerd-kubic-1.2.2-5.9.1.s390x",
"product": {
"name": "containerd-kubic-1.2.2-5.9.1.s390x",
"product_id": "containerd-kubic-1.2.2-5.9.1.s390x"
}
},
{
"category": "product_version",
"name": "containerd-kubic-ctr-1.2.2-5.9.1.s390x",
"product": {
"name": "containerd-kubic-ctr-1.2.2-5.9.1.s390x",
"product_id": "containerd-kubic-ctr-1.2.2-5.9.1.s390x"
}
},
{
"category": "product_version",
"name": "docker-18.09.1_ce-6.14.1.s390x",
"product": {
"name": "docker-18.09.1_ce-6.14.1.s390x",
"product_id": "docker-18.09.1_ce-6.14.1.s390x"
}
},
{
"category": "product_version",
"name": "docker-kubic-18.09.1_ce-6.14.1.s390x",
"product": {
"name": "docker-kubic-18.09.1_ce-6.14.1.s390x",
"product_id": "docker-kubic-18.09.1_ce-6.14.1.s390x"
}
},
{
"category": "product_version",
"name": "docker-kubic-kubeadm-criconfig-18.09.1_ce-6.14.1.s390x",
"product": {
"name": "docker-kubic-kubeadm-criconfig-18.09.1_ce-6.14.1.s390x",
"product_id": "docker-kubic-kubeadm-criconfig-18.09.1_ce-6.14.1.s390x"
}
},
{
"category": "product_version",
"name": "docker-kubic-test-18.09.1_ce-6.14.1.s390x",
"product": {
"name": "docker-kubic-test-18.09.1_ce-6.14.1.s390x",
"product_id": "docker-kubic-test-18.09.1_ce-6.14.1.s390x"
}
},
{
"category": "product_version",
"name": "docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.s390x",
"product": {
"name": "docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.s390x",
"product_id": "docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.s390x"
}
},
{
"category": "product_version",
"name": "docker-libnetwork-kubic-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.s390x",
"product": {
"name": "docker-libnetwork-kubic-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.s390x",
"product_id": "docker-libnetwork-kubic-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.s390x"
}
},
{
"category": "product_version",
"name": "docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.s390x",
"product": {
"name": "docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.s390x",
"product_id": "docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.s390x"
}
},
{
"category": "product_version",
"name": "docker-runc-kubic-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.s390x",
"product": {
"name": "docker-runc-kubic-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.s390x",
"product_id": "docker-runc-kubic-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.s390x"
}
},
{
"category": "product_version",
"name": "docker-test-18.09.1_ce-6.14.1.s390x",
"product": {
"name": "docker-test-18.09.1_ce-6.14.1.s390x",
"product_id": "docker-test-18.09.1_ce-6.14.1.s390x"
}
},
{
"category": "product_version",
"name": "golang-github-docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.s390x",
"product": {
"name": "golang-github-docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.s390x",
"product_id": "golang-github-docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.s390x"
}
},
{
"category": "product_version",
"name": "golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.s390x",
"product": {
"name": "golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.s390x",
"product_id": "golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.s390x"
}
},
{
"category": "product_version",
"name": "runc-1.0.0~rc6-1.3.1.s390x",
"product": {
"name": "runc-1.0.0~rc6-1.3.1.s390x",
"product_id": "runc-1.0.0~rc6-1.3.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "containerd-1.2.2-5.9.1.x86_64",
"product": {
"name": "containerd-1.2.2-5.9.1.x86_64",
"product_id": "containerd-1.2.2-5.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "containerd-ctr-1.2.2-5.9.1.x86_64",
"product": {
"name": "containerd-ctr-1.2.2-5.9.1.x86_64",
"product_id": "containerd-ctr-1.2.2-5.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "containerd-kubic-1.2.2-5.9.1.x86_64",
"product": {
"name": "containerd-kubic-1.2.2-5.9.1.x86_64",
"product_id": "containerd-kubic-1.2.2-5.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "containerd-kubic-ctr-1.2.2-5.9.1.x86_64",
"product": {
"name": "containerd-kubic-ctr-1.2.2-5.9.1.x86_64",
"product_id": "containerd-kubic-ctr-1.2.2-5.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "docker-18.09.1_ce-6.14.1.x86_64",
"product": {
"name": "docker-18.09.1_ce-6.14.1.x86_64",
"product_id": "docker-18.09.1_ce-6.14.1.x86_64"
}
},
{
"category": "product_version",
"name": "docker-kubic-18.09.1_ce-6.14.1.x86_64",
"product": {
"name": "docker-kubic-18.09.1_ce-6.14.1.x86_64",
"product_id": "docker-kubic-18.09.1_ce-6.14.1.x86_64"
}
},
{
"category": "product_version",
"name": "docker-kubic-kubeadm-criconfig-18.09.1_ce-6.14.1.x86_64",
"product": {
"name": "docker-kubic-kubeadm-criconfig-18.09.1_ce-6.14.1.x86_64",
"product_id": "docker-kubic-kubeadm-criconfig-18.09.1_ce-6.14.1.x86_64"
}
},
{
"category": "product_version",
"name": "docker-kubic-test-18.09.1_ce-6.14.1.x86_64",
"product": {
"name": "docker-kubic-test-18.09.1_ce-6.14.1.x86_64",
"product_id": "docker-kubic-test-18.09.1_ce-6.14.1.x86_64"
}
},
{
"category": "product_version",
"name": "docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.x86_64",
"product": {
"name": "docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.x86_64",
"product_id": "docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "docker-libnetwork-kubic-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.x86_64",
"product": {
"name": "docker-libnetwork-kubic-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.x86_64",
"product_id": "docker-libnetwork-kubic-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.x86_64",
"product": {
"name": "docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.x86_64",
"product_id": "docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "docker-runc-kubic-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.x86_64",
"product": {
"name": "docker-runc-kubic-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.x86_64",
"product_id": "docker-runc-kubic-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "docker-test-18.09.1_ce-6.14.1.x86_64",
"product": {
"name": "docker-test-18.09.1_ce-6.14.1.x86_64",
"product_id": "docker-test-18.09.1_ce-6.14.1.x86_64"
}
},
{
"category": "product_version",
"name": "golang-github-docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.x86_64",
"product": {
"name": "golang-github-docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.x86_64",
"product_id": "golang-github-docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.x86_64",
"product": {
"name": "golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.x86_64",
"product_id": "golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "runc-1.0.0~rc6-1.3.1.x86_64",
"product": {
"name": "runc-1.0.0~rc6-1.3.1.x86_64",
"product_id": "runc-1.0.0~rc6-1.3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Containers 15",
"product": {
"name": "SUSE Linux Enterprise Module for Containers 15",
"product_id": "SUSE Linux Enterprise Module for Containers 15",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-containers:15"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.2.2-5.9.1.ppc64le as component of SUSE Linux Enterprise Module for Containers 15",
"product_id": "SUSE Linux Enterprise Module for Containers 15:containerd-1.2.2-5.9.1.ppc64le"
},
"product_reference": "containerd-1.2.2-5.9.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.2.2-5.9.1.s390x as component of SUSE Linux Enterprise Module for Containers 15",
"product_id": "SUSE Linux Enterprise Module for Containers 15:containerd-1.2.2-5.9.1.s390x"
},
"product_reference": "containerd-1.2.2-5.9.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.2.2-5.9.1.x86_64 as component of SUSE Linux Enterprise Module for Containers 15",
"product_id": "SUSE Linux Enterprise Module for Containers 15:containerd-1.2.2-5.9.1.x86_64"
},
"product_reference": "containerd-1.2.2-5.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-18.09.1_ce-6.14.1.ppc64le as component of SUSE Linux Enterprise Module for Containers 15",
"product_id": "SUSE Linux Enterprise Module for Containers 15:docker-18.09.1_ce-6.14.1.ppc64le"
},
"product_reference": "docker-18.09.1_ce-6.14.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-18.09.1_ce-6.14.1.s390x as component of SUSE Linux Enterprise Module for Containers 15",
"product_id": "SUSE Linux Enterprise Module for Containers 15:docker-18.09.1_ce-6.14.1.s390x"
},
"product_reference": "docker-18.09.1_ce-6.14.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-18.09.1_ce-6.14.1.x86_64 as component of SUSE Linux Enterprise Module for Containers 15",
"product_id": "SUSE Linux Enterprise Module for Containers 15:docker-18.09.1_ce-6.14.1.x86_64"
},
"product_reference": "docker-18.09.1_ce-6.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-bash-completion-18.09.1_ce-6.14.1.noarch as component of SUSE Linux Enterprise Module for Containers 15",
"product_id": "SUSE Linux Enterprise Module for Containers 15:docker-bash-completion-18.09.1_ce-6.14.1.noarch"
},
"product_reference": "docker-bash-completion-18.09.1_ce-6.14.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.ppc64le as component of SUSE Linux Enterprise Module for Containers 15",
"product_id": "SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.ppc64le"
},
"product_reference": "docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.s390x as component of SUSE Linux Enterprise Module for Containers 15",
"product_id": "SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.s390x"
},
"product_reference": "docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.x86_64 as component of SUSE Linux Enterprise Module for Containers 15",
"product_id": "SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.x86_64"
},
"product_reference": "docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.ppc64le as component of SUSE Linux Enterprise Module for Containers 15",
"product_id": "SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.ppc64le"
},
"product_reference": "docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.s390x as component of SUSE Linux Enterprise Module for Containers 15",
"product_id": "SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.s390x"
},
"product_reference": "docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.x86_64 as component of SUSE Linux Enterprise Module for Containers 15",
"product_id": "SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.x86_64"
},
"product_reference": "docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-16873",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16873"
}
],
"notes": [
{
"category": "general",
"text": "In Go before 1.10.6 and 1.11.x before 1.11.3, the \"go get\" command is vulnerable to remote code execution when executed with the -u flag and the import path of a malicious Go package, or a package that imports it directly or indirectly. Specifically, it is only vulnerable in GOPATH mode, but not in module mode (the distinction is documented at https://golang.org/cmd/go/#hdr-Module_aware_go_get). Using custom domains, it\u0027s possible to arrange things so that a Git repository is cloned to a folder named \".git\" by using a vanity import path that ends with \"/.git\". If the Git repository root contains a \"HEAD\" file, a \"config\" file, an \"objects\" directory, a \"refs\" directory, with some work to ensure the proper ordering of operations, \"go get -u\" can be tricked into considering the parent directory as a repository root, and running Git commands on it. That will use the \"config\" file in the original Git repository root for its configuration, and if that config file contains malicious commands, they will execute on the system running \"go get -u\".",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.2-5.9.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.2-5.9.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.2-5.9.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-18.09.1_ce-6.14.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-18.09.1_ce-6.14.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-18.09.1_ce-6.14.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-bash-completion-18.09.1_ce-6.14.1.noarch",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16873",
"url": "https://www.suse.com/security/cve/CVE-2018-16873"
},
{
"category": "external",
"summary": "SUSE Bug 1118897 for CVE-2018-16873",
"url": "https://bugzilla.suse.com/1118897"
},
{
"category": "external",
"summary": "SUSE Bug 1118898 for CVE-2018-16873",
"url": "https://bugzilla.suse.com/1118898"
},
{
"category": "external",
"summary": "SUSE Bug 1118899 for CVE-2018-16873",
"url": "https://bugzilla.suse.com/1118899"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.2-5.9.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.2-5.9.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.2-5.9.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-18.09.1_ce-6.14.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-18.09.1_ce-6.14.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-18.09.1_ce-6.14.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-bash-completion-18.09.1_ce-6.14.1.noarch",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.2-5.9.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.2-5.9.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.2-5.9.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-18.09.1_ce-6.14.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-18.09.1_ce-6.14.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-18.09.1_ce-6.14.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-bash-completion-18.09.1_ce-6.14.1.noarch",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-02-26T15:42:38Z",
"details": "important"
}
],
"title": "CVE-2018-16873"
},
{
"cve": "CVE-2018-16874",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16874"
}
],
"notes": [
{
"category": "general",
"text": "In Go before 1.10.6 and 1.11.x before 1.11.3, the \"go get\" command is vulnerable to directory traversal when executed with the import path of a malicious Go package which contains curly braces (both \u0027{\u0027 and \u0027}\u0027 characters). Specifically, it is only vulnerable in GOPATH mode, but not in module mode (the distinction is documented at https://golang.org/cmd/go/#hdr-Module_aware_go_get). The attacker can cause an arbitrary filesystem write, which can lead to code execution.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.2-5.9.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.2-5.9.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.2-5.9.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-18.09.1_ce-6.14.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-18.09.1_ce-6.14.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-18.09.1_ce-6.14.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-bash-completion-18.09.1_ce-6.14.1.noarch",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16874",
"url": "https://www.suse.com/security/cve/CVE-2018-16874"
},
{
"category": "external",
"summary": "SUSE Bug 1118897 for CVE-2018-16874",
"url": "https://bugzilla.suse.com/1118897"
},
{
"category": "external",
"summary": "SUSE Bug 1118898 for CVE-2018-16874",
"url": "https://bugzilla.suse.com/1118898"
},
{
"category": "external",
"summary": "SUSE Bug 1118899 for CVE-2018-16874",
"url": "https://bugzilla.suse.com/1118899"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.2-5.9.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.2-5.9.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.2-5.9.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-18.09.1_ce-6.14.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-18.09.1_ce-6.14.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-18.09.1_ce-6.14.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-bash-completion-18.09.1_ce-6.14.1.noarch",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.2-5.9.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.2-5.9.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.2-5.9.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-18.09.1_ce-6.14.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-18.09.1_ce-6.14.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-18.09.1_ce-6.14.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-bash-completion-18.09.1_ce-6.14.1.noarch",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-02-26T15:42:38Z",
"details": "moderate"
}
],
"title": "CVE-2018-16874"
},
{
"cve": "CVE-2018-16875",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16875"
}
],
"notes": [
{
"category": "general",
"text": "The crypto/x509 package of Go before 1.10.6 and 1.11.x before 1.11.3 does not limit the amount of work performed for each chain verification, which might allow attackers to craft pathological inputs leading to a CPU denial of service. Go TLS servers accepting client certificates and TLS clients are affected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.2-5.9.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.2-5.9.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.2-5.9.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-18.09.1_ce-6.14.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-18.09.1_ce-6.14.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-18.09.1_ce-6.14.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-bash-completion-18.09.1_ce-6.14.1.noarch",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16875",
"url": "https://www.suse.com/security/cve/CVE-2018-16875"
},
{
"category": "external",
"summary": "SUSE Bug 1118897 for CVE-2018-16875",
"url": "https://bugzilla.suse.com/1118897"
},
{
"category": "external",
"summary": "SUSE Bug 1118898 for CVE-2018-16875",
"url": "https://bugzilla.suse.com/1118898"
},
{
"category": "external",
"summary": "SUSE Bug 1118899 for CVE-2018-16875",
"url": "https://bugzilla.suse.com/1118899"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.2-5.9.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.2-5.9.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.2-5.9.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-18.09.1_ce-6.14.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-18.09.1_ce-6.14.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-18.09.1_ce-6.14.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-bash-completion-18.09.1_ce-6.14.1.noarch",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.2-5.9.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.2-5.9.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.2-5.9.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-18.09.1_ce-6.14.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-18.09.1_ce-6.14.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-18.09.1_ce-6.14.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-bash-completion-18.09.1_ce-6.14.1.noarch",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-02-26T15:42:38Z",
"details": "moderate"
}
],
"title": "CVE-2018-16875"
},
{
"cve": "CVE-2019-5736",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-5736"
}
],
"notes": [
{
"category": "general",
"text": "runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers: (1) a new container with an attacker-controlled image, or (2) an existing container, to which the attacker previously had write access, that can be attached with docker exec. This occurs because of file-descriptor mishandling, related to /proc/self/exe.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.2-5.9.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.2-5.9.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.2-5.9.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-18.09.1_ce-6.14.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-18.09.1_ce-6.14.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-18.09.1_ce-6.14.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-bash-completion-18.09.1_ce-6.14.1.noarch",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-5736",
"url": "https://www.suse.com/security/cve/CVE-2019-5736"
},
{
"category": "external",
"summary": "SUSE Bug 1121967 for CVE-2019-5736",
"url": "https://bugzilla.suse.com/1121967"
},
{
"category": "external",
"summary": "SUSE Bug 1122185 for CVE-2019-5736",
"url": "https://bugzilla.suse.com/1122185"
},
{
"category": "external",
"summary": "SUSE Bug 1173421 for CVE-2019-5736",
"url": "https://bugzilla.suse.com/1173421"
},
{
"category": "external",
"summary": "SUSE Bug 1218894 for CVE-2019-5736",
"url": "https://bugzilla.suse.com/1218894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.2-5.9.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.2-5.9.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.2-5.9.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-18.09.1_ce-6.14.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-18.09.1_ce-6.14.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-18.09.1_ce-6.14.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-bash-completion-18.09.1_ce-6.14.1.noarch",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.2-5.9.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.2-5.9.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.2-5.9.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-18.09.1_ce-6.14.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-18.09.1_ce-6.14.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-18.09.1_ce-6.14.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-bash-completion-18.09.1_ce-6.14.1.noarch",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-4.9.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-6.12.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-02-26T15:42:38Z",
"details": "moderate"
}
],
"title": "CVE-2019-5736"
}
]
}
SUSE-SU-2019:0573-1
Vulnerability from csaf_suse - Published: 2019-03-08 12:49 - Updated: 2019-03-08 12:49Summary
Security update for containerd, docker, docker-runc, golang-github-docker-libnetwork, runc
Severity
Important
Notes
Title of the patch: Security update for containerd, docker, docker-runc, golang-github-docker-libnetwork, runc
Description of the patch: This update for containerd, docker, docker-runc, golang-github-docker-libnetwork, runc fixes the following issues:
Security issues fixed:
- CVE-2018-16875: Fixed a CPU Denial of Service (bsc#1118899).
- CVE-2018-16874: Fixed a vulnerabity in go get command which could allow directory traversal in GOPATH mode (bsc#1118898).
- CVE-2018-16873: Fixed a vulnerability in go get command which could allow remote code execution when executed with -u in GOPATH mode (bsc#1118897).
- CVE-2019-5736: Effectively copying /proc/self/exe during re-exec to avoid write attacks to the host runc binary, which could lead to a container
breakout (bsc#1121967).
Other changes and bug fixes:
- Update shell completion to use Group: System/Shells.
- Add daemon.json file with rotation logs configuration (bsc#1114832)
- Update to Docker 18.09.1-ce (bsc#1124308) and to to runc 96ec2177ae84.
See upstream changelog in the packaged /usr/share/doc/packages/docker/CHANGELOG.md.
- Disable leap based builds for kubic flavor (bsc#1121412).
- Allow users to explicitly specify the NIS domain name of a container (bsc#1001161).
- Update docker.service to match upstream and avoid rlimit problems (bsc#1112980).
- Update go requirements to >= go1.10
- Use -buildmode=pie for tests and binary build (bsc#1048046 and bsc#1051429).
- Remove the usage of 'cp -r' to reduce noise in the build logs.
Patchnames: SUSE-2019-573,SUSE-OpenStack-Cloud-6-LTSS-2019-573,SUSE-SLE-Module-Containers-12-2019-573
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
6.4 (Medium)
Affected products
Recommended
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:containerd-1.2.2-16.14.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:containerd-1.2.2-16.14.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:containerd-1.2.2-16.14.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-18.09.1_ce-98.34.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-18.09.1_ce-98.34.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-18.09.1_ce-98.34.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 6-LTSS:containerd-1.2.2-16.14.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 6-LTSS:docker-18.09.1_ce-98.34.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 6-LTSS:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 6-LTSS:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:containerd-1.2.2-16.14.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:containerd-1.2.2-16.14.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:containerd-1.2.2-16.14.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-18.09.1_ce-98.34.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-18.09.1_ce-98.34.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-18.09.1_ce-98.34.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 6-LTSS:containerd-1.2.2-16.14.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 6-LTSS:docker-18.09.1_ce-98.34.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 6-LTSS:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 6-LTSS:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.8 (Medium)
Affected products
Recommended
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:containerd-1.2.2-16.14.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:containerd-1.2.2-16.14.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:containerd-1.2.2-16.14.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-18.09.1_ce-98.34.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-18.09.1_ce-98.34.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-18.09.1_ce-98.34.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 6-LTSS:containerd-1.2.2-16.14.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 6-LTSS:docker-18.09.1_ce-98.34.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 6-LTSS:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 6-LTSS:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.9 (Medium)
Affected products
Recommended
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:containerd-1.2.2-16.14.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:containerd-1.2.2-16.14.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:containerd-1.2.2-16.14.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-18.09.1_ce-98.34.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-18.09.1_ce-98.34.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-18.09.1_ce-98.34.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 6-LTSS:containerd-1.2.2-16.14.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 6-LTSS:docker-18.09.1_ce-98.34.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 6-LTSS:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 6-LTSS:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:containerd-1.2.2-16.14.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:containerd-1.2.2-16.14.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:containerd-1.2.2-16.14.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-18.09.1_ce-98.34.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-18.09.1_ce-98.34.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-18.09.1_ce-98.34.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 6-LTSS:containerd-1.2.2-16.14.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 6-LTSS:docker-18.09.1_ce-98.34.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 6-LTSS:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 6-LTSS:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
40 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for containerd, docker, docker-runc, golang-github-docker-libnetwork, runc",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for containerd, docker, docker-runc, golang-github-docker-libnetwork, runc fixes the following issues:\n\nSecurity issues fixed:\n\n- CVE-2018-16875: Fixed a CPU Denial of Service (bsc#1118899).\n- CVE-2018-16874: Fixed a vulnerabity in go get command which could allow directory traversal in GOPATH mode (bsc#1118898).\n- CVE-2018-16873: Fixed a vulnerability in go get command which could allow remote code execution when executed with -u in GOPATH mode (bsc#1118897).\n- CVE-2019-5736: Effectively copying /proc/self/exe during re-exec to avoid write attacks to the host runc binary, which could lead to a container\n breakout (bsc#1121967).\n\nOther changes and bug fixes:\n\n- Update shell completion to use Group: System/Shells.\n- Add daemon.json file with rotation logs configuration (bsc#1114832)\n- Update to Docker 18.09.1-ce (bsc#1124308) and to to runc 96ec2177ae84.\n See upstream changelog in the packaged /usr/share/doc/packages/docker/CHANGELOG.md.\n- Disable leap based builds for kubic flavor (bsc#1121412).\n- Allow users to explicitly specify the NIS domain name of a container (bsc#1001161).\n- Update docker.service to match upstream and avoid rlimit problems (bsc#1112980).\n- Update go requirements to \u003e= go1.10 \n- Use -buildmode=pie for tests and binary build (bsc#1048046 and bsc#1051429).\n- Remove the usage of \u0027cp -r\u0027 to reduce noise in the build logs.\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2019-573,SUSE-OpenStack-Cloud-6-LTSS-2019-573,SUSE-SLE-Module-Containers-12-2019-573",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2019_0573-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2019:0573-1",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20190573-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2019:0573-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2019-March/005178.html"
},
{
"category": "self",
"summary": "SUSE Bug 1001161",
"url": "https://bugzilla.suse.com/1001161"
},
{
"category": "self",
"summary": "SUSE Bug 1048046",
"url": "https://bugzilla.suse.com/1048046"
},
{
"category": "self",
"summary": "SUSE Bug 1051429",
"url": "https://bugzilla.suse.com/1051429"
},
{
"category": "self",
"summary": "SUSE Bug 1112980",
"url": "https://bugzilla.suse.com/1112980"
},
{
"category": "self",
"summary": "SUSE Bug 1114832",
"url": "https://bugzilla.suse.com/1114832"
},
{
"category": "self",
"summary": "SUSE Bug 1118897",
"url": "https://bugzilla.suse.com/1118897"
},
{
"category": "self",
"summary": "SUSE Bug 1118898",
"url": "https://bugzilla.suse.com/1118898"
},
{
"category": "self",
"summary": "SUSE Bug 1118899",
"url": "https://bugzilla.suse.com/1118899"
},
{
"category": "self",
"summary": "SUSE Bug 1121412",
"url": "https://bugzilla.suse.com/1121412"
},
{
"category": "self",
"summary": "SUSE Bug 1121967",
"url": "https://bugzilla.suse.com/1121967"
},
{
"category": "self",
"summary": "SUSE Bug 1124308",
"url": "https://bugzilla.suse.com/1124308"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9962 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9962/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16873 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16873/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16874 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16874/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16875 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16875/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-5736 page",
"url": "https://www.suse.com/security/cve/CVE-2019-5736/"
}
],
"title": "Security update for containerd, docker, docker-runc, golang-github-docker-libnetwork, runc",
"tracking": {
"current_release_date": "2019-03-08T12:49:44Z",
"generator": {
"date": "2019-03-08T12:49:44Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2019:0573-1",
"initial_release_date": "2019-03-08T12:49:44Z",
"revision_history": [
{
"date": "2019-03-08T12:49:44Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "containerd-1.2.2-16.14.2.aarch64",
"product": {
"name": "containerd-1.2.2-16.14.2.aarch64",
"product_id": "containerd-1.2.2-16.14.2.aarch64"
}
},
{
"category": "product_version",
"name": "containerd-ctr-1.2.2-16.14.2.aarch64",
"product": {
"name": "containerd-ctr-1.2.2-16.14.2.aarch64",
"product_id": "containerd-ctr-1.2.2-16.14.2.aarch64"
}
},
{
"category": "product_version",
"name": "containerd-kubic-1.2.2-16.14.2.aarch64",
"product": {
"name": "containerd-kubic-1.2.2-16.14.2.aarch64",
"product_id": "containerd-kubic-1.2.2-16.14.2.aarch64"
}
},
{
"category": "product_version",
"name": "containerd-kubic-ctr-1.2.2-16.14.2.aarch64",
"product": {
"name": "containerd-kubic-ctr-1.2.2-16.14.2.aarch64",
"product_id": "containerd-kubic-ctr-1.2.2-16.14.2.aarch64"
}
},
{
"category": "product_version",
"name": "docker-18.09.1_ce-98.34.2.aarch64",
"product": {
"name": "docker-18.09.1_ce-98.34.2.aarch64",
"product_id": "docker-18.09.1_ce-98.34.2.aarch64"
}
},
{
"category": "product_version",
"name": "docker-kubic-18.09.1_ce-98.34.2.aarch64",
"product": {
"name": "docker-kubic-18.09.1_ce-98.34.2.aarch64",
"product_id": "docker-kubic-18.09.1_ce-98.34.2.aarch64"
}
},
{
"category": "product_version",
"name": "docker-kubic-kubeadm-criconfig-18.09.1_ce-98.34.2.aarch64",
"product": {
"name": "docker-kubic-kubeadm-criconfig-18.09.1_ce-98.34.2.aarch64",
"product_id": "docker-kubic-kubeadm-criconfig-18.09.1_ce-98.34.2.aarch64"
}
},
{
"category": "product_version",
"name": "docker-kubic-test-18.09.1_ce-98.34.2.aarch64",
"product": {
"name": "docker-kubic-test-18.09.1_ce-98.34.2.aarch64",
"product_id": "docker-kubic-test-18.09.1_ce-98.34.2.aarch64"
}
},
{
"category": "product_version",
"name": "docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.aarch64",
"product": {
"name": "docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.aarch64",
"product_id": "docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.aarch64"
}
},
{
"category": "product_version",
"name": "docker-libnetwork-kubic-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.aarch64",
"product": {
"name": "docker-libnetwork-kubic-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.aarch64",
"product_id": "docker-libnetwork-kubic-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.aarch64"
}
},
{
"category": "product_version",
"name": "docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.aarch64",
"product": {
"name": "docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.aarch64",
"product_id": "docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.aarch64"
}
},
{
"category": "product_version",
"name": "docker-runc-kubic-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.aarch64",
"product": {
"name": "docker-runc-kubic-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.aarch64",
"product_id": "docker-runc-kubic-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.aarch64"
}
},
{
"category": "product_version",
"name": "docker-test-18.09.1_ce-98.34.2.aarch64",
"product": {
"name": "docker-test-18.09.1_ce-98.34.2.aarch64",
"product_id": "docker-test-18.09.1_ce-98.34.2.aarch64"
}
},
{
"category": "product_version",
"name": "golang-github-docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.aarch64",
"product": {
"name": "golang-github-docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.aarch64",
"product_id": "golang-github-docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.aarch64"
}
},
{
"category": "product_version",
"name": "golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.aarch64",
"product": {
"name": "golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.aarch64",
"product_id": "golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "containerd-1.2.2-16.14.2.i586",
"product": {
"name": "containerd-1.2.2-16.14.2.i586",
"product_id": "containerd-1.2.2-16.14.2.i586"
}
},
{
"category": "product_version",
"name": "containerd-ctr-1.2.2-16.14.2.i586",
"product": {
"name": "containerd-ctr-1.2.2-16.14.2.i586",
"product_id": "containerd-ctr-1.2.2-16.14.2.i586"
}
},
{
"category": "product_version",
"name": "containerd-kubic-1.2.2-16.14.2.i586",
"product": {
"name": "containerd-kubic-1.2.2-16.14.2.i586",
"product_id": "containerd-kubic-1.2.2-16.14.2.i586"
}
},
{
"category": "product_version",
"name": "containerd-kubic-ctr-1.2.2-16.14.2.i586",
"product": {
"name": "containerd-kubic-ctr-1.2.2-16.14.2.i586",
"product_id": "containerd-kubic-ctr-1.2.2-16.14.2.i586"
}
},
{
"category": "product_version",
"name": "docker-18.09.1_ce-98.34.2.i586",
"product": {
"name": "docker-18.09.1_ce-98.34.2.i586",
"product_id": "docker-18.09.1_ce-98.34.2.i586"
}
},
{
"category": "product_version",
"name": "docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.i586",
"product": {
"name": "docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.i586",
"product_id": "docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.i586"
}
},
{
"category": "product_version",
"name": "docker-libnetwork-kubic-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.i586",
"product": {
"name": "docker-libnetwork-kubic-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.i586",
"product_id": "docker-libnetwork-kubic-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.i586"
}
},
{
"category": "product_version",
"name": "docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.i586",
"product": {
"name": "docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.i586",
"product_id": "docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.i586"
}
},
{
"category": "product_version",
"name": "docker-runc-kubic-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.i586",
"product": {
"name": "docker-runc-kubic-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.i586",
"product_id": "docker-runc-kubic-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.i586"
}
},
{
"category": "product_version",
"name": "docker-test-18.09.1_ce-98.34.2.i586",
"product": {
"name": "docker-test-18.09.1_ce-98.34.2.i586",
"product_id": "docker-test-18.09.1_ce-98.34.2.i586"
}
},
{
"category": "product_version",
"name": "golang-github-docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.i586",
"product": {
"name": "golang-github-docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.i586",
"product_id": "golang-github-docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.i586"
}
},
{
"category": "product_version",
"name": "golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.i586",
"product": {
"name": "golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.i586",
"product_id": "golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "containerd-kubic-test-1.2.2-16.14.2.noarch",
"product": {
"name": "containerd-kubic-test-1.2.2-16.14.2.noarch",
"product_id": "containerd-kubic-test-1.2.2-16.14.2.noarch"
}
},
{
"category": "product_version",
"name": "containerd-test-1.2.2-16.14.2.noarch",
"product": {
"name": "containerd-test-1.2.2-16.14.2.noarch",
"product_id": "containerd-test-1.2.2-16.14.2.noarch"
}
},
{
"category": "product_version",
"name": "docker-bash-completion-18.09.1_ce-98.34.2.noarch",
"product": {
"name": "docker-bash-completion-18.09.1_ce-98.34.2.noarch",
"product_id": "docker-bash-completion-18.09.1_ce-98.34.2.noarch"
}
},
{
"category": "product_version",
"name": "docker-kubic-bash-completion-18.09.1_ce-98.34.2.noarch",
"product": {
"name": "docker-kubic-bash-completion-18.09.1_ce-98.34.2.noarch",
"product_id": "docker-kubic-bash-completion-18.09.1_ce-98.34.2.noarch"
}
},
{
"category": "product_version",
"name": "docker-kubic-zsh-completion-18.09.1_ce-98.34.2.noarch",
"product": {
"name": "docker-kubic-zsh-completion-18.09.1_ce-98.34.2.noarch",
"product_id": "docker-kubic-zsh-completion-18.09.1_ce-98.34.2.noarch"
}
},
{
"category": "product_version",
"name": "docker-runc-kubic-test-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.noarch",
"product": {
"name": "docker-runc-kubic-test-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.noarch",
"product_id": "docker-runc-kubic-test-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.noarch"
}
},
{
"category": "product_version",
"name": "docker-runc-test-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.noarch",
"product": {
"name": "docker-runc-test-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.noarch",
"product_id": "docker-runc-test-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.noarch"
}
},
{
"category": "product_version",
"name": "docker-zsh-completion-18.09.1_ce-98.34.2.noarch",
"product": {
"name": "docker-zsh-completion-18.09.1_ce-98.34.2.noarch",
"product_id": "docker-zsh-completion-18.09.1_ce-98.34.2.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "containerd-1.2.2-16.14.2.ppc64le",
"product": {
"name": "containerd-1.2.2-16.14.2.ppc64le",
"product_id": "containerd-1.2.2-16.14.2.ppc64le"
}
},
{
"category": "product_version",
"name": "containerd-ctr-1.2.2-16.14.2.ppc64le",
"product": {
"name": "containerd-ctr-1.2.2-16.14.2.ppc64le",
"product_id": "containerd-ctr-1.2.2-16.14.2.ppc64le"
}
},
{
"category": "product_version",
"name": "containerd-kubic-1.2.2-16.14.2.ppc64le",
"product": {
"name": "containerd-kubic-1.2.2-16.14.2.ppc64le",
"product_id": "containerd-kubic-1.2.2-16.14.2.ppc64le"
}
},
{
"category": "product_version",
"name": "containerd-kubic-ctr-1.2.2-16.14.2.ppc64le",
"product": {
"name": "containerd-kubic-ctr-1.2.2-16.14.2.ppc64le",
"product_id": "containerd-kubic-ctr-1.2.2-16.14.2.ppc64le"
}
},
{
"category": "product_version",
"name": "docker-18.09.1_ce-98.34.2.ppc64le",
"product": {
"name": "docker-18.09.1_ce-98.34.2.ppc64le",
"product_id": "docker-18.09.1_ce-98.34.2.ppc64le"
}
},
{
"category": "product_version",
"name": "docker-kubic-18.09.1_ce-98.34.2.ppc64le",
"product": {
"name": "docker-kubic-18.09.1_ce-98.34.2.ppc64le",
"product_id": "docker-kubic-18.09.1_ce-98.34.2.ppc64le"
}
},
{
"category": "product_version",
"name": "docker-kubic-kubeadm-criconfig-18.09.1_ce-98.34.2.ppc64le",
"product": {
"name": "docker-kubic-kubeadm-criconfig-18.09.1_ce-98.34.2.ppc64le",
"product_id": "docker-kubic-kubeadm-criconfig-18.09.1_ce-98.34.2.ppc64le"
}
},
{
"category": "product_version",
"name": "docker-kubic-test-18.09.1_ce-98.34.2.ppc64le",
"product": {
"name": "docker-kubic-test-18.09.1_ce-98.34.2.ppc64le",
"product_id": "docker-kubic-test-18.09.1_ce-98.34.2.ppc64le"
}
},
{
"category": "product_version",
"name": "docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.ppc64le",
"product": {
"name": "docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.ppc64le",
"product_id": "docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.ppc64le"
}
},
{
"category": "product_version",
"name": "docker-libnetwork-kubic-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.ppc64le",
"product": {
"name": "docker-libnetwork-kubic-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.ppc64le",
"product_id": "docker-libnetwork-kubic-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.ppc64le"
}
},
{
"category": "product_version",
"name": "docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.ppc64le",
"product": {
"name": "docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.ppc64le",
"product_id": "docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.ppc64le"
}
},
{
"category": "product_version",
"name": "docker-runc-kubic-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.ppc64le",
"product": {
"name": "docker-runc-kubic-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.ppc64le",
"product_id": "docker-runc-kubic-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.ppc64le"
}
},
{
"category": "product_version",
"name": "docker-test-18.09.1_ce-98.34.2.ppc64le",
"product": {
"name": "docker-test-18.09.1_ce-98.34.2.ppc64le",
"product_id": "docker-test-18.09.1_ce-98.34.2.ppc64le"
}
},
{
"category": "product_version",
"name": "golang-github-docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.ppc64le",
"product": {
"name": "golang-github-docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.ppc64le",
"product_id": "golang-github-docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.ppc64le"
}
},
{
"category": "product_version",
"name": "golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.ppc64le",
"product": {
"name": "golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.ppc64le",
"product_id": "golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "containerd-1.2.2-16.14.2.s390x",
"product": {
"name": "containerd-1.2.2-16.14.2.s390x",
"product_id": "containerd-1.2.2-16.14.2.s390x"
}
},
{
"category": "product_version",
"name": "containerd-ctr-1.2.2-16.14.2.s390x",
"product": {
"name": "containerd-ctr-1.2.2-16.14.2.s390x",
"product_id": "containerd-ctr-1.2.2-16.14.2.s390x"
}
},
{
"category": "product_version",
"name": "containerd-kubic-1.2.2-16.14.2.s390x",
"product": {
"name": "containerd-kubic-1.2.2-16.14.2.s390x",
"product_id": "containerd-kubic-1.2.2-16.14.2.s390x"
}
},
{
"category": "product_version",
"name": "containerd-kubic-ctr-1.2.2-16.14.2.s390x",
"product": {
"name": "containerd-kubic-ctr-1.2.2-16.14.2.s390x",
"product_id": "containerd-kubic-ctr-1.2.2-16.14.2.s390x"
}
},
{
"category": "product_version",
"name": "docker-18.09.1_ce-98.34.2.s390x",
"product": {
"name": "docker-18.09.1_ce-98.34.2.s390x",
"product_id": "docker-18.09.1_ce-98.34.2.s390x"
}
},
{
"category": "product_version",
"name": "docker-kubic-18.09.1_ce-98.34.2.s390x",
"product": {
"name": "docker-kubic-18.09.1_ce-98.34.2.s390x",
"product_id": "docker-kubic-18.09.1_ce-98.34.2.s390x"
}
},
{
"category": "product_version",
"name": "docker-kubic-kubeadm-criconfig-18.09.1_ce-98.34.2.s390x",
"product": {
"name": "docker-kubic-kubeadm-criconfig-18.09.1_ce-98.34.2.s390x",
"product_id": "docker-kubic-kubeadm-criconfig-18.09.1_ce-98.34.2.s390x"
}
},
{
"category": "product_version",
"name": "docker-kubic-test-18.09.1_ce-98.34.2.s390x",
"product": {
"name": "docker-kubic-test-18.09.1_ce-98.34.2.s390x",
"product_id": "docker-kubic-test-18.09.1_ce-98.34.2.s390x"
}
},
{
"category": "product_version",
"name": "docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.s390x",
"product": {
"name": "docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.s390x",
"product_id": "docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.s390x"
}
},
{
"category": "product_version",
"name": "docker-libnetwork-kubic-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.s390x",
"product": {
"name": "docker-libnetwork-kubic-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.s390x",
"product_id": "docker-libnetwork-kubic-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.s390x"
}
},
{
"category": "product_version",
"name": "docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.s390x",
"product": {
"name": "docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.s390x",
"product_id": "docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.s390x"
}
},
{
"category": "product_version",
"name": "docker-runc-kubic-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.s390x",
"product": {
"name": "docker-runc-kubic-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.s390x",
"product_id": "docker-runc-kubic-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.s390x"
}
},
{
"category": "product_version",
"name": "docker-test-18.09.1_ce-98.34.2.s390x",
"product": {
"name": "docker-test-18.09.1_ce-98.34.2.s390x",
"product_id": "docker-test-18.09.1_ce-98.34.2.s390x"
}
},
{
"category": "product_version",
"name": "golang-github-docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.s390x",
"product": {
"name": "golang-github-docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.s390x",
"product_id": "golang-github-docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.s390x"
}
},
{
"category": "product_version",
"name": "golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.s390x",
"product": {
"name": "golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.s390x",
"product_id": "golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "containerd-1.2.2-16.14.2.x86_64",
"product": {
"name": "containerd-1.2.2-16.14.2.x86_64",
"product_id": "containerd-1.2.2-16.14.2.x86_64"
}
},
{
"category": "product_version",
"name": "containerd-ctr-1.2.2-16.14.2.x86_64",
"product": {
"name": "containerd-ctr-1.2.2-16.14.2.x86_64",
"product_id": "containerd-ctr-1.2.2-16.14.2.x86_64"
}
},
{
"category": "product_version",
"name": "containerd-kubic-1.2.2-16.14.2.x86_64",
"product": {
"name": "containerd-kubic-1.2.2-16.14.2.x86_64",
"product_id": "containerd-kubic-1.2.2-16.14.2.x86_64"
}
},
{
"category": "product_version",
"name": "containerd-kubic-ctr-1.2.2-16.14.2.x86_64",
"product": {
"name": "containerd-kubic-ctr-1.2.2-16.14.2.x86_64",
"product_id": "containerd-kubic-ctr-1.2.2-16.14.2.x86_64"
}
},
{
"category": "product_version",
"name": "docker-18.09.1_ce-98.34.2.x86_64",
"product": {
"name": "docker-18.09.1_ce-98.34.2.x86_64",
"product_id": "docker-18.09.1_ce-98.34.2.x86_64"
}
},
{
"category": "product_version",
"name": "docker-kubic-18.09.1_ce-98.34.2.x86_64",
"product": {
"name": "docker-kubic-18.09.1_ce-98.34.2.x86_64",
"product_id": "docker-kubic-18.09.1_ce-98.34.2.x86_64"
}
},
{
"category": "product_version",
"name": "docker-kubic-kubeadm-criconfig-18.09.1_ce-98.34.2.x86_64",
"product": {
"name": "docker-kubic-kubeadm-criconfig-18.09.1_ce-98.34.2.x86_64",
"product_id": "docker-kubic-kubeadm-criconfig-18.09.1_ce-98.34.2.x86_64"
}
},
{
"category": "product_version",
"name": "docker-kubic-test-18.09.1_ce-98.34.2.x86_64",
"product": {
"name": "docker-kubic-test-18.09.1_ce-98.34.2.x86_64",
"product_id": "docker-kubic-test-18.09.1_ce-98.34.2.x86_64"
}
},
{
"category": "product_version",
"name": "docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.x86_64",
"product": {
"name": "docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.x86_64",
"product_id": "docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.x86_64"
}
},
{
"category": "product_version",
"name": "docker-libnetwork-kubic-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.x86_64",
"product": {
"name": "docker-libnetwork-kubic-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.x86_64",
"product_id": "docker-libnetwork-kubic-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.x86_64"
}
},
{
"category": "product_version",
"name": "docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.x86_64",
"product": {
"name": "docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.x86_64",
"product_id": "docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.x86_64"
}
},
{
"category": "product_version",
"name": "docker-runc-kubic-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.x86_64",
"product": {
"name": "docker-runc-kubic-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.x86_64",
"product_id": "docker-runc-kubic-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.x86_64"
}
},
{
"category": "product_version",
"name": "docker-test-18.09.1_ce-98.34.2.x86_64",
"product": {
"name": "docker-test-18.09.1_ce-98.34.2.x86_64",
"product_id": "docker-test-18.09.1_ce-98.34.2.x86_64"
}
},
{
"category": "product_version",
"name": "golang-github-docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.x86_64",
"product": {
"name": "golang-github-docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.x86_64",
"product_id": "golang-github-docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.x86_64"
}
},
{
"category": "product_version",
"name": "golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.x86_64",
"product": {
"name": "golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.x86_64",
"product_id": "golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE OpenStack Cloud 6-LTSS",
"product": {
"name": "SUSE OpenStack Cloud 6-LTSS",
"product_id": "SUSE OpenStack Cloud 6-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-openstack-cloud-ltss:6"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Containers 12",
"product": {
"name": "SUSE Linux Enterprise Module for Containers 12",
"product_id": "SUSE Linux Enterprise Module for Containers 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-containers:12"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.2.2-16.14.2.x86_64 as component of SUSE OpenStack Cloud 6-LTSS",
"product_id": "SUSE OpenStack Cloud 6-LTSS:containerd-1.2.2-16.14.2.x86_64"
},
"product_reference": "containerd-1.2.2-16.14.2.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-18.09.1_ce-98.34.2.x86_64 as component of SUSE OpenStack Cloud 6-LTSS",
"product_id": "SUSE OpenStack Cloud 6-LTSS:docker-18.09.1_ce-98.34.2.x86_64"
},
"product_reference": "docker-18.09.1_ce-98.34.2.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.x86_64 as component of SUSE OpenStack Cloud 6-LTSS",
"product_id": "SUSE OpenStack Cloud 6-LTSS:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.x86_64"
},
"product_reference": "docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.x86_64 as component of SUSE OpenStack Cloud 6-LTSS",
"product_id": "SUSE OpenStack Cloud 6-LTSS:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.x86_64"
},
"product_reference": "docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.2.2-16.14.2.ppc64le as component of SUSE Linux Enterprise Module for Containers 12",
"product_id": "SUSE Linux Enterprise Module for Containers 12:containerd-1.2.2-16.14.2.ppc64le"
},
"product_reference": "containerd-1.2.2-16.14.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.2.2-16.14.2.s390x as component of SUSE Linux Enterprise Module for Containers 12",
"product_id": "SUSE Linux Enterprise Module for Containers 12:containerd-1.2.2-16.14.2.s390x"
},
"product_reference": "containerd-1.2.2-16.14.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.2.2-16.14.2.x86_64 as component of SUSE Linux Enterprise Module for Containers 12",
"product_id": "SUSE Linux Enterprise Module for Containers 12:containerd-1.2.2-16.14.2.x86_64"
},
"product_reference": "containerd-1.2.2-16.14.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-18.09.1_ce-98.34.2.ppc64le as component of SUSE Linux Enterprise Module for Containers 12",
"product_id": "SUSE Linux Enterprise Module for Containers 12:docker-18.09.1_ce-98.34.2.ppc64le"
},
"product_reference": "docker-18.09.1_ce-98.34.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-18.09.1_ce-98.34.2.s390x as component of SUSE Linux Enterprise Module for Containers 12",
"product_id": "SUSE Linux Enterprise Module for Containers 12:docker-18.09.1_ce-98.34.2.s390x"
},
"product_reference": "docker-18.09.1_ce-98.34.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-18.09.1_ce-98.34.2.x86_64 as component of SUSE Linux Enterprise Module for Containers 12",
"product_id": "SUSE Linux Enterprise Module for Containers 12:docker-18.09.1_ce-98.34.2.x86_64"
},
"product_reference": "docker-18.09.1_ce-98.34.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.ppc64le as component of SUSE Linux Enterprise Module for Containers 12",
"product_id": "SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.ppc64le"
},
"product_reference": "docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.s390x as component of SUSE Linux Enterprise Module for Containers 12",
"product_id": "SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.s390x"
},
"product_reference": "docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.x86_64 as component of SUSE Linux Enterprise Module for Containers 12",
"product_id": "SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.x86_64"
},
"product_reference": "docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.ppc64le as component of SUSE Linux Enterprise Module for Containers 12",
"product_id": "SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.ppc64le"
},
"product_reference": "docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.s390x as component of SUSE Linux Enterprise Module for Containers 12",
"product_id": "SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.s390x"
},
"product_reference": "docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.x86_64 as component of SUSE Linux Enterprise Module for Containers 12",
"product_id": "SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.x86_64"
},
"product_reference": "docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 12"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-9962",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9962"
}
],
"notes": [
{
"category": "general",
"text": "RunC allowed additional container processes via \u0027runc exec\u0027 to be ptraced by the pid 1 of the container. This allows the main processes of the container, if running as root, to gain access to file-descriptors of these new processes during the initialization and can lead to container escapes or modification of runC state before the process is fully placed inside the container.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Containers 12:containerd-1.2.2-16.14.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.2.2-16.14.2.s390x",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.2.2-16.14.2.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-18.09.1_ce-98.34.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-18.09.1_ce-98.34.2.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-18.09.1_ce-98.34.2.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.x86_64",
"SUSE OpenStack Cloud 6-LTSS:containerd-1.2.2-16.14.2.x86_64",
"SUSE OpenStack Cloud 6-LTSS:docker-18.09.1_ce-98.34.2.x86_64",
"SUSE OpenStack Cloud 6-LTSS:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.x86_64",
"SUSE OpenStack Cloud 6-LTSS:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9962",
"url": "https://www.suse.com/security/cve/CVE-2016-9962"
},
{
"category": "external",
"summary": "SUSE Bug 1012568 for CVE-2016-9962",
"url": "https://bugzilla.suse.com/1012568"
},
{
"category": "external",
"summary": "SUSE Bug 1173425 for CVE-2016-9962",
"url": "https://bugzilla.suse.com/1173425"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Containers 12:containerd-1.2.2-16.14.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.2.2-16.14.2.s390x",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.2.2-16.14.2.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-18.09.1_ce-98.34.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-18.09.1_ce-98.34.2.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-18.09.1_ce-98.34.2.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.x86_64",
"SUSE OpenStack Cloud 6-LTSS:containerd-1.2.2-16.14.2.x86_64",
"SUSE OpenStack Cloud 6-LTSS:docker-18.09.1_ce-98.34.2.x86_64",
"SUSE OpenStack Cloud 6-LTSS:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.x86_64",
"SUSE OpenStack Cloud 6-LTSS:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Containers 12:containerd-1.2.2-16.14.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.2.2-16.14.2.s390x",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.2.2-16.14.2.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-18.09.1_ce-98.34.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-18.09.1_ce-98.34.2.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-18.09.1_ce-98.34.2.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.x86_64",
"SUSE OpenStack Cloud 6-LTSS:containerd-1.2.2-16.14.2.x86_64",
"SUSE OpenStack Cloud 6-LTSS:docker-18.09.1_ce-98.34.2.x86_64",
"SUSE OpenStack Cloud 6-LTSS:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.x86_64",
"SUSE OpenStack Cloud 6-LTSS:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-03-08T12:49:44Z",
"details": "moderate"
}
],
"title": "CVE-2016-9962"
},
{
"cve": "CVE-2018-16873",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16873"
}
],
"notes": [
{
"category": "general",
"text": "In Go before 1.10.6 and 1.11.x before 1.11.3, the \"go get\" command is vulnerable to remote code execution when executed with the -u flag and the import path of a malicious Go package, or a package that imports it directly or indirectly. Specifically, it is only vulnerable in GOPATH mode, but not in module mode (the distinction is documented at https://golang.org/cmd/go/#hdr-Module_aware_go_get). Using custom domains, it\u0027s possible to arrange things so that a Git repository is cloned to a folder named \".git\" by using a vanity import path that ends with \"/.git\". If the Git repository root contains a \"HEAD\" file, a \"config\" file, an \"objects\" directory, a \"refs\" directory, with some work to ensure the proper ordering of operations, \"go get -u\" can be tricked into considering the parent directory as a repository root, and running Git commands on it. That will use the \"config\" file in the original Git repository root for its configuration, and if that config file contains malicious commands, they will execute on the system running \"go get -u\".",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Containers 12:containerd-1.2.2-16.14.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.2.2-16.14.2.s390x",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.2.2-16.14.2.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-18.09.1_ce-98.34.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-18.09.1_ce-98.34.2.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-18.09.1_ce-98.34.2.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.x86_64",
"SUSE OpenStack Cloud 6-LTSS:containerd-1.2.2-16.14.2.x86_64",
"SUSE OpenStack Cloud 6-LTSS:docker-18.09.1_ce-98.34.2.x86_64",
"SUSE OpenStack Cloud 6-LTSS:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.x86_64",
"SUSE OpenStack Cloud 6-LTSS:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16873",
"url": "https://www.suse.com/security/cve/CVE-2018-16873"
},
{
"category": "external",
"summary": "SUSE Bug 1118897 for CVE-2018-16873",
"url": "https://bugzilla.suse.com/1118897"
},
{
"category": "external",
"summary": "SUSE Bug 1118898 for CVE-2018-16873",
"url": "https://bugzilla.suse.com/1118898"
},
{
"category": "external",
"summary": "SUSE Bug 1118899 for CVE-2018-16873",
"url": "https://bugzilla.suse.com/1118899"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Containers 12:containerd-1.2.2-16.14.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.2.2-16.14.2.s390x",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.2.2-16.14.2.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-18.09.1_ce-98.34.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-18.09.1_ce-98.34.2.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-18.09.1_ce-98.34.2.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.x86_64",
"SUSE OpenStack Cloud 6-LTSS:containerd-1.2.2-16.14.2.x86_64",
"SUSE OpenStack Cloud 6-LTSS:docker-18.09.1_ce-98.34.2.x86_64",
"SUSE OpenStack Cloud 6-LTSS:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.x86_64",
"SUSE OpenStack Cloud 6-LTSS:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Containers 12:containerd-1.2.2-16.14.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.2.2-16.14.2.s390x",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.2.2-16.14.2.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-18.09.1_ce-98.34.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-18.09.1_ce-98.34.2.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-18.09.1_ce-98.34.2.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.x86_64",
"SUSE OpenStack Cloud 6-LTSS:containerd-1.2.2-16.14.2.x86_64",
"SUSE OpenStack Cloud 6-LTSS:docker-18.09.1_ce-98.34.2.x86_64",
"SUSE OpenStack Cloud 6-LTSS:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.x86_64",
"SUSE OpenStack Cloud 6-LTSS:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-03-08T12:49:44Z",
"details": "important"
}
],
"title": "CVE-2018-16873"
},
{
"cve": "CVE-2018-16874",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16874"
}
],
"notes": [
{
"category": "general",
"text": "In Go before 1.10.6 and 1.11.x before 1.11.3, the \"go get\" command is vulnerable to directory traversal when executed with the import path of a malicious Go package which contains curly braces (both \u0027{\u0027 and \u0027}\u0027 characters). Specifically, it is only vulnerable in GOPATH mode, but not in module mode (the distinction is documented at https://golang.org/cmd/go/#hdr-Module_aware_go_get). The attacker can cause an arbitrary filesystem write, which can lead to code execution.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Containers 12:containerd-1.2.2-16.14.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.2.2-16.14.2.s390x",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.2.2-16.14.2.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-18.09.1_ce-98.34.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-18.09.1_ce-98.34.2.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-18.09.1_ce-98.34.2.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.x86_64",
"SUSE OpenStack Cloud 6-LTSS:containerd-1.2.2-16.14.2.x86_64",
"SUSE OpenStack Cloud 6-LTSS:docker-18.09.1_ce-98.34.2.x86_64",
"SUSE OpenStack Cloud 6-LTSS:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.x86_64",
"SUSE OpenStack Cloud 6-LTSS:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16874",
"url": "https://www.suse.com/security/cve/CVE-2018-16874"
},
{
"category": "external",
"summary": "SUSE Bug 1118897 for CVE-2018-16874",
"url": "https://bugzilla.suse.com/1118897"
},
{
"category": "external",
"summary": "SUSE Bug 1118898 for CVE-2018-16874",
"url": "https://bugzilla.suse.com/1118898"
},
{
"category": "external",
"summary": "SUSE Bug 1118899 for CVE-2018-16874",
"url": "https://bugzilla.suse.com/1118899"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Containers 12:containerd-1.2.2-16.14.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.2.2-16.14.2.s390x",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.2.2-16.14.2.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-18.09.1_ce-98.34.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-18.09.1_ce-98.34.2.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-18.09.1_ce-98.34.2.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.x86_64",
"SUSE OpenStack Cloud 6-LTSS:containerd-1.2.2-16.14.2.x86_64",
"SUSE OpenStack Cloud 6-LTSS:docker-18.09.1_ce-98.34.2.x86_64",
"SUSE OpenStack Cloud 6-LTSS:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.x86_64",
"SUSE OpenStack Cloud 6-LTSS:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Containers 12:containerd-1.2.2-16.14.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.2.2-16.14.2.s390x",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.2.2-16.14.2.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-18.09.1_ce-98.34.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-18.09.1_ce-98.34.2.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-18.09.1_ce-98.34.2.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.x86_64",
"SUSE OpenStack Cloud 6-LTSS:containerd-1.2.2-16.14.2.x86_64",
"SUSE OpenStack Cloud 6-LTSS:docker-18.09.1_ce-98.34.2.x86_64",
"SUSE OpenStack Cloud 6-LTSS:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.x86_64",
"SUSE OpenStack Cloud 6-LTSS:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-03-08T12:49:44Z",
"details": "moderate"
}
],
"title": "CVE-2018-16874"
},
{
"cve": "CVE-2018-16875",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16875"
}
],
"notes": [
{
"category": "general",
"text": "The crypto/x509 package of Go before 1.10.6 and 1.11.x before 1.11.3 does not limit the amount of work performed for each chain verification, which might allow attackers to craft pathological inputs leading to a CPU denial of service. Go TLS servers accepting client certificates and TLS clients are affected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Containers 12:containerd-1.2.2-16.14.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.2.2-16.14.2.s390x",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.2.2-16.14.2.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-18.09.1_ce-98.34.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-18.09.1_ce-98.34.2.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-18.09.1_ce-98.34.2.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.x86_64",
"SUSE OpenStack Cloud 6-LTSS:containerd-1.2.2-16.14.2.x86_64",
"SUSE OpenStack Cloud 6-LTSS:docker-18.09.1_ce-98.34.2.x86_64",
"SUSE OpenStack Cloud 6-LTSS:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.x86_64",
"SUSE OpenStack Cloud 6-LTSS:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16875",
"url": "https://www.suse.com/security/cve/CVE-2018-16875"
},
{
"category": "external",
"summary": "SUSE Bug 1118897 for CVE-2018-16875",
"url": "https://bugzilla.suse.com/1118897"
},
{
"category": "external",
"summary": "SUSE Bug 1118898 for CVE-2018-16875",
"url": "https://bugzilla.suse.com/1118898"
},
{
"category": "external",
"summary": "SUSE Bug 1118899 for CVE-2018-16875",
"url": "https://bugzilla.suse.com/1118899"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Containers 12:containerd-1.2.2-16.14.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.2.2-16.14.2.s390x",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.2.2-16.14.2.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-18.09.1_ce-98.34.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-18.09.1_ce-98.34.2.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-18.09.1_ce-98.34.2.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.x86_64",
"SUSE OpenStack Cloud 6-LTSS:containerd-1.2.2-16.14.2.x86_64",
"SUSE OpenStack Cloud 6-LTSS:docker-18.09.1_ce-98.34.2.x86_64",
"SUSE OpenStack Cloud 6-LTSS:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.x86_64",
"SUSE OpenStack Cloud 6-LTSS:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Containers 12:containerd-1.2.2-16.14.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.2.2-16.14.2.s390x",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.2.2-16.14.2.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-18.09.1_ce-98.34.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-18.09.1_ce-98.34.2.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-18.09.1_ce-98.34.2.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.x86_64",
"SUSE OpenStack Cloud 6-LTSS:containerd-1.2.2-16.14.2.x86_64",
"SUSE OpenStack Cloud 6-LTSS:docker-18.09.1_ce-98.34.2.x86_64",
"SUSE OpenStack Cloud 6-LTSS:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.x86_64",
"SUSE OpenStack Cloud 6-LTSS:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-03-08T12:49:44Z",
"details": "moderate"
}
],
"title": "CVE-2018-16875"
},
{
"cve": "CVE-2019-5736",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-5736"
}
],
"notes": [
{
"category": "general",
"text": "runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers: (1) a new container with an attacker-controlled image, or (2) an existing container, to which the attacker previously had write access, that can be attached with docker exec. This occurs because of file-descriptor mishandling, related to /proc/self/exe.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Containers 12:containerd-1.2.2-16.14.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.2.2-16.14.2.s390x",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.2.2-16.14.2.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-18.09.1_ce-98.34.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-18.09.1_ce-98.34.2.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-18.09.1_ce-98.34.2.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.x86_64",
"SUSE OpenStack Cloud 6-LTSS:containerd-1.2.2-16.14.2.x86_64",
"SUSE OpenStack Cloud 6-LTSS:docker-18.09.1_ce-98.34.2.x86_64",
"SUSE OpenStack Cloud 6-LTSS:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.x86_64",
"SUSE OpenStack Cloud 6-LTSS:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-5736",
"url": "https://www.suse.com/security/cve/CVE-2019-5736"
},
{
"category": "external",
"summary": "SUSE Bug 1121967 for CVE-2019-5736",
"url": "https://bugzilla.suse.com/1121967"
},
{
"category": "external",
"summary": "SUSE Bug 1122185 for CVE-2019-5736",
"url": "https://bugzilla.suse.com/1122185"
},
{
"category": "external",
"summary": "SUSE Bug 1173421 for CVE-2019-5736",
"url": "https://bugzilla.suse.com/1173421"
},
{
"category": "external",
"summary": "SUSE Bug 1218894 for CVE-2019-5736",
"url": "https://bugzilla.suse.com/1218894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Containers 12:containerd-1.2.2-16.14.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.2.2-16.14.2.s390x",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.2.2-16.14.2.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-18.09.1_ce-98.34.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-18.09.1_ce-98.34.2.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-18.09.1_ce-98.34.2.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.x86_64",
"SUSE OpenStack Cloud 6-LTSS:containerd-1.2.2-16.14.2.x86_64",
"SUSE OpenStack Cloud 6-LTSS:docker-18.09.1_ce-98.34.2.x86_64",
"SUSE OpenStack Cloud 6-LTSS:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.x86_64",
"SUSE OpenStack Cloud 6-LTSS:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Containers 12:containerd-1.2.2-16.14.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.2.2-16.14.2.s390x",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.2.2-16.14.2.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-18.09.1_ce-98.34.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-18.09.1_ce-98.34.2.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-18.09.1_ce-98.34.2.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.x86_64",
"SUSE OpenStack Cloud 6-LTSS:containerd-1.2.2-16.14.2.x86_64",
"SUSE OpenStack Cloud 6-LTSS:docker-18.09.1_ce-98.34.2.x86_64",
"SUSE OpenStack Cloud 6-LTSS:docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-16.2.x86_64",
"SUSE OpenStack Cloud 6-LTSS:docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-1.17.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-03-08T12:49:44Z",
"details": "moderate"
}
],
"title": "CVE-2019-5736"
}
]
}
SUSE-SU-2019:1234-1
Vulnerability from csaf_suse - Published: 2019-05-14 16:31 - Updated: 2019-05-14 16:31Summary
Security update for containerd, docker, docker-runc, go, go1.11, go1.12, golang-github-docker-libnetwork
Severity
Important
Notes
Title of the patch: Security update for containerd, docker, docker-runc, go, go1.11, go1.12, golang-github-docker-libnetwork
Description of the patch: This update for containerd, docker, docker-runc, go, go1.11, go1.12, golang-github-docker-libnetwork fixes the following issues:
Security issues fixed:
- CVE-2019-5736: containerd: Fixing container breakout vulnerability (bsc#1121967).
- CVE-2019-6486: go security release, fixing crypto/elliptic CPU DoS vulnerability affecting P-521 and P-384 (bsc#1123013).
- CVE-2018-16873: go secuirty release, fixing cmd/go remote command execution (bsc#1118897).
- CVE-2018-16874: go security release, fixing cmd/go directory traversal (bsc#1118898).
- CVE-2018-16875: go security release, fixing crypto/x509 CPU denial of service (bsc#1118899).
Other changes and bug fixes:
- Update to containerd v1.2.5, which is required for v18.09.5-ce (bsc#1128376, bsc#1134068).
- Update to runc 2b18fe1d885e, which is required for Docker v18.09.5-ce (bsc#1128376, bsc#1134068).
- Update to Docker 18.09.5-ce see upstream changelog in the packaged (bsc#1128376, bsc#1134068).
- docker-test: Improvements to test packaging (bsc#1128746).
- Move daemon.json file to /etc/docker directory (bsc#1114832).
- Revert golang(API) removal since it turns out this breaks >= requires in certain cases (bsc#1114209).
- Fix go build failures (bsc#1121397).
Patchnames: SUSE-2019-1234,SUSE-SLE-Module-Containers-15-2019-1234,SUSE-SLE-Module-Development-Tools-OBS-15-2019-1234
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.5 (High)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:containerd-1.2.5-5.13.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:containerd-1.2.5-5.13.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:containerd-1.2.5-5.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-18.09.6_ce-6.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-18.09.6_ce-6.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-18.09.6_ce-6.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-bash-completion-18.09.6_ce-6.17.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.8 (Medium)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:containerd-1.2.5-5.13.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:containerd-1.2.5-5.13.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:containerd-1.2.5-5.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-18.09.6_ce-6.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-18.09.6_ce-6.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-18.09.6_ce-6.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-bash-completion-18.09.6_ce-6.17.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.9 (Medium)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:containerd-1.2.5-5.13.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:containerd-1.2.5-5.13.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:containerd-1.2.5-5.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-18.09.6_ce-6.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-18.09.6_ce-6.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-18.09.6_ce-6.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-bash-completion-18.09.6_ce-6.17.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:containerd-1.2.5-5.13.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:containerd-1.2.5-5.13.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:containerd-1.2.5-5.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-18.09.6_ce-6.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-18.09.6_ce-6.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-18.09.6_ce-6.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-bash-completion-18.09.6_ce-6.17.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:containerd-1.2.5-5.13.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:containerd-1.2.5-5.13.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:containerd-1.2.5-5.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-18.09.6_ce-6.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-18.09.6_ce-6.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-18.09.6_ce-6.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-bash-completion-18.09.6_ce-6.17.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
References
39 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for containerd, docker, docker-runc, go, go1.11, go1.12, golang-github-docker-libnetwork",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for containerd, docker, docker-runc, go, go1.11, go1.12, golang-github-docker-libnetwork fixes the following issues:\n\nSecurity issues fixed:\n\n- CVE-2019-5736: containerd: Fixing container breakout vulnerability (bsc#1121967).\n- CVE-2019-6486: go security release, fixing crypto/elliptic CPU DoS vulnerability affecting P-521 and P-384 (bsc#1123013).\n- CVE-2018-16873: go secuirty release, fixing cmd/go remote command execution (bsc#1118897).\n- CVE-2018-16874: go security release, fixing cmd/go directory traversal (bsc#1118898).\n- CVE-2018-16875: go security release, fixing crypto/x509 CPU denial of service (bsc#1118899).\n\nOther changes and bug fixes:\n\n- Update to containerd v1.2.5, which is required for v18.09.5-ce (bsc#1128376, bsc#1134068).\n- Update to runc 2b18fe1d885e, which is required for Docker v18.09.5-ce (bsc#1128376, bsc#1134068).\n- Update to Docker 18.09.5-ce see upstream changelog in the packaged (bsc#1128376, bsc#1134068).\n- docker-test: Improvements to test packaging (bsc#1128746).\n- Move daemon.json file to /etc/docker directory (bsc#1114832).\n- Revert golang(API) removal since it turns out this breaks \u003e= requires in certain cases (bsc#1114209).\n- Fix go build failures (bsc#1121397).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2019-1234,SUSE-SLE-Module-Containers-15-2019-1234,SUSE-SLE-Module-Development-Tools-OBS-15-2019-1234",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2019_1234-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2019:1234-1",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20191234-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2019:1234-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2019-May/005452.html"
},
{
"category": "self",
"summary": "SUSE Bug 1114209",
"url": "https://bugzilla.suse.com/1114209"
},
{
"category": "self",
"summary": "SUSE Bug 1114832",
"url": "https://bugzilla.suse.com/1114832"
},
{
"category": "self",
"summary": "SUSE Bug 1118897",
"url": "https://bugzilla.suse.com/1118897"
},
{
"category": "self",
"summary": "SUSE Bug 1118898",
"url": "https://bugzilla.suse.com/1118898"
},
{
"category": "self",
"summary": "SUSE Bug 1118899",
"url": "https://bugzilla.suse.com/1118899"
},
{
"category": "self",
"summary": "SUSE Bug 1121397",
"url": "https://bugzilla.suse.com/1121397"
},
{
"category": "self",
"summary": "SUSE Bug 1121967",
"url": "https://bugzilla.suse.com/1121967"
},
{
"category": "self",
"summary": "SUSE Bug 1123013",
"url": "https://bugzilla.suse.com/1123013"
},
{
"category": "self",
"summary": "SUSE Bug 1128376",
"url": "https://bugzilla.suse.com/1128376"
},
{
"category": "self",
"summary": "SUSE Bug 1128746",
"url": "https://bugzilla.suse.com/1128746"
},
{
"category": "self",
"summary": "SUSE Bug 1134068",
"url": "https://bugzilla.suse.com/1134068"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16873 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16873/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16874 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16874/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16875 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16875/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-5736 page",
"url": "https://www.suse.com/security/cve/CVE-2019-5736/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-6486 page",
"url": "https://www.suse.com/security/cve/CVE-2019-6486/"
}
],
"title": "Security update for containerd, docker, docker-runc, go, go1.11, go1.12, golang-github-docker-libnetwork",
"tracking": {
"current_release_date": "2019-05-14T16:31:56Z",
"generator": {
"date": "2019-05-14T16:31:56Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2019:1234-1",
"initial_release_date": "2019-05-14T16:31:56Z",
"revision_history": [
{
"date": "2019-05-14T16:31:56Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "containerd-1.2.5-5.13.1.aarch64",
"product": {
"name": "containerd-1.2.5-5.13.1.aarch64",
"product_id": "containerd-1.2.5-5.13.1.aarch64"
}
},
{
"category": "product_version",
"name": "containerd-ctr-1.2.5-5.13.1.aarch64",
"product": {
"name": "containerd-ctr-1.2.5-5.13.1.aarch64",
"product_id": "containerd-ctr-1.2.5-5.13.1.aarch64"
}
},
{
"category": "product_version",
"name": "containerd-kubic-1.2.5-5.13.1.aarch64",
"product": {
"name": "containerd-kubic-1.2.5-5.13.1.aarch64",
"product_id": "containerd-kubic-1.2.5-5.13.1.aarch64"
}
},
{
"category": "product_version",
"name": "containerd-kubic-ctr-1.2.5-5.13.1.aarch64",
"product": {
"name": "containerd-kubic-ctr-1.2.5-5.13.1.aarch64",
"product_id": "containerd-kubic-ctr-1.2.5-5.13.1.aarch64"
}
},
{
"category": "product_version",
"name": "docker-18.09.6_ce-6.17.1.aarch64",
"product": {
"name": "docker-18.09.6_ce-6.17.1.aarch64",
"product_id": "docker-18.09.6_ce-6.17.1.aarch64"
}
},
{
"category": "product_version",
"name": "docker-kubic-18.09.6_ce-6.17.1.aarch64",
"product": {
"name": "docker-kubic-18.09.6_ce-6.17.1.aarch64",
"product_id": "docker-kubic-18.09.6_ce-6.17.1.aarch64"
}
},
{
"category": "product_version",
"name": "docker-kubic-kubeadm-criconfig-18.09.6_ce-6.17.1.aarch64",
"product": {
"name": "docker-kubic-kubeadm-criconfig-18.09.6_ce-6.17.1.aarch64",
"product_id": "docker-kubic-kubeadm-criconfig-18.09.6_ce-6.17.1.aarch64"
}
},
{
"category": "product_version",
"name": "docker-kubic-test-18.09.6_ce-6.17.1.aarch64",
"product": {
"name": "docker-kubic-test-18.09.6_ce-6.17.1.aarch64",
"product_id": "docker-kubic-test-18.09.6_ce-6.17.1.aarch64"
}
},
{
"category": "product_version",
"name": "docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.aarch64",
"product": {
"name": "docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.aarch64",
"product_id": "docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.aarch64"
}
},
{
"category": "product_version",
"name": "docker-libnetwork-kubic-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.aarch64",
"product": {
"name": "docker-libnetwork-kubic-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.aarch64",
"product_id": "docker-libnetwork-kubic-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.aarch64"
}
},
{
"category": "product_version",
"name": "docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.aarch64",
"product": {
"name": "docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.aarch64",
"product_id": "docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.aarch64"
}
},
{
"category": "product_version",
"name": "docker-runc-kubic-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.aarch64",
"product": {
"name": "docker-runc-kubic-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.aarch64",
"product_id": "docker-runc-kubic-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.aarch64"
}
},
{
"category": "product_version",
"name": "docker-test-18.09.6_ce-6.17.1.aarch64",
"product": {
"name": "docker-test-18.09.6_ce-6.17.1.aarch64",
"product_id": "docker-test-18.09.6_ce-6.17.1.aarch64"
}
},
{
"category": "product_version",
"name": "go-1.12-3.10.1.aarch64",
"product": {
"name": "go-1.12-3.10.1.aarch64",
"product_id": "go-1.12-3.10.1.aarch64"
}
},
{
"category": "product_version",
"name": "go-doc-1.12-3.10.1.aarch64",
"product": {
"name": "go-doc-1.12-3.10.1.aarch64",
"product_id": "go-doc-1.12-3.10.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.11-1.11.9-1.12.1.aarch64",
"product": {
"name": "go1.11-1.11.9-1.12.1.aarch64",
"product_id": "go1.11-1.11.9-1.12.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.11-doc-1.11.9-1.12.1.aarch64",
"product": {
"name": "go1.11-doc-1.11.9-1.12.1.aarch64",
"product_id": "go1.11-doc-1.11.9-1.12.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.12-1.12.4-1.9.1.aarch64",
"product": {
"name": "go1.12-1.12.4-1.9.1.aarch64",
"product_id": "go1.12-1.12.4-1.9.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.12-doc-1.12.4-1.9.1.aarch64",
"product": {
"name": "go1.12-doc-1.12.4-1.9.1.aarch64",
"product_id": "go1.12-doc-1.12.4-1.9.1.aarch64"
}
},
{
"category": "product_version",
"name": "golang-github-docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.aarch64",
"product": {
"name": "golang-github-docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.aarch64",
"product_id": "golang-github-docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.aarch64"
}
},
{
"category": "product_version",
"name": "golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.aarch64",
"product": {
"name": "golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.aarch64",
"product_id": "golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "containerd-1.2.5-5.13.1.i586",
"product": {
"name": "containerd-1.2.5-5.13.1.i586",
"product_id": "containerd-1.2.5-5.13.1.i586"
}
},
{
"category": "product_version",
"name": "containerd-ctr-1.2.5-5.13.1.i586",
"product": {
"name": "containerd-ctr-1.2.5-5.13.1.i586",
"product_id": "containerd-ctr-1.2.5-5.13.1.i586"
}
},
{
"category": "product_version",
"name": "containerd-kubic-1.2.5-5.13.1.i586",
"product": {
"name": "containerd-kubic-1.2.5-5.13.1.i586",
"product_id": "containerd-kubic-1.2.5-5.13.1.i586"
}
},
{
"category": "product_version",
"name": "containerd-kubic-ctr-1.2.5-5.13.1.i586",
"product": {
"name": "containerd-kubic-ctr-1.2.5-5.13.1.i586",
"product_id": "containerd-kubic-ctr-1.2.5-5.13.1.i586"
}
},
{
"category": "product_version",
"name": "docker-18.09.6_ce-6.17.1.i586",
"product": {
"name": "docker-18.09.6_ce-6.17.1.i586",
"product_id": "docker-18.09.6_ce-6.17.1.i586"
}
},
{
"category": "product_version",
"name": "docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.i586",
"product": {
"name": "docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.i586",
"product_id": "docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.i586"
}
},
{
"category": "product_version",
"name": "docker-libnetwork-kubic-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.i586",
"product": {
"name": "docker-libnetwork-kubic-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.i586",
"product_id": "docker-libnetwork-kubic-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.i586"
}
},
{
"category": "product_version",
"name": "docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.i586",
"product": {
"name": "docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.i586",
"product_id": "docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.i586"
}
},
{
"category": "product_version",
"name": "docker-runc-kubic-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.i586",
"product": {
"name": "docker-runc-kubic-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.i586",
"product_id": "docker-runc-kubic-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.i586"
}
},
{
"category": "product_version",
"name": "docker-test-18.09.6_ce-6.17.1.i586",
"product": {
"name": "docker-test-18.09.6_ce-6.17.1.i586",
"product_id": "docker-test-18.09.6_ce-6.17.1.i586"
}
},
{
"category": "product_version",
"name": "go-1.12-3.10.1.i586",
"product": {
"name": "go-1.12-3.10.1.i586",
"product_id": "go-1.12-3.10.1.i586"
}
},
{
"category": "product_version",
"name": "go-doc-1.12-3.10.1.i586",
"product": {
"name": "go-doc-1.12-3.10.1.i586",
"product_id": "go-doc-1.12-3.10.1.i586"
}
},
{
"category": "product_version",
"name": "go1.11-1.11.9-1.12.1.i586",
"product": {
"name": "go1.11-1.11.9-1.12.1.i586",
"product_id": "go1.11-1.11.9-1.12.1.i586"
}
},
{
"category": "product_version",
"name": "go1.11-doc-1.11.9-1.12.1.i586",
"product": {
"name": "go1.11-doc-1.11.9-1.12.1.i586",
"product_id": "go1.11-doc-1.11.9-1.12.1.i586"
}
},
{
"category": "product_version",
"name": "go1.12-1.12.4-1.9.1.i586",
"product": {
"name": "go1.12-1.12.4-1.9.1.i586",
"product_id": "go1.12-1.12.4-1.9.1.i586"
}
},
{
"category": "product_version",
"name": "go1.12-doc-1.12.4-1.9.1.i586",
"product": {
"name": "go1.12-doc-1.12.4-1.9.1.i586",
"product_id": "go1.12-doc-1.12.4-1.9.1.i586"
}
},
{
"category": "product_version",
"name": "golang-github-docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.i586",
"product": {
"name": "golang-github-docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.i586",
"product_id": "golang-github-docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.i586"
}
},
{
"category": "product_version",
"name": "golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.i586",
"product": {
"name": "golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.i586",
"product_id": "golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "containerd-kubic-test-1.2.5-5.13.1.noarch",
"product": {
"name": "containerd-kubic-test-1.2.5-5.13.1.noarch",
"product_id": "containerd-kubic-test-1.2.5-5.13.1.noarch"
}
},
{
"category": "product_version",
"name": "containerd-test-1.2.5-5.13.1.noarch",
"product": {
"name": "containerd-test-1.2.5-5.13.1.noarch",
"product_id": "containerd-test-1.2.5-5.13.1.noarch"
}
},
{
"category": "product_version",
"name": "docker-bash-completion-18.09.6_ce-6.17.1.noarch",
"product": {
"name": "docker-bash-completion-18.09.6_ce-6.17.1.noarch",
"product_id": "docker-bash-completion-18.09.6_ce-6.17.1.noarch"
}
},
{
"category": "product_version",
"name": "docker-kubic-bash-completion-18.09.6_ce-6.17.1.noarch",
"product": {
"name": "docker-kubic-bash-completion-18.09.6_ce-6.17.1.noarch",
"product_id": "docker-kubic-bash-completion-18.09.6_ce-6.17.1.noarch"
}
},
{
"category": "product_version",
"name": "docker-kubic-zsh-completion-18.09.6_ce-6.17.1.noarch",
"product": {
"name": "docker-kubic-zsh-completion-18.09.6_ce-6.17.1.noarch",
"product_id": "docker-kubic-zsh-completion-18.09.6_ce-6.17.1.noarch"
}
},
{
"category": "product_version",
"name": "docker-runc-kubic-test-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.noarch",
"product": {
"name": "docker-runc-kubic-test-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.noarch",
"product_id": "docker-runc-kubic-test-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.noarch"
}
},
{
"category": "product_version",
"name": "docker-runc-test-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.noarch",
"product": {
"name": "docker-runc-test-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.noarch",
"product_id": "docker-runc-test-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.noarch"
}
},
{
"category": "product_version",
"name": "docker-zsh-completion-18.09.6_ce-6.17.1.noarch",
"product": {
"name": "docker-zsh-completion-18.09.6_ce-6.17.1.noarch",
"product_id": "docker-zsh-completion-18.09.6_ce-6.17.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "containerd-1.2.5-5.13.1.ppc64le",
"product": {
"name": "containerd-1.2.5-5.13.1.ppc64le",
"product_id": "containerd-1.2.5-5.13.1.ppc64le"
}
},
{
"category": "product_version",
"name": "containerd-ctr-1.2.5-5.13.1.ppc64le",
"product": {
"name": "containerd-ctr-1.2.5-5.13.1.ppc64le",
"product_id": "containerd-ctr-1.2.5-5.13.1.ppc64le"
}
},
{
"category": "product_version",
"name": "containerd-kubic-1.2.5-5.13.1.ppc64le",
"product": {
"name": "containerd-kubic-1.2.5-5.13.1.ppc64le",
"product_id": "containerd-kubic-1.2.5-5.13.1.ppc64le"
}
},
{
"category": "product_version",
"name": "containerd-kubic-ctr-1.2.5-5.13.1.ppc64le",
"product": {
"name": "containerd-kubic-ctr-1.2.5-5.13.1.ppc64le",
"product_id": "containerd-kubic-ctr-1.2.5-5.13.1.ppc64le"
}
},
{
"category": "product_version",
"name": "docker-18.09.6_ce-6.17.1.ppc64le",
"product": {
"name": "docker-18.09.6_ce-6.17.1.ppc64le",
"product_id": "docker-18.09.6_ce-6.17.1.ppc64le"
}
},
{
"category": "product_version",
"name": "docker-kubic-18.09.6_ce-6.17.1.ppc64le",
"product": {
"name": "docker-kubic-18.09.6_ce-6.17.1.ppc64le",
"product_id": "docker-kubic-18.09.6_ce-6.17.1.ppc64le"
}
},
{
"category": "product_version",
"name": "docker-kubic-kubeadm-criconfig-18.09.6_ce-6.17.1.ppc64le",
"product": {
"name": "docker-kubic-kubeadm-criconfig-18.09.6_ce-6.17.1.ppc64le",
"product_id": "docker-kubic-kubeadm-criconfig-18.09.6_ce-6.17.1.ppc64le"
}
},
{
"category": "product_version",
"name": "docker-kubic-test-18.09.6_ce-6.17.1.ppc64le",
"product": {
"name": "docker-kubic-test-18.09.6_ce-6.17.1.ppc64le",
"product_id": "docker-kubic-test-18.09.6_ce-6.17.1.ppc64le"
}
},
{
"category": "product_version",
"name": "docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.ppc64le",
"product": {
"name": "docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.ppc64le",
"product_id": "docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.ppc64le"
}
},
{
"category": "product_version",
"name": "docker-libnetwork-kubic-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.ppc64le",
"product": {
"name": "docker-libnetwork-kubic-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.ppc64le",
"product_id": "docker-libnetwork-kubic-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.ppc64le"
}
},
{
"category": "product_version",
"name": "docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.ppc64le",
"product": {
"name": "docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.ppc64le",
"product_id": "docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.ppc64le"
}
},
{
"category": "product_version",
"name": "docker-runc-kubic-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.ppc64le",
"product": {
"name": "docker-runc-kubic-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.ppc64le",
"product_id": "docker-runc-kubic-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.ppc64le"
}
},
{
"category": "product_version",
"name": "docker-test-18.09.6_ce-6.17.1.ppc64le",
"product": {
"name": "docker-test-18.09.6_ce-6.17.1.ppc64le",
"product_id": "docker-test-18.09.6_ce-6.17.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go-1.12-3.10.1.ppc64le",
"product": {
"name": "go-1.12-3.10.1.ppc64le",
"product_id": "go-1.12-3.10.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go-doc-1.12-3.10.1.ppc64le",
"product": {
"name": "go-doc-1.12-3.10.1.ppc64le",
"product_id": "go-doc-1.12-3.10.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.11-1.11.9-1.12.1.ppc64le",
"product": {
"name": "go1.11-1.11.9-1.12.1.ppc64le",
"product_id": "go1.11-1.11.9-1.12.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.11-doc-1.11.9-1.12.1.ppc64le",
"product": {
"name": "go1.11-doc-1.11.9-1.12.1.ppc64le",
"product_id": "go1.11-doc-1.11.9-1.12.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.12-1.12.4-1.9.1.ppc64le",
"product": {
"name": "go1.12-1.12.4-1.9.1.ppc64le",
"product_id": "go1.12-1.12.4-1.9.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.12-doc-1.12.4-1.9.1.ppc64le",
"product": {
"name": "go1.12-doc-1.12.4-1.9.1.ppc64le",
"product_id": "go1.12-doc-1.12.4-1.9.1.ppc64le"
}
},
{
"category": "product_version",
"name": "golang-github-docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.ppc64le",
"product": {
"name": "golang-github-docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.ppc64le",
"product_id": "golang-github-docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.ppc64le"
}
},
{
"category": "product_version",
"name": "golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.ppc64le",
"product": {
"name": "golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.ppc64le",
"product_id": "golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "containerd-1.2.5-5.13.1.s390x",
"product": {
"name": "containerd-1.2.5-5.13.1.s390x",
"product_id": "containerd-1.2.5-5.13.1.s390x"
}
},
{
"category": "product_version",
"name": "containerd-ctr-1.2.5-5.13.1.s390x",
"product": {
"name": "containerd-ctr-1.2.5-5.13.1.s390x",
"product_id": "containerd-ctr-1.2.5-5.13.1.s390x"
}
},
{
"category": "product_version",
"name": "containerd-kubic-1.2.5-5.13.1.s390x",
"product": {
"name": "containerd-kubic-1.2.5-5.13.1.s390x",
"product_id": "containerd-kubic-1.2.5-5.13.1.s390x"
}
},
{
"category": "product_version",
"name": "containerd-kubic-ctr-1.2.5-5.13.1.s390x",
"product": {
"name": "containerd-kubic-ctr-1.2.5-5.13.1.s390x",
"product_id": "containerd-kubic-ctr-1.2.5-5.13.1.s390x"
}
},
{
"category": "product_version",
"name": "docker-18.09.6_ce-6.17.1.s390x",
"product": {
"name": "docker-18.09.6_ce-6.17.1.s390x",
"product_id": "docker-18.09.6_ce-6.17.1.s390x"
}
},
{
"category": "product_version",
"name": "docker-kubic-18.09.6_ce-6.17.1.s390x",
"product": {
"name": "docker-kubic-18.09.6_ce-6.17.1.s390x",
"product_id": "docker-kubic-18.09.6_ce-6.17.1.s390x"
}
},
{
"category": "product_version",
"name": "docker-kubic-kubeadm-criconfig-18.09.6_ce-6.17.1.s390x",
"product": {
"name": "docker-kubic-kubeadm-criconfig-18.09.6_ce-6.17.1.s390x",
"product_id": "docker-kubic-kubeadm-criconfig-18.09.6_ce-6.17.1.s390x"
}
},
{
"category": "product_version",
"name": "docker-kubic-test-18.09.6_ce-6.17.1.s390x",
"product": {
"name": "docker-kubic-test-18.09.6_ce-6.17.1.s390x",
"product_id": "docker-kubic-test-18.09.6_ce-6.17.1.s390x"
}
},
{
"category": "product_version",
"name": "docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.s390x",
"product": {
"name": "docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.s390x",
"product_id": "docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.s390x"
}
},
{
"category": "product_version",
"name": "docker-libnetwork-kubic-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.s390x",
"product": {
"name": "docker-libnetwork-kubic-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.s390x",
"product_id": "docker-libnetwork-kubic-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.s390x"
}
},
{
"category": "product_version",
"name": "docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.s390x",
"product": {
"name": "docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.s390x",
"product_id": "docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.s390x"
}
},
{
"category": "product_version",
"name": "docker-runc-kubic-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.s390x",
"product": {
"name": "docker-runc-kubic-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.s390x",
"product_id": "docker-runc-kubic-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.s390x"
}
},
{
"category": "product_version",
"name": "docker-test-18.09.6_ce-6.17.1.s390x",
"product": {
"name": "docker-test-18.09.6_ce-6.17.1.s390x",
"product_id": "docker-test-18.09.6_ce-6.17.1.s390x"
}
},
{
"category": "product_version",
"name": "go-1.12-3.10.1.s390x",
"product": {
"name": "go-1.12-3.10.1.s390x",
"product_id": "go-1.12-3.10.1.s390x"
}
},
{
"category": "product_version",
"name": "go-doc-1.12-3.10.1.s390x",
"product": {
"name": "go-doc-1.12-3.10.1.s390x",
"product_id": "go-doc-1.12-3.10.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.11-1.11.9-1.12.1.s390x",
"product": {
"name": "go1.11-1.11.9-1.12.1.s390x",
"product_id": "go1.11-1.11.9-1.12.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.11-doc-1.11.9-1.12.1.s390x",
"product": {
"name": "go1.11-doc-1.11.9-1.12.1.s390x",
"product_id": "go1.11-doc-1.11.9-1.12.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.12-1.12.4-1.9.1.s390x",
"product": {
"name": "go1.12-1.12.4-1.9.1.s390x",
"product_id": "go1.12-1.12.4-1.9.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.12-doc-1.12.4-1.9.1.s390x",
"product": {
"name": "go1.12-doc-1.12.4-1.9.1.s390x",
"product_id": "go1.12-doc-1.12.4-1.9.1.s390x"
}
},
{
"category": "product_version",
"name": "golang-github-docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.s390x",
"product": {
"name": "golang-github-docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.s390x",
"product_id": "golang-github-docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.s390x"
}
},
{
"category": "product_version",
"name": "golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.s390x",
"product": {
"name": "golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.s390x",
"product_id": "golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "containerd-1.2.5-5.13.1.x86_64",
"product": {
"name": "containerd-1.2.5-5.13.1.x86_64",
"product_id": "containerd-1.2.5-5.13.1.x86_64"
}
},
{
"category": "product_version",
"name": "containerd-ctr-1.2.5-5.13.1.x86_64",
"product": {
"name": "containerd-ctr-1.2.5-5.13.1.x86_64",
"product_id": "containerd-ctr-1.2.5-5.13.1.x86_64"
}
},
{
"category": "product_version",
"name": "containerd-kubic-1.2.5-5.13.1.x86_64",
"product": {
"name": "containerd-kubic-1.2.5-5.13.1.x86_64",
"product_id": "containerd-kubic-1.2.5-5.13.1.x86_64"
}
},
{
"category": "product_version",
"name": "containerd-kubic-ctr-1.2.5-5.13.1.x86_64",
"product": {
"name": "containerd-kubic-ctr-1.2.5-5.13.1.x86_64",
"product_id": "containerd-kubic-ctr-1.2.5-5.13.1.x86_64"
}
},
{
"category": "product_version",
"name": "docker-18.09.6_ce-6.17.1.x86_64",
"product": {
"name": "docker-18.09.6_ce-6.17.1.x86_64",
"product_id": "docker-18.09.6_ce-6.17.1.x86_64"
}
},
{
"category": "product_version",
"name": "docker-kubic-18.09.6_ce-6.17.1.x86_64",
"product": {
"name": "docker-kubic-18.09.6_ce-6.17.1.x86_64",
"product_id": "docker-kubic-18.09.6_ce-6.17.1.x86_64"
}
},
{
"category": "product_version",
"name": "docker-kubic-kubeadm-criconfig-18.09.6_ce-6.17.1.x86_64",
"product": {
"name": "docker-kubic-kubeadm-criconfig-18.09.6_ce-6.17.1.x86_64",
"product_id": "docker-kubic-kubeadm-criconfig-18.09.6_ce-6.17.1.x86_64"
}
},
{
"category": "product_version",
"name": "docker-kubic-test-18.09.6_ce-6.17.1.x86_64",
"product": {
"name": "docker-kubic-test-18.09.6_ce-6.17.1.x86_64",
"product_id": "docker-kubic-test-18.09.6_ce-6.17.1.x86_64"
}
},
{
"category": "product_version",
"name": "docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.x86_64",
"product": {
"name": "docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.x86_64",
"product_id": "docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "docker-libnetwork-kubic-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.x86_64",
"product": {
"name": "docker-libnetwork-kubic-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.x86_64",
"product_id": "docker-libnetwork-kubic-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.x86_64",
"product": {
"name": "docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.x86_64",
"product_id": "docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.x86_64"
}
},
{
"category": "product_version",
"name": "docker-runc-kubic-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.x86_64",
"product": {
"name": "docker-runc-kubic-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.x86_64",
"product_id": "docker-runc-kubic-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.x86_64"
}
},
{
"category": "product_version",
"name": "docker-test-18.09.6_ce-6.17.1.x86_64",
"product": {
"name": "docker-test-18.09.6_ce-6.17.1.x86_64",
"product_id": "docker-test-18.09.6_ce-6.17.1.x86_64"
}
},
{
"category": "product_version",
"name": "go-1.12-3.10.1.x86_64",
"product": {
"name": "go-1.12-3.10.1.x86_64",
"product_id": "go-1.12-3.10.1.x86_64"
}
},
{
"category": "product_version",
"name": "go-doc-1.12-3.10.1.x86_64",
"product": {
"name": "go-doc-1.12-3.10.1.x86_64",
"product_id": "go-doc-1.12-3.10.1.x86_64"
}
},
{
"category": "product_version",
"name": "go-race-1.12-3.10.1.x86_64",
"product": {
"name": "go-race-1.12-3.10.1.x86_64",
"product_id": "go-race-1.12-3.10.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.11-1.11.9-1.12.1.x86_64",
"product": {
"name": "go1.11-1.11.9-1.12.1.x86_64",
"product_id": "go1.11-1.11.9-1.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.11-doc-1.11.9-1.12.1.x86_64",
"product": {
"name": "go1.11-doc-1.11.9-1.12.1.x86_64",
"product_id": "go1.11-doc-1.11.9-1.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.11-race-1.11.9-1.12.1.x86_64",
"product": {
"name": "go1.11-race-1.11.9-1.12.1.x86_64",
"product_id": "go1.11-race-1.11.9-1.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.12-1.12.4-1.9.1.x86_64",
"product": {
"name": "go1.12-1.12.4-1.9.1.x86_64",
"product_id": "go1.12-1.12.4-1.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.12-doc-1.12.4-1.9.1.x86_64",
"product": {
"name": "go1.12-doc-1.12.4-1.9.1.x86_64",
"product_id": "go1.12-doc-1.12.4-1.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.12-race-1.12.4-1.9.1.x86_64",
"product": {
"name": "go1.12-race-1.12.4-1.9.1.x86_64",
"product_id": "go1.12-race-1.12.4-1.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "golang-github-docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.x86_64",
"product": {
"name": "golang-github-docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.x86_64",
"product_id": "golang-github-docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.x86_64",
"product": {
"name": "golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.x86_64",
"product_id": "golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Containers 15",
"product": {
"name": "SUSE Linux Enterprise Module for Containers 15",
"product_id": "SUSE Linux Enterprise Module for Containers 15",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-containers:15"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.2.5-5.13.1.ppc64le as component of SUSE Linux Enterprise Module for Containers 15",
"product_id": "SUSE Linux Enterprise Module for Containers 15:containerd-1.2.5-5.13.1.ppc64le"
},
"product_reference": "containerd-1.2.5-5.13.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.2.5-5.13.1.s390x as component of SUSE Linux Enterprise Module for Containers 15",
"product_id": "SUSE Linux Enterprise Module for Containers 15:containerd-1.2.5-5.13.1.s390x"
},
"product_reference": "containerd-1.2.5-5.13.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.2.5-5.13.1.x86_64 as component of SUSE Linux Enterprise Module for Containers 15",
"product_id": "SUSE Linux Enterprise Module for Containers 15:containerd-1.2.5-5.13.1.x86_64"
},
"product_reference": "containerd-1.2.5-5.13.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-18.09.6_ce-6.17.1.ppc64le as component of SUSE Linux Enterprise Module for Containers 15",
"product_id": "SUSE Linux Enterprise Module for Containers 15:docker-18.09.6_ce-6.17.1.ppc64le"
},
"product_reference": "docker-18.09.6_ce-6.17.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-18.09.6_ce-6.17.1.s390x as component of SUSE Linux Enterprise Module for Containers 15",
"product_id": "SUSE Linux Enterprise Module for Containers 15:docker-18.09.6_ce-6.17.1.s390x"
},
"product_reference": "docker-18.09.6_ce-6.17.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-18.09.6_ce-6.17.1.x86_64 as component of SUSE Linux Enterprise Module for Containers 15",
"product_id": "SUSE Linux Enterprise Module for Containers 15:docker-18.09.6_ce-6.17.1.x86_64"
},
"product_reference": "docker-18.09.6_ce-6.17.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-bash-completion-18.09.6_ce-6.17.1.noarch as component of SUSE Linux Enterprise Module for Containers 15",
"product_id": "SUSE Linux Enterprise Module for Containers 15:docker-bash-completion-18.09.6_ce-6.17.1.noarch"
},
"product_reference": "docker-bash-completion-18.09.6_ce-6.17.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.ppc64le as component of SUSE Linux Enterprise Module for Containers 15",
"product_id": "SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.ppc64le"
},
"product_reference": "docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.s390x as component of SUSE Linux Enterprise Module for Containers 15",
"product_id": "SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.s390x"
},
"product_reference": "docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.x86_64 as component of SUSE Linux Enterprise Module for Containers 15",
"product_id": "SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.x86_64"
},
"product_reference": "docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.ppc64le as component of SUSE Linux Enterprise Module for Containers 15",
"product_id": "SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.ppc64le"
},
"product_reference": "docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.s390x as component of SUSE Linux Enterprise Module for Containers 15",
"product_id": "SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.s390x"
},
"product_reference": "docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.x86_64 as component of SUSE Linux Enterprise Module for Containers 15",
"product_id": "SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.x86_64"
},
"product_reference": "docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-16873",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16873"
}
],
"notes": [
{
"category": "general",
"text": "In Go before 1.10.6 and 1.11.x before 1.11.3, the \"go get\" command is vulnerable to remote code execution when executed with the -u flag and the import path of a malicious Go package, or a package that imports it directly or indirectly. Specifically, it is only vulnerable in GOPATH mode, but not in module mode (the distinction is documented at https://golang.org/cmd/go/#hdr-Module_aware_go_get). Using custom domains, it\u0027s possible to arrange things so that a Git repository is cloned to a folder named \".git\" by using a vanity import path that ends with \"/.git\". If the Git repository root contains a \"HEAD\" file, a \"config\" file, an \"objects\" directory, a \"refs\" directory, with some work to ensure the proper ordering of operations, \"go get -u\" can be tricked into considering the parent directory as a repository root, and running Git commands on it. That will use the \"config\" file in the original Git repository root for its configuration, and if that config file contains malicious commands, they will execute on the system running \"go get -u\".",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.5-5.13.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.5-5.13.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.5-5.13.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-18.09.6_ce-6.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-18.09.6_ce-6.17.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-18.09.6_ce-6.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-bash-completion-18.09.6_ce-6.17.1.noarch",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16873",
"url": "https://www.suse.com/security/cve/CVE-2018-16873"
},
{
"category": "external",
"summary": "SUSE Bug 1118897 for CVE-2018-16873",
"url": "https://bugzilla.suse.com/1118897"
},
{
"category": "external",
"summary": "SUSE Bug 1118898 for CVE-2018-16873",
"url": "https://bugzilla.suse.com/1118898"
},
{
"category": "external",
"summary": "SUSE Bug 1118899 for CVE-2018-16873",
"url": "https://bugzilla.suse.com/1118899"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.5-5.13.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.5-5.13.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.5-5.13.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-18.09.6_ce-6.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-18.09.6_ce-6.17.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-18.09.6_ce-6.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-bash-completion-18.09.6_ce-6.17.1.noarch",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.5-5.13.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.5-5.13.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.5-5.13.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-18.09.6_ce-6.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-18.09.6_ce-6.17.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-18.09.6_ce-6.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-bash-completion-18.09.6_ce-6.17.1.noarch",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-05-14T16:31:56Z",
"details": "important"
}
],
"title": "CVE-2018-16873"
},
{
"cve": "CVE-2018-16874",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16874"
}
],
"notes": [
{
"category": "general",
"text": "In Go before 1.10.6 and 1.11.x before 1.11.3, the \"go get\" command is vulnerable to directory traversal when executed with the import path of a malicious Go package which contains curly braces (both \u0027{\u0027 and \u0027}\u0027 characters). Specifically, it is only vulnerable in GOPATH mode, but not in module mode (the distinction is documented at https://golang.org/cmd/go/#hdr-Module_aware_go_get). The attacker can cause an arbitrary filesystem write, which can lead to code execution.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.5-5.13.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.5-5.13.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.5-5.13.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-18.09.6_ce-6.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-18.09.6_ce-6.17.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-18.09.6_ce-6.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-bash-completion-18.09.6_ce-6.17.1.noarch",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16874",
"url": "https://www.suse.com/security/cve/CVE-2018-16874"
},
{
"category": "external",
"summary": "SUSE Bug 1118897 for CVE-2018-16874",
"url": "https://bugzilla.suse.com/1118897"
},
{
"category": "external",
"summary": "SUSE Bug 1118898 for CVE-2018-16874",
"url": "https://bugzilla.suse.com/1118898"
},
{
"category": "external",
"summary": "SUSE Bug 1118899 for CVE-2018-16874",
"url": "https://bugzilla.suse.com/1118899"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.5-5.13.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.5-5.13.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.5-5.13.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-18.09.6_ce-6.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-18.09.6_ce-6.17.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-18.09.6_ce-6.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-bash-completion-18.09.6_ce-6.17.1.noarch",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.5-5.13.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.5-5.13.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.5-5.13.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-18.09.6_ce-6.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-18.09.6_ce-6.17.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-18.09.6_ce-6.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-bash-completion-18.09.6_ce-6.17.1.noarch",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-05-14T16:31:56Z",
"details": "moderate"
}
],
"title": "CVE-2018-16874"
},
{
"cve": "CVE-2018-16875",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16875"
}
],
"notes": [
{
"category": "general",
"text": "The crypto/x509 package of Go before 1.10.6 and 1.11.x before 1.11.3 does not limit the amount of work performed for each chain verification, which might allow attackers to craft pathological inputs leading to a CPU denial of service. Go TLS servers accepting client certificates and TLS clients are affected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.5-5.13.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.5-5.13.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.5-5.13.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-18.09.6_ce-6.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-18.09.6_ce-6.17.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-18.09.6_ce-6.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-bash-completion-18.09.6_ce-6.17.1.noarch",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16875",
"url": "https://www.suse.com/security/cve/CVE-2018-16875"
},
{
"category": "external",
"summary": "SUSE Bug 1118897 for CVE-2018-16875",
"url": "https://bugzilla.suse.com/1118897"
},
{
"category": "external",
"summary": "SUSE Bug 1118898 for CVE-2018-16875",
"url": "https://bugzilla.suse.com/1118898"
},
{
"category": "external",
"summary": "SUSE Bug 1118899 for CVE-2018-16875",
"url": "https://bugzilla.suse.com/1118899"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.5-5.13.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.5-5.13.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.5-5.13.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-18.09.6_ce-6.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-18.09.6_ce-6.17.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-18.09.6_ce-6.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-bash-completion-18.09.6_ce-6.17.1.noarch",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.5-5.13.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.5-5.13.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.5-5.13.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-18.09.6_ce-6.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-18.09.6_ce-6.17.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-18.09.6_ce-6.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-bash-completion-18.09.6_ce-6.17.1.noarch",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-05-14T16:31:56Z",
"details": "moderate"
}
],
"title": "CVE-2018-16875"
},
{
"cve": "CVE-2019-5736",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-5736"
}
],
"notes": [
{
"category": "general",
"text": "runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers: (1) a new container with an attacker-controlled image, or (2) an existing container, to which the attacker previously had write access, that can be attached with docker exec. This occurs because of file-descriptor mishandling, related to /proc/self/exe.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.5-5.13.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.5-5.13.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.5-5.13.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-18.09.6_ce-6.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-18.09.6_ce-6.17.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-18.09.6_ce-6.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-bash-completion-18.09.6_ce-6.17.1.noarch",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-5736",
"url": "https://www.suse.com/security/cve/CVE-2019-5736"
},
{
"category": "external",
"summary": "SUSE Bug 1121967 for CVE-2019-5736",
"url": "https://bugzilla.suse.com/1121967"
},
{
"category": "external",
"summary": "SUSE Bug 1122185 for CVE-2019-5736",
"url": "https://bugzilla.suse.com/1122185"
},
{
"category": "external",
"summary": "SUSE Bug 1173421 for CVE-2019-5736",
"url": "https://bugzilla.suse.com/1173421"
},
{
"category": "external",
"summary": "SUSE Bug 1218894 for CVE-2019-5736",
"url": "https://bugzilla.suse.com/1218894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.5-5.13.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.5-5.13.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.5-5.13.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-18.09.6_ce-6.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-18.09.6_ce-6.17.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-18.09.6_ce-6.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-bash-completion-18.09.6_ce-6.17.1.noarch",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.5-5.13.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.5-5.13.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.5-5.13.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-18.09.6_ce-6.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-18.09.6_ce-6.17.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-18.09.6_ce-6.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-bash-completion-18.09.6_ce-6.17.1.noarch",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-05-14T16:31:56Z",
"details": "moderate"
}
],
"title": "CVE-2019-5736"
},
{
"cve": "CVE-2019-6486",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-6486"
}
],
"notes": [
{
"category": "general",
"text": "Go before 1.10.8 and 1.11.x before 1.11.5 mishandles P-521 and P-384 elliptic curves, which allows attackers to cause a denial of service (CPU consumption) or possibly conduct ECDH private key recovery attacks.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.5-5.13.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.5-5.13.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.5-5.13.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-18.09.6_ce-6.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-18.09.6_ce-6.17.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-18.09.6_ce-6.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-bash-completion-18.09.6_ce-6.17.1.noarch",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-6486",
"url": "https://www.suse.com/security/cve/CVE-2019-6486"
},
{
"category": "external",
"summary": "SUSE Bug 1123013 for CVE-2019-6486",
"url": "https://bugzilla.suse.com/1123013"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.5-5.13.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.5-5.13.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.5-5.13.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-18.09.6_ce-6.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-18.09.6_ce-6.17.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-18.09.6_ce-6.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-bash-completion-18.09.6_ce-6.17.1.noarch",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.5-5.13.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.5-5.13.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.5-5.13.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-18.09.6_ce-6.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-18.09.6_ce-6.17.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-18.09.6_ce-6.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-bash-completion-18.09.6_ce-6.17.1.noarch",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-05-14T16:31:56Z",
"details": "low"
}
],
"title": "CVE-2019-6486"
}
]
}
SUSE-SU-2019:1234-2
Vulnerability from csaf_suse - Published: 2019-06-13 13:28 - Updated: 2019-06-13 13:28Summary
Security update for containerd, docker, docker-runc, go, go1.11, go1.12, golang-github-docker-libnetwork
Severity
Important
Notes
Title of the patch: Security update for containerd, docker, docker-runc, go, go1.11, go1.12, golang-github-docker-libnetwork
Description of the patch: This update for containerd, docker, docker-runc, go, go1.11, go1.12, golang-github-docker-libnetwork fixes the following issues:
Security issues fixed:
- CVE-2019-5736: containerd: Fixing container breakout vulnerability (bsc#1121967).
- CVE-2019-6486: go security release, fixing crypto/elliptic CPU DoS vulnerability affecting P-521 and P-384 (bsc#1123013).
- CVE-2018-16873: go secuirty release, fixing cmd/go remote command execution (bsc#1118897).
- CVE-2018-16874: go security release, fixing cmd/go directory traversal (bsc#1118898).
- CVE-2018-16875: go security release, fixing crypto/x509 CPU denial of service (bsc#1118899).
Other changes and bug fixes:
- Update to containerd v1.2.5, which is required for v18.09.5-ce (bsc#1128376, bsc#1134068).
- Update to runc 2b18fe1d885e, which is required for Docker v18.09.5-ce (bsc#1128376, bsc#1134068).
- Update to Docker 18.09.5-ce see upstream changelog in the packaged (bsc#1128376, bsc#1134068).
- docker-test: Improvements to test packaging (bsc#1128746).
- Move daemon.json file to /etc/docker directory (bsc#1114832).
- Revert golang(API) removal since it turns out this breaks >= requires in certain cases (bsc#1114209).
- Fix go build failures (bsc#1121397).
Patchnames: SUSE-2019-1234,SUSE-SLE-Module-Containers-15-SP1-2019-1234,SUSE-SLE-Module-Development-Tools-OBS-15-SP1-2019-1234
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.5 (High)
Affected products
Recommended
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.5-5.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.5-5.13.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.5-5.13.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.5-5.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-18.09.6_ce-6.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-18.09.6_ce-6.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-18.09.6_ce-6.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-18.09.6_ce-6.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-bash-completion-18.09.6_ce-6.17.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.8 (Medium)
Affected products
Recommended
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.5-5.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.5-5.13.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.5-5.13.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.5-5.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-18.09.6_ce-6.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-18.09.6_ce-6.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-18.09.6_ce-6.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-18.09.6_ce-6.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-bash-completion-18.09.6_ce-6.17.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.9 (Medium)
Affected products
Recommended
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.5-5.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.5-5.13.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.5-5.13.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.5-5.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-18.09.6_ce-6.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-18.09.6_ce-6.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-18.09.6_ce-6.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-18.09.6_ce-6.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-bash-completion-18.09.6_ce-6.17.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.5-5.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.5-5.13.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.5-5.13.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.5-5.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-18.09.6_ce-6.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-18.09.6_ce-6.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-18.09.6_ce-6.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-18.09.6_ce-6.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-bash-completion-18.09.6_ce-6.17.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.5-5.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.5-5.13.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.5-5.13.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.5-5.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-18.09.6_ce-6.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-18.09.6_ce-6.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-18.09.6_ce-6.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-18.09.6_ce-6.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-bash-completion-18.09.6_ce-6.17.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
References
39 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for containerd, docker, docker-runc, go, go1.11, go1.12, golang-github-docker-libnetwork",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for containerd, docker, docker-runc, go, go1.11, go1.12, golang-github-docker-libnetwork fixes the following issues:\n\nSecurity issues fixed:\n\n- CVE-2019-5736: containerd: Fixing container breakout vulnerability (bsc#1121967).\n- CVE-2019-6486: go security release, fixing crypto/elliptic CPU DoS vulnerability affecting P-521 and P-384 (bsc#1123013).\n- CVE-2018-16873: go secuirty release, fixing cmd/go remote command execution (bsc#1118897).\n- CVE-2018-16874: go security release, fixing cmd/go directory traversal (bsc#1118898).\n- CVE-2018-16875: go security release, fixing crypto/x509 CPU denial of service (bsc#1118899).\n\nOther changes and bug fixes:\n\n- Update to containerd v1.2.5, which is required for v18.09.5-ce (bsc#1128376, bsc#1134068).\n- Update to runc 2b18fe1d885e, which is required for Docker v18.09.5-ce (bsc#1128376, bsc#1134068).\n- Update to Docker 18.09.5-ce see upstream changelog in the packaged (bsc#1128376, bsc#1134068).\n- docker-test: Improvements to test packaging (bsc#1128746).\n- Move daemon.json file to /etc/docker directory (bsc#1114832).\n- Revert golang(API) removal since it turns out this breaks \u003e= requires in certain cases (bsc#1114209).\n- Fix go build failures (bsc#1121397).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2019-1234,SUSE-SLE-Module-Containers-15-SP1-2019-1234,SUSE-SLE-Module-Development-Tools-OBS-15-SP1-2019-1234",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2019_1234-2.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2019:1234-2",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20191234-2/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2019:1234-2",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2019-June/005557.html"
},
{
"category": "self",
"summary": "SUSE Bug 1114209",
"url": "https://bugzilla.suse.com/1114209"
},
{
"category": "self",
"summary": "SUSE Bug 1114832",
"url": "https://bugzilla.suse.com/1114832"
},
{
"category": "self",
"summary": "SUSE Bug 1118897",
"url": "https://bugzilla.suse.com/1118897"
},
{
"category": "self",
"summary": "SUSE Bug 1118898",
"url": "https://bugzilla.suse.com/1118898"
},
{
"category": "self",
"summary": "SUSE Bug 1118899",
"url": "https://bugzilla.suse.com/1118899"
},
{
"category": "self",
"summary": "SUSE Bug 1121397",
"url": "https://bugzilla.suse.com/1121397"
},
{
"category": "self",
"summary": "SUSE Bug 1121967",
"url": "https://bugzilla.suse.com/1121967"
},
{
"category": "self",
"summary": "SUSE Bug 1123013",
"url": "https://bugzilla.suse.com/1123013"
},
{
"category": "self",
"summary": "SUSE Bug 1128376",
"url": "https://bugzilla.suse.com/1128376"
},
{
"category": "self",
"summary": "SUSE Bug 1128746",
"url": "https://bugzilla.suse.com/1128746"
},
{
"category": "self",
"summary": "SUSE Bug 1134068",
"url": "https://bugzilla.suse.com/1134068"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16873 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16873/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16874 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16874/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16875 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16875/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-5736 page",
"url": "https://www.suse.com/security/cve/CVE-2019-5736/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-6486 page",
"url": "https://www.suse.com/security/cve/CVE-2019-6486/"
}
],
"title": "Security update for containerd, docker, docker-runc, go, go1.11, go1.12, golang-github-docker-libnetwork",
"tracking": {
"current_release_date": "2019-06-13T13:28:57Z",
"generator": {
"date": "2019-06-13T13:28:57Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2019:1234-2",
"initial_release_date": "2019-06-13T13:28:57Z",
"revision_history": [
{
"date": "2019-06-13T13:28:57Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "containerd-1.2.5-5.13.1.aarch64",
"product": {
"name": "containerd-1.2.5-5.13.1.aarch64",
"product_id": "containerd-1.2.5-5.13.1.aarch64"
}
},
{
"category": "product_version",
"name": "containerd-ctr-1.2.5-5.13.1.aarch64",
"product": {
"name": "containerd-ctr-1.2.5-5.13.1.aarch64",
"product_id": "containerd-ctr-1.2.5-5.13.1.aarch64"
}
},
{
"category": "product_version",
"name": "containerd-kubic-1.2.5-5.13.1.aarch64",
"product": {
"name": "containerd-kubic-1.2.5-5.13.1.aarch64",
"product_id": "containerd-kubic-1.2.5-5.13.1.aarch64"
}
},
{
"category": "product_version",
"name": "containerd-kubic-ctr-1.2.5-5.13.1.aarch64",
"product": {
"name": "containerd-kubic-ctr-1.2.5-5.13.1.aarch64",
"product_id": "containerd-kubic-ctr-1.2.5-5.13.1.aarch64"
}
},
{
"category": "product_version",
"name": "docker-18.09.6_ce-6.17.1.aarch64",
"product": {
"name": "docker-18.09.6_ce-6.17.1.aarch64",
"product_id": "docker-18.09.6_ce-6.17.1.aarch64"
}
},
{
"category": "product_version",
"name": "docker-kubic-18.09.6_ce-6.17.1.aarch64",
"product": {
"name": "docker-kubic-18.09.6_ce-6.17.1.aarch64",
"product_id": "docker-kubic-18.09.6_ce-6.17.1.aarch64"
}
},
{
"category": "product_version",
"name": "docker-kubic-kubeadm-criconfig-18.09.6_ce-6.17.1.aarch64",
"product": {
"name": "docker-kubic-kubeadm-criconfig-18.09.6_ce-6.17.1.aarch64",
"product_id": "docker-kubic-kubeadm-criconfig-18.09.6_ce-6.17.1.aarch64"
}
},
{
"category": "product_version",
"name": "docker-kubic-test-18.09.6_ce-6.17.1.aarch64",
"product": {
"name": "docker-kubic-test-18.09.6_ce-6.17.1.aarch64",
"product_id": "docker-kubic-test-18.09.6_ce-6.17.1.aarch64"
}
},
{
"category": "product_version",
"name": "docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.aarch64",
"product": {
"name": "docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.aarch64",
"product_id": "docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.aarch64"
}
},
{
"category": "product_version",
"name": "docker-libnetwork-kubic-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.aarch64",
"product": {
"name": "docker-libnetwork-kubic-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.aarch64",
"product_id": "docker-libnetwork-kubic-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.aarch64"
}
},
{
"category": "product_version",
"name": "docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.aarch64",
"product": {
"name": "docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.aarch64",
"product_id": "docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.aarch64"
}
},
{
"category": "product_version",
"name": "docker-runc-kubic-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.aarch64",
"product": {
"name": "docker-runc-kubic-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.aarch64",
"product_id": "docker-runc-kubic-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.aarch64"
}
},
{
"category": "product_version",
"name": "docker-test-18.09.6_ce-6.17.1.aarch64",
"product": {
"name": "docker-test-18.09.6_ce-6.17.1.aarch64",
"product_id": "docker-test-18.09.6_ce-6.17.1.aarch64"
}
},
{
"category": "product_version",
"name": "go-1.12-3.10.1.aarch64",
"product": {
"name": "go-1.12-3.10.1.aarch64",
"product_id": "go-1.12-3.10.1.aarch64"
}
},
{
"category": "product_version",
"name": "go-doc-1.12-3.10.1.aarch64",
"product": {
"name": "go-doc-1.12-3.10.1.aarch64",
"product_id": "go-doc-1.12-3.10.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.11-1.11.9-1.12.1.aarch64",
"product": {
"name": "go1.11-1.11.9-1.12.1.aarch64",
"product_id": "go1.11-1.11.9-1.12.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.11-doc-1.11.9-1.12.1.aarch64",
"product": {
"name": "go1.11-doc-1.11.9-1.12.1.aarch64",
"product_id": "go1.11-doc-1.11.9-1.12.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.12-1.12.4-1.9.1.aarch64",
"product": {
"name": "go1.12-1.12.4-1.9.1.aarch64",
"product_id": "go1.12-1.12.4-1.9.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.12-doc-1.12.4-1.9.1.aarch64",
"product": {
"name": "go1.12-doc-1.12.4-1.9.1.aarch64",
"product_id": "go1.12-doc-1.12.4-1.9.1.aarch64"
}
},
{
"category": "product_version",
"name": "golang-github-docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.aarch64",
"product": {
"name": "golang-github-docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.aarch64",
"product_id": "golang-github-docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.aarch64"
}
},
{
"category": "product_version",
"name": "golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.aarch64",
"product": {
"name": "golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.aarch64",
"product_id": "golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "containerd-1.2.5-5.13.1.i586",
"product": {
"name": "containerd-1.2.5-5.13.1.i586",
"product_id": "containerd-1.2.5-5.13.1.i586"
}
},
{
"category": "product_version",
"name": "containerd-ctr-1.2.5-5.13.1.i586",
"product": {
"name": "containerd-ctr-1.2.5-5.13.1.i586",
"product_id": "containerd-ctr-1.2.5-5.13.1.i586"
}
},
{
"category": "product_version",
"name": "containerd-kubic-1.2.5-5.13.1.i586",
"product": {
"name": "containerd-kubic-1.2.5-5.13.1.i586",
"product_id": "containerd-kubic-1.2.5-5.13.1.i586"
}
},
{
"category": "product_version",
"name": "containerd-kubic-ctr-1.2.5-5.13.1.i586",
"product": {
"name": "containerd-kubic-ctr-1.2.5-5.13.1.i586",
"product_id": "containerd-kubic-ctr-1.2.5-5.13.1.i586"
}
},
{
"category": "product_version",
"name": "docker-18.09.6_ce-6.17.1.i586",
"product": {
"name": "docker-18.09.6_ce-6.17.1.i586",
"product_id": "docker-18.09.6_ce-6.17.1.i586"
}
},
{
"category": "product_version",
"name": "docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.i586",
"product": {
"name": "docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.i586",
"product_id": "docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.i586"
}
},
{
"category": "product_version",
"name": "docker-libnetwork-kubic-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.i586",
"product": {
"name": "docker-libnetwork-kubic-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.i586",
"product_id": "docker-libnetwork-kubic-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.i586"
}
},
{
"category": "product_version",
"name": "docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.i586",
"product": {
"name": "docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.i586",
"product_id": "docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.i586"
}
},
{
"category": "product_version",
"name": "docker-runc-kubic-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.i586",
"product": {
"name": "docker-runc-kubic-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.i586",
"product_id": "docker-runc-kubic-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.i586"
}
},
{
"category": "product_version",
"name": "docker-test-18.09.6_ce-6.17.1.i586",
"product": {
"name": "docker-test-18.09.6_ce-6.17.1.i586",
"product_id": "docker-test-18.09.6_ce-6.17.1.i586"
}
},
{
"category": "product_version",
"name": "go-1.12-3.10.1.i586",
"product": {
"name": "go-1.12-3.10.1.i586",
"product_id": "go-1.12-3.10.1.i586"
}
},
{
"category": "product_version",
"name": "go-doc-1.12-3.10.1.i586",
"product": {
"name": "go-doc-1.12-3.10.1.i586",
"product_id": "go-doc-1.12-3.10.1.i586"
}
},
{
"category": "product_version",
"name": "go1.11-1.11.9-1.12.1.i586",
"product": {
"name": "go1.11-1.11.9-1.12.1.i586",
"product_id": "go1.11-1.11.9-1.12.1.i586"
}
},
{
"category": "product_version",
"name": "go1.11-doc-1.11.9-1.12.1.i586",
"product": {
"name": "go1.11-doc-1.11.9-1.12.1.i586",
"product_id": "go1.11-doc-1.11.9-1.12.1.i586"
}
},
{
"category": "product_version",
"name": "go1.12-1.12.4-1.9.1.i586",
"product": {
"name": "go1.12-1.12.4-1.9.1.i586",
"product_id": "go1.12-1.12.4-1.9.1.i586"
}
},
{
"category": "product_version",
"name": "go1.12-doc-1.12.4-1.9.1.i586",
"product": {
"name": "go1.12-doc-1.12.4-1.9.1.i586",
"product_id": "go1.12-doc-1.12.4-1.9.1.i586"
}
},
{
"category": "product_version",
"name": "golang-github-docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.i586",
"product": {
"name": "golang-github-docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.i586",
"product_id": "golang-github-docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.i586"
}
},
{
"category": "product_version",
"name": "golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.i586",
"product": {
"name": "golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.i586",
"product_id": "golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "containerd-kubic-test-1.2.5-5.13.1.noarch",
"product": {
"name": "containerd-kubic-test-1.2.5-5.13.1.noarch",
"product_id": "containerd-kubic-test-1.2.5-5.13.1.noarch"
}
},
{
"category": "product_version",
"name": "containerd-test-1.2.5-5.13.1.noarch",
"product": {
"name": "containerd-test-1.2.5-5.13.1.noarch",
"product_id": "containerd-test-1.2.5-5.13.1.noarch"
}
},
{
"category": "product_version",
"name": "docker-bash-completion-18.09.6_ce-6.17.1.noarch",
"product": {
"name": "docker-bash-completion-18.09.6_ce-6.17.1.noarch",
"product_id": "docker-bash-completion-18.09.6_ce-6.17.1.noarch"
}
},
{
"category": "product_version",
"name": "docker-kubic-bash-completion-18.09.6_ce-6.17.1.noarch",
"product": {
"name": "docker-kubic-bash-completion-18.09.6_ce-6.17.1.noarch",
"product_id": "docker-kubic-bash-completion-18.09.6_ce-6.17.1.noarch"
}
},
{
"category": "product_version",
"name": "docker-kubic-zsh-completion-18.09.6_ce-6.17.1.noarch",
"product": {
"name": "docker-kubic-zsh-completion-18.09.6_ce-6.17.1.noarch",
"product_id": "docker-kubic-zsh-completion-18.09.6_ce-6.17.1.noarch"
}
},
{
"category": "product_version",
"name": "docker-runc-kubic-test-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.noarch",
"product": {
"name": "docker-runc-kubic-test-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.noarch",
"product_id": "docker-runc-kubic-test-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.noarch"
}
},
{
"category": "product_version",
"name": "docker-runc-test-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.noarch",
"product": {
"name": "docker-runc-test-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.noarch",
"product_id": "docker-runc-test-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.noarch"
}
},
{
"category": "product_version",
"name": "docker-zsh-completion-18.09.6_ce-6.17.1.noarch",
"product": {
"name": "docker-zsh-completion-18.09.6_ce-6.17.1.noarch",
"product_id": "docker-zsh-completion-18.09.6_ce-6.17.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "containerd-1.2.5-5.13.1.ppc64le",
"product": {
"name": "containerd-1.2.5-5.13.1.ppc64le",
"product_id": "containerd-1.2.5-5.13.1.ppc64le"
}
},
{
"category": "product_version",
"name": "containerd-ctr-1.2.5-5.13.1.ppc64le",
"product": {
"name": "containerd-ctr-1.2.5-5.13.1.ppc64le",
"product_id": "containerd-ctr-1.2.5-5.13.1.ppc64le"
}
},
{
"category": "product_version",
"name": "containerd-kubic-1.2.5-5.13.1.ppc64le",
"product": {
"name": "containerd-kubic-1.2.5-5.13.1.ppc64le",
"product_id": "containerd-kubic-1.2.5-5.13.1.ppc64le"
}
},
{
"category": "product_version",
"name": "containerd-kubic-ctr-1.2.5-5.13.1.ppc64le",
"product": {
"name": "containerd-kubic-ctr-1.2.5-5.13.1.ppc64le",
"product_id": "containerd-kubic-ctr-1.2.5-5.13.1.ppc64le"
}
},
{
"category": "product_version",
"name": "docker-18.09.6_ce-6.17.1.ppc64le",
"product": {
"name": "docker-18.09.6_ce-6.17.1.ppc64le",
"product_id": "docker-18.09.6_ce-6.17.1.ppc64le"
}
},
{
"category": "product_version",
"name": "docker-kubic-18.09.6_ce-6.17.1.ppc64le",
"product": {
"name": "docker-kubic-18.09.6_ce-6.17.1.ppc64le",
"product_id": "docker-kubic-18.09.6_ce-6.17.1.ppc64le"
}
},
{
"category": "product_version",
"name": "docker-kubic-kubeadm-criconfig-18.09.6_ce-6.17.1.ppc64le",
"product": {
"name": "docker-kubic-kubeadm-criconfig-18.09.6_ce-6.17.1.ppc64le",
"product_id": "docker-kubic-kubeadm-criconfig-18.09.6_ce-6.17.1.ppc64le"
}
},
{
"category": "product_version",
"name": "docker-kubic-test-18.09.6_ce-6.17.1.ppc64le",
"product": {
"name": "docker-kubic-test-18.09.6_ce-6.17.1.ppc64le",
"product_id": "docker-kubic-test-18.09.6_ce-6.17.1.ppc64le"
}
},
{
"category": "product_version",
"name": "docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.ppc64le",
"product": {
"name": "docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.ppc64le",
"product_id": "docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.ppc64le"
}
},
{
"category": "product_version",
"name": "docker-libnetwork-kubic-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.ppc64le",
"product": {
"name": "docker-libnetwork-kubic-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.ppc64le",
"product_id": "docker-libnetwork-kubic-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.ppc64le"
}
},
{
"category": "product_version",
"name": "docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.ppc64le",
"product": {
"name": "docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.ppc64le",
"product_id": "docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.ppc64le"
}
},
{
"category": "product_version",
"name": "docker-runc-kubic-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.ppc64le",
"product": {
"name": "docker-runc-kubic-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.ppc64le",
"product_id": "docker-runc-kubic-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.ppc64le"
}
},
{
"category": "product_version",
"name": "docker-test-18.09.6_ce-6.17.1.ppc64le",
"product": {
"name": "docker-test-18.09.6_ce-6.17.1.ppc64le",
"product_id": "docker-test-18.09.6_ce-6.17.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go-1.12-3.10.1.ppc64le",
"product": {
"name": "go-1.12-3.10.1.ppc64le",
"product_id": "go-1.12-3.10.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go-doc-1.12-3.10.1.ppc64le",
"product": {
"name": "go-doc-1.12-3.10.1.ppc64le",
"product_id": "go-doc-1.12-3.10.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.11-1.11.9-1.12.1.ppc64le",
"product": {
"name": "go1.11-1.11.9-1.12.1.ppc64le",
"product_id": "go1.11-1.11.9-1.12.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.11-doc-1.11.9-1.12.1.ppc64le",
"product": {
"name": "go1.11-doc-1.11.9-1.12.1.ppc64le",
"product_id": "go1.11-doc-1.11.9-1.12.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.12-1.12.4-1.9.1.ppc64le",
"product": {
"name": "go1.12-1.12.4-1.9.1.ppc64le",
"product_id": "go1.12-1.12.4-1.9.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.12-doc-1.12.4-1.9.1.ppc64le",
"product": {
"name": "go1.12-doc-1.12.4-1.9.1.ppc64le",
"product_id": "go1.12-doc-1.12.4-1.9.1.ppc64le"
}
},
{
"category": "product_version",
"name": "golang-github-docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.ppc64le",
"product": {
"name": "golang-github-docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.ppc64le",
"product_id": "golang-github-docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.ppc64le"
}
},
{
"category": "product_version",
"name": "golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.ppc64le",
"product": {
"name": "golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.ppc64le",
"product_id": "golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "containerd-1.2.5-5.13.1.s390x",
"product": {
"name": "containerd-1.2.5-5.13.1.s390x",
"product_id": "containerd-1.2.5-5.13.1.s390x"
}
},
{
"category": "product_version",
"name": "containerd-ctr-1.2.5-5.13.1.s390x",
"product": {
"name": "containerd-ctr-1.2.5-5.13.1.s390x",
"product_id": "containerd-ctr-1.2.5-5.13.1.s390x"
}
},
{
"category": "product_version",
"name": "containerd-kubic-1.2.5-5.13.1.s390x",
"product": {
"name": "containerd-kubic-1.2.5-5.13.1.s390x",
"product_id": "containerd-kubic-1.2.5-5.13.1.s390x"
}
},
{
"category": "product_version",
"name": "containerd-kubic-ctr-1.2.5-5.13.1.s390x",
"product": {
"name": "containerd-kubic-ctr-1.2.5-5.13.1.s390x",
"product_id": "containerd-kubic-ctr-1.2.5-5.13.1.s390x"
}
},
{
"category": "product_version",
"name": "docker-18.09.6_ce-6.17.1.s390x",
"product": {
"name": "docker-18.09.6_ce-6.17.1.s390x",
"product_id": "docker-18.09.6_ce-6.17.1.s390x"
}
},
{
"category": "product_version",
"name": "docker-kubic-18.09.6_ce-6.17.1.s390x",
"product": {
"name": "docker-kubic-18.09.6_ce-6.17.1.s390x",
"product_id": "docker-kubic-18.09.6_ce-6.17.1.s390x"
}
},
{
"category": "product_version",
"name": "docker-kubic-kubeadm-criconfig-18.09.6_ce-6.17.1.s390x",
"product": {
"name": "docker-kubic-kubeadm-criconfig-18.09.6_ce-6.17.1.s390x",
"product_id": "docker-kubic-kubeadm-criconfig-18.09.6_ce-6.17.1.s390x"
}
},
{
"category": "product_version",
"name": "docker-kubic-test-18.09.6_ce-6.17.1.s390x",
"product": {
"name": "docker-kubic-test-18.09.6_ce-6.17.1.s390x",
"product_id": "docker-kubic-test-18.09.6_ce-6.17.1.s390x"
}
},
{
"category": "product_version",
"name": "docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.s390x",
"product": {
"name": "docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.s390x",
"product_id": "docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.s390x"
}
},
{
"category": "product_version",
"name": "docker-libnetwork-kubic-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.s390x",
"product": {
"name": "docker-libnetwork-kubic-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.s390x",
"product_id": "docker-libnetwork-kubic-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.s390x"
}
},
{
"category": "product_version",
"name": "docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.s390x",
"product": {
"name": "docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.s390x",
"product_id": "docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.s390x"
}
},
{
"category": "product_version",
"name": "docker-runc-kubic-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.s390x",
"product": {
"name": "docker-runc-kubic-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.s390x",
"product_id": "docker-runc-kubic-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.s390x"
}
},
{
"category": "product_version",
"name": "docker-test-18.09.6_ce-6.17.1.s390x",
"product": {
"name": "docker-test-18.09.6_ce-6.17.1.s390x",
"product_id": "docker-test-18.09.6_ce-6.17.1.s390x"
}
},
{
"category": "product_version",
"name": "go-1.12-3.10.1.s390x",
"product": {
"name": "go-1.12-3.10.1.s390x",
"product_id": "go-1.12-3.10.1.s390x"
}
},
{
"category": "product_version",
"name": "go-doc-1.12-3.10.1.s390x",
"product": {
"name": "go-doc-1.12-3.10.1.s390x",
"product_id": "go-doc-1.12-3.10.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.11-1.11.9-1.12.1.s390x",
"product": {
"name": "go1.11-1.11.9-1.12.1.s390x",
"product_id": "go1.11-1.11.9-1.12.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.11-doc-1.11.9-1.12.1.s390x",
"product": {
"name": "go1.11-doc-1.11.9-1.12.1.s390x",
"product_id": "go1.11-doc-1.11.9-1.12.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.12-1.12.4-1.9.1.s390x",
"product": {
"name": "go1.12-1.12.4-1.9.1.s390x",
"product_id": "go1.12-1.12.4-1.9.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.12-doc-1.12.4-1.9.1.s390x",
"product": {
"name": "go1.12-doc-1.12.4-1.9.1.s390x",
"product_id": "go1.12-doc-1.12.4-1.9.1.s390x"
}
},
{
"category": "product_version",
"name": "golang-github-docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.s390x",
"product": {
"name": "golang-github-docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.s390x",
"product_id": "golang-github-docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.s390x"
}
},
{
"category": "product_version",
"name": "golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.s390x",
"product": {
"name": "golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.s390x",
"product_id": "golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "containerd-1.2.5-5.13.1.x86_64",
"product": {
"name": "containerd-1.2.5-5.13.1.x86_64",
"product_id": "containerd-1.2.5-5.13.1.x86_64"
}
},
{
"category": "product_version",
"name": "containerd-ctr-1.2.5-5.13.1.x86_64",
"product": {
"name": "containerd-ctr-1.2.5-5.13.1.x86_64",
"product_id": "containerd-ctr-1.2.5-5.13.1.x86_64"
}
},
{
"category": "product_version",
"name": "containerd-kubic-1.2.5-5.13.1.x86_64",
"product": {
"name": "containerd-kubic-1.2.5-5.13.1.x86_64",
"product_id": "containerd-kubic-1.2.5-5.13.1.x86_64"
}
},
{
"category": "product_version",
"name": "containerd-kubic-ctr-1.2.5-5.13.1.x86_64",
"product": {
"name": "containerd-kubic-ctr-1.2.5-5.13.1.x86_64",
"product_id": "containerd-kubic-ctr-1.2.5-5.13.1.x86_64"
}
},
{
"category": "product_version",
"name": "docker-18.09.6_ce-6.17.1.x86_64",
"product": {
"name": "docker-18.09.6_ce-6.17.1.x86_64",
"product_id": "docker-18.09.6_ce-6.17.1.x86_64"
}
},
{
"category": "product_version",
"name": "docker-kubic-18.09.6_ce-6.17.1.x86_64",
"product": {
"name": "docker-kubic-18.09.6_ce-6.17.1.x86_64",
"product_id": "docker-kubic-18.09.6_ce-6.17.1.x86_64"
}
},
{
"category": "product_version",
"name": "docker-kubic-kubeadm-criconfig-18.09.6_ce-6.17.1.x86_64",
"product": {
"name": "docker-kubic-kubeadm-criconfig-18.09.6_ce-6.17.1.x86_64",
"product_id": "docker-kubic-kubeadm-criconfig-18.09.6_ce-6.17.1.x86_64"
}
},
{
"category": "product_version",
"name": "docker-kubic-test-18.09.6_ce-6.17.1.x86_64",
"product": {
"name": "docker-kubic-test-18.09.6_ce-6.17.1.x86_64",
"product_id": "docker-kubic-test-18.09.6_ce-6.17.1.x86_64"
}
},
{
"category": "product_version",
"name": "docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.x86_64",
"product": {
"name": "docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.x86_64",
"product_id": "docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "docker-libnetwork-kubic-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.x86_64",
"product": {
"name": "docker-libnetwork-kubic-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.x86_64",
"product_id": "docker-libnetwork-kubic-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.x86_64",
"product": {
"name": "docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.x86_64",
"product_id": "docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.x86_64"
}
},
{
"category": "product_version",
"name": "docker-runc-kubic-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.x86_64",
"product": {
"name": "docker-runc-kubic-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.x86_64",
"product_id": "docker-runc-kubic-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.x86_64"
}
},
{
"category": "product_version",
"name": "docker-test-18.09.6_ce-6.17.1.x86_64",
"product": {
"name": "docker-test-18.09.6_ce-6.17.1.x86_64",
"product_id": "docker-test-18.09.6_ce-6.17.1.x86_64"
}
},
{
"category": "product_version",
"name": "go-1.12-3.10.1.x86_64",
"product": {
"name": "go-1.12-3.10.1.x86_64",
"product_id": "go-1.12-3.10.1.x86_64"
}
},
{
"category": "product_version",
"name": "go-doc-1.12-3.10.1.x86_64",
"product": {
"name": "go-doc-1.12-3.10.1.x86_64",
"product_id": "go-doc-1.12-3.10.1.x86_64"
}
},
{
"category": "product_version",
"name": "go-race-1.12-3.10.1.x86_64",
"product": {
"name": "go-race-1.12-3.10.1.x86_64",
"product_id": "go-race-1.12-3.10.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.11-1.11.9-1.12.1.x86_64",
"product": {
"name": "go1.11-1.11.9-1.12.1.x86_64",
"product_id": "go1.11-1.11.9-1.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.11-doc-1.11.9-1.12.1.x86_64",
"product": {
"name": "go1.11-doc-1.11.9-1.12.1.x86_64",
"product_id": "go1.11-doc-1.11.9-1.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.11-race-1.11.9-1.12.1.x86_64",
"product": {
"name": "go1.11-race-1.11.9-1.12.1.x86_64",
"product_id": "go1.11-race-1.11.9-1.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.12-1.12.4-1.9.1.x86_64",
"product": {
"name": "go1.12-1.12.4-1.9.1.x86_64",
"product_id": "go1.12-1.12.4-1.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.12-doc-1.12.4-1.9.1.x86_64",
"product": {
"name": "go1.12-doc-1.12.4-1.9.1.x86_64",
"product_id": "go1.12-doc-1.12.4-1.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.12-race-1.12.4-1.9.1.x86_64",
"product": {
"name": "go1.12-race-1.12.4-1.9.1.x86_64",
"product_id": "go1.12-race-1.12.4-1.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "golang-github-docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.x86_64",
"product": {
"name": "golang-github-docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.x86_64",
"product_id": "golang-github-docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.x86_64",
"product": {
"name": "golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.x86_64",
"product_id": "golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Containers 15 SP1",
"product": {
"name": "SUSE Linux Enterprise Module for Containers 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-containers:15:sp1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.2.5-5.13.1.aarch64 as component of SUSE Linux Enterprise Module for Containers 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.5-5.13.1.aarch64"
},
"product_reference": "containerd-1.2.5-5.13.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.2.5-5.13.1.ppc64le as component of SUSE Linux Enterprise Module for Containers 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.5-5.13.1.ppc64le"
},
"product_reference": "containerd-1.2.5-5.13.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.2.5-5.13.1.s390x as component of SUSE Linux Enterprise Module for Containers 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.5-5.13.1.s390x"
},
"product_reference": "containerd-1.2.5-5.13.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.2.5-5.13.1.x86_64 as component of SUSE Linux Enterprise Module for Containers 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.5-5.13.1.x86_64"
},
"product_reference": "containerd-1.2.5-5.13.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-18.09.6_ce-6.17.1.aarch64 as component of SUSE Linux Enterprise Module for Containers 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP1:docker-18.09.6_ce-6.17.1.aarch64"
},
"product_reference": "docker-18.09.6_ce-6.17.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-18.09.6_ce-6.17.1.ppc64le as component of SUSE Linux Enterprise Module for Containers 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP1:docker-18.09.6_ce-6.17.1.ppc64le"
},
"product_reference": "docker-18.09.6_ce-6.17.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-18.09.6_ce-6.17.1.s390x as component of SUSE Linux Enterprise Module for Containers 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP1:docker-18.09.6_ce-6.17.1.s390x"
},
"product_reference": "docker-18.09.6_ce-6.17.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-18.09.6_ce-6.17.1.x86_64 as component of SUSE Linux Enterprise Module for Containers 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP1:docker-18.09.6_ce-6.17.1.x86_64"
},
"product_reference": "docker-18.09.6_ce-6.17.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-bash-completion-18.09.6_ce-6.17.1.noarch as component of SUSE Linux Enterprise Module for Containers 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP1:docker-bash-completion-18.09.6_ce-6.17.1.noarch"
},
"product_reference": "docker-bash-completion-18.09.6_ce-6.17.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.aarch64 as component of SUSE Linux Enterprise Module for Containers 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.aarch64"
},
"product_reference": "docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.ppc64le as component of SUSE Linux Enterprise Module for Containers 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.ppc64le"
},
"product_reference": "docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.s390x as component of SUSE Linux Enterprise Module for Containers 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.s390x"
},
"product_reference": "docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.x86_64 as component of SUSE Linux Enterprise Module for Containers 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.x86_64"
},
"product_reference": "docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.aarch64 as component of SUSE Linux Enterprise Module for Containers 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.aarch64"
},
"product_reference": "docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.ppc64le as component of SUSE Linux Enterprise Module for Containers 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.ppc64le"
},
"product_reference": "docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.s390x as component of SUSE Linux Enterprise Module for Containers 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.s390x"
},
"product_reference": "docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.x86_64 as component of SUSE Linux Enterprise Module for Containers 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.x86_64"
},
"product_reference": "docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-16873",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16873"
}
],
"notes": [
{
"category": "general",
"text": "In Go before 1.10.6 and 1.11.x before 1.11.3, the \"go get\" command is vulnerable to remote code execution when executed with the -u flag and the import path of a malicious Go package, or a package that imports it directly or indirectly. Specifically, it is only vulnerable in GOPATH mode, but not in module mode (the distinction is documented at https://golang.org/cmd/go/#hdr-Module_aware_go_get). Using custom domains, it\u0027s possible to arrange things so that a Git repository is cloned to a folder named \".git\" by using a vanity import path that ends with \"/.git\". If the Git repository root contains a \"HEAD\" file, a \"config\" file, an \"objects\" directory, a \"refs\" directory, with some work to ensure the proper ordering of operations, \"go get -u\" can be tricked into considering the parent directory as a repository root, and running Git commands on it. That will use the \"config\" file in the original Git repository root for its configuration, and if that config file contains malicious commands, they will execute on the system running \"go get -u\".",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.5-5.13.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.5-5.13.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.5-5.13.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.5-5.13.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-18.09.6_ce-6.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-18.09.6_ce-6.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-18.09.6_ce-6.17.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-18.09.6_ce-6.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-bash-completion-18.09.6_ce-6.17.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16873",
"url": "https://www.suse.com/security/cve/CVE-2018-16873"
},
{
"category": "external",
"summary": "SUSE Bug 1118897 for CVE-2018-16873",
"url": "https://bugzilla.suse.com/1118897"
},
{
"category": "external",
"summary": "SUSE Bug 1118898 for CVE-2018-16873",
"url": "https://bugzilla.suse.com/1118898"
},
{
"category": "external",
"summary": "SUSE Bug 1118899 for CVE-2018-16873",
"url": "https://bugzilla.suse.com/1118899"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.5-5.13.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.5-5.13.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.5-5.13.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.5-5.13.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-18.09.6_ce-6.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-18.09.6_ce-6.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-18.09.6_ce-6.17.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-18.09.6_ce-6.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-bash-completion-18.09.6_ce-6.17.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.5-5.13.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.5-5.13.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.5-5.13.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.5-5.13.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-18.09.6_ce-6.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-18.09.6_ce-6.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-18.09.6_ce-6.17.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-18.09.6_ce-6.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-bash-completion-18.09.6_ce-6.17.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-06-13T13:28:57Z",
"details": "important"
}
],
"title": "CVE-2018-16873"
},
{
"cve": "CVE-2018-16874",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16874"
}
],
"notes": [
{
"category": "general",
"text": "In Go before 1.10.6 and 1.11.x before 1.11.3, the \"go get\" command is vulnerable to directory traversal when executed with the import path of a malicious Go package which contains curly braces (both \u0027{\u0027 and \u0027}\u0027 characters). Specifically, it is only vulnerable in GOPATH mode, but not in module mode (the distinction is documented at https://golang.org/cmd/go/#hdr-Module_aware_go_get). The attacker can cause an arbitrary filesystem write, which can lead to code execution.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.5-5.13.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.5-5.13.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.5-5.13.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.5-5.13.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-18.09.6_ce-6.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-18.09.6_ce-6.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-18.09.6_ce-6.17.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-18.09.6_ce-6.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-bash-completion-18.09.6_ce-6.17.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16874",
"url": "https://www.suse.com/security/cve/CVE-2018-16874"
},
{
"category": "external",
"summary": "SUSE Bug 1118897 for CVE-2018-16874",
"url": "https://bugzilla.suse.com/1118897"
},
{
"category": "external",
"summary": "SUSE Bug 1118898 for CVE-2018-16874",
"url": "https://bugzilla.suse.com/1118898"
},
{
"category": "external",
"summary": "SUSE Bug 1118899 for CVE-2018-16874",
"url": "https://bugzilla.suse.com/1118899"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.5-5.13.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.5-5.13.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.5-5.13.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.5-5.13.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-18.09.6_ce-6.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-18.09.6_ce-6.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-18.09.6_ce-6.17.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-18.09.6_ce-6.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-bash-completion-18.09.6_ce-6.17.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.5-5.13.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.5-5.13.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.5-5.13.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.5-5.13.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-18.09.6_ce-6.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-18.09.6_ce-6.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-18.09.6_ce-6.17.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-18.09.6_ce-6.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-bash-completion-18.09.6_ce-6.17.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-06-13T13:28:57Z",
"details": "moderate"
}
],
"title": "CVE-2018-16874"
},
{
"cve": "CVE-2018-16875",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16875"
}
],
"notes": [
{
"category": "general",
"text": "The crypto/x509 package of Go before 1.10.6 and 1.11.x before 1.11.3 does not limit the amount of work performed for each chain verification, which might allow attackers to craft pathological inputs leading to a CPU denial of service. Go TLS servers accepting client certificates and TLS clients are affected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.5-5.13.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.5-5.13.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.5-5.13.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.5-5.13.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-18.09.6_ce-6.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-18.09.6_ce-6.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-18.09.6_ce-6.17.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-18.09.6_ce-6.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-bash-completion-18.09.6_ce-6.17.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16875",
"url": "https://www.suse.com/security/cve/CVE-2018-16875"
},
{
"category": "external",
"summary": "SUSE Bug 1118897 for CVE-2018-16875",
"url": "https://bugzilla.suse.com/1118897"
},
{
"category": "external",
"summary": "SUSE Bug 1118898 for CVE-2018-16875",
"url": "https://bugzilla.suse.com/1118898"
},
{
"category": "external",
"summary": "SUSE Bug 1118899 for CVE-2018-16875",
"url": "https://bugzilla.suse.com/1118899"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.5-5.13.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.5-5.13.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.5-5.13.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.5-5.13.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-18.09.6_ce-6.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-18.09.6_ce-6.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-18.09.6_ce-6.17.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-18.09.6_ce-6.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-bash-completion-18.09.6_ce-6.17.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.5-5.13.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.5-5.13.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.5-5.13.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.5-5.13.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-18.09.6_ce-6.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-18.09.6_ce-6.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-18.09.6_ce-6.17.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-18.09.6_ce-6.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-bash-completion-18.09.6_ce-6.17.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-06-13T13:28:57Z",
"details": "moderate"
}
],
"title": "CVE-2018-16875"
},
{
"cve": "CVE-2019-5736",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-5736"
}
],
"notes": [
{
"category": "general",
"text": "runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers: (1) a new container with an attacker-controlled image, or (2) an existing container, to which the attacker previously had write access, that can be attached with docker exec. This occurs because of file-descriptor mishandling, related to /proc/self/exe.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.5-5.13.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.5-5.13.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.5-5.13.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.5-5.13.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-18.09.6_ce-6.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-18.09.6_ce-6.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-18.09.6_ce-6.17.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-18.09.6_ce-6.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-bash-completion-18.09.6_ce-6.17.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-5736",
"url": "https://www.suse.com/security/cve/CVE-2019-5736"
},
{
"category": "external",
"summary": "SUSE Bug 1121967 for CVE-2019-5736",
"url": "https://bugzilla.suse.com/1121967"
},
{
"category": "external",
"summary": "SUSE Bug 1122185 for CVE-2019-5736",
"url": "https://bugzilla.suse.com/1122185"
},
{
"category": "external",
"summary": "SUSE Bug 1173421 for CVE-2019-5736",
"url": "https://bugzilla.suse.com/1173421"
},
{
"category": "external",
"summary": "SUSE Bug 1218894 for CVE-2019-5736",
"url": "https://bugzilla.suse.com/1218894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.5-5.13.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.5-5.13.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.5-5.13.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.5-5.13.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-18.09.6_ce-6.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-18.09.6_ce-6.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-18.09.6_ce-6.17.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-18.09.6_ce-6.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-bash-completion-18.09.6_ce-6.17.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.5-5.13.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.5-5.13.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.5-5.13.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.5-5.13.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-18.09.6_ce-6.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-18.09.6_ce-6.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-18.09.6_ce-6.17.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-18.09.6_ce-6.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-bash-completion-18.09.6_ce-6.17.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-06-13T13:28:57Z",
"details": "moderate"
}
],
"title": "CVE-2019-5736"
},
{
"cve": "CVE-2019-6486",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-6486"
}
],
"notes": [
{
"category": "general",
"text": "Go before 1.10.8 and 1.11.x before 1.11.5 mishandles P-521 and P-384 elliptic curves, which allows attackers to cause a denial of service (CPU consumption) or possibly conduct ECDH private key recovery attacks.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.5-5.13.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.5-5.13.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.5-5.13.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.5-5.13.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-18.09.6_ce-6.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-18.09.6_ce-6.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-18.09.6_ce-6.17.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-18.09.6_ce-6.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-bash-completion-18.09.6_ce-6.17.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-6486",
"url": "https://www.suse.com/security/cve/CVE-2019-6486"
},
{
"category": "external",
"summary": "SUSE Bug 1123013 for CVE-2019-6486",
"url": "https://bugzilla.suse.com/1123013"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.5-5.13.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.5-5.13.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.5-5.13.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.5-5.13.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-18.09.6_ce-6.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-18.09.6_ce-6.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-18.09.6_ce-6.17.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-18.09.6_ce-6.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-bash-completion-18.09.6_ce-6.17.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.5-5.13.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.5-5.13.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.5-5.13.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.5-5.13.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-18.09.6_ce-6.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-18.09.6_ce-6.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-18.09.6_ce-6.17.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-18.09.6_ce-6.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-bash-completion-18.09.6_ce-6.17.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-06-13T13:28:57Z",
"details": "low"
}
],
"title": "CVE-2019-6486"
}
]
}
SUSE-SU-2019:2117-1
Vulnerability from csaf_suse - Published: 2019-08-13 12:56 - Updated: 2019-08-13 12:56Summary
Security update for containerd, docker, docker-runc, golang-github-docker-libnetwork
Severity
Important
Notes
Title of the patch: Security update for containerd, docker, docker-runc, golang-github-docker-libnetwork
Description of the patch: This update for containerd, docker, docker-runc, golang-github-docker-libnetwork fixes the following issues:
Docker:
- CVE-2019-14271: Fixed a code injection if the nsswitch facility dynamically loaded a library inside a chroot (bsc#1143409).
- CVE-2019-13509: Fixed an information leak in the debug log (bsc#1142160).
- Update to version 19.03.1-ce, see changelog at /usr/share/doc/packages/docker/CHANGELOG.md (bsc#1142413, bsc#1139649).
runc:
- Use %config(noreplace) for /etc/docker/daemon.json (bsc#1138920).
- Update to runc 425e105d5a03, which is required by Docker (bsc#1139649).
containerd:
- CVE-2019-5736: Fixed a container breakout vulnerability (bsc#1121967).
- Update to containerd v1.2.6, which is required by docker (bsc#1139649).
golang-github-docker-libnetwork:
- Update to version git.fc5a7d91d54cc98f64fc28f9e288b46a0bee756c, which is required by docker (bsc#1142413, bsc#1139649).
Patchnames: SUSE-2019-2117,SUSE-SLE-Module-Containers-15-2019-2117,SUSE-SLE-Module-Containers-15-SP1-2019-2117,SUSE-SLE-Module-Development-Tools-OBS-15-2019-2117,SUSE-SLE-Module-Development-Tools-OBS-15-SP1-2019-2117
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
6.3 (Medium)
Affected products
Recommended
30 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.6-5.16.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.6-5.16.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.6-5.16.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.6-5.16.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-19.03.1_ce-6.26.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-19.03.1_ce-6.26.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-19.03.1_ce-6.26.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-19.03.1_ce-6.26.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-bash-completion-19.03.1_ce-6.26.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:containerd-1.2.6-5.16.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:containerd-1.2.6-5.16.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:containerd-1.2.6-5.16.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-19.03.1_ce-6.26.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-19.03.1_ce-6.26.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-19.03.1_ce-6.26.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-bash-completion-19.03.1_ce-6.26.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
30 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.6-5.16.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.6-5.16.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.6-5.16.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.6-5.16.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-19.03.1_ce-6.26.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-19.03.1_ce-6.26.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-19.03.1_ce-6.26.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-19.03.1_ce-6.26.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-bash-completion-19.03.1_ce-6.26.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:containerd-1.2.6-5.16.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:containerd-1.2.6-5.16.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:containerd-1.2.6-5.16.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-19.03.1_ce-6.26.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-19.03.1_ce-6.26.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-19.03.1_ce-6.26.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-bash-completion-19.03.1_ce-6.26.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
8.3 (High)
Affected products
Recommended
30 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.6-5.16.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.6-5.16.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.6-5.16.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.6-5.16.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-19.03.1_ce-6.26.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-19.03.1_ce-6.26.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-19.03.1_ce-6.26.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-19.03.1_ce-6.26.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-bash-completion-19.03.1_ce-6.26.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:containerd-1.2.6-5.16.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:containerd-1.2.6-5.16.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:containerd-1.2.6-5.16.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-19.03.1_ce-6.26.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-19.03.1_ce-6.26.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-19.03.1_ce-6.26.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-bash-completion-19.03.1_ce-6.26.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
30 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.6-5.16.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.6-5.16.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.6-5.16.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.6-5.16.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-19.03.1_ce-6.26.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-19.03.1_ce-6.26.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-19.03.1_ce-6.26.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-19.03.1_ce-6.26.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-bash-completion-19.03.1_ce-6.26.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:containerd-1.2.6-5.16.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:containerd-1.2.6-5.16.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:containerd-1.2.6-5.16.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-19.03.1_ce-6.26.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-19.03.1_ce-6.26.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-19.03.1_ce-6.26.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-bash-completion-19.03.1_ce-6.26.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
27 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for containerd, docker, docker-runc, golang-github-docker-libnetwork",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for containerd, docker, docker-runc, golang-github-docker-libnetwork fixes the following issues:\n\nDocker:\n\n- CVE-2019-14271: Fixed a code injection if the nsswitch facility dynamically loaded a library inside a chroot (bsc#1143409).\n- CVE-2019-13509: Fixed an information leak in the debug log (bsc#1142160).\n- Update to version 19.03.1-ce, see changelog at /usr/share/doc/packages/docker/CHANGELOG.md (bsc#1142413, bsc#1139649).\n\nrunc:\n\n- Use %config(noreplace) for /etc/docker/daemon.json (bsc#1138920).\n- Update to runc 425e105d5a03, which is required by Docker (bsc#1139649).\n\ncontainerd:\n\n- CVE-2019-5736: Fixed a container breakout vulnerability (bsc#1121967).\n- Update to containerd v1.2.6, which is required by docker (bsc#1139649).\n\ngolang-github-docker-libnetwork:\n\n- Update to version git.fc5a7d91d54cc98f64fc28f9e288b46a0bee756c, which is required by docker (bsc#1142413, bsc#1139649).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2019-2117,SUSE-SLE-Module-Containers-15-2019-2117,SUSE-SLE-Module-Containers-15-SP1-2019-2117,SUSE-SLE-Module-Development-Tools-OBS-15-2019-2117,SUSE-SLE-Module-Development-Tools-OBS-15-SP1-2019-2117",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2019_2117-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2019:2117-1",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192117-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2019:2117-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2019-August/005812.html"
},
{
"category": "self",
"summary": "SUSE Bug 1100331",
"url": "https://bugzilla.suse.com/1100331"
},
{
"category": "self",
"summary": "SUSE Bug 1121967",
"url": "https://bugzilla.suse.com/1121967"
},
{
"category": "self",
"summary": "SUSE Bug 1138920",
"url": "https://bugzilla.suse.com/1138920"
},
{
"category": "self",
"summary": "SUSE Bug 1139649",
"url": "https://bugzilla.suse.com/1139649"
},
{
"category": "self",
"summary": "SUSE Bug 1142160",
"url": "https://bugzilla.suse.com/1142160"
},
{
"category": "self",
"summary": "SUSE Bug 1142413",
"url": "https://bugzilla.suse.com/1142413"
},
{
"category": "self",
"summary": "SUSE Bug 1143409",
"url": "https://bugzilla.suse.com/1143409"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-10892 page",
"url": "https://www.suse.com/security/cve/CVE-2018-10892/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13509 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13509/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-14271 page",
"url": "https://www.suse.com/security/cve/CVE-2019-14271/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-5736 page",
"url": "https://www.suse.com/security/cve/CVE-2019-5736/"
}
],
"title": "Security update for containerd, docker, docker-runc, golang-github-docker-libnetwork",
"tracking": {
"current_release_date": "2019-08-13T12:56:58Z",
"generator": {
"date": "2019-08-13T12:56:58Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2019:2117-1",
"initial_release_date": "2019-08-13T12:56:58Z",
"revision_history": [
{
"date": "2019-08-13T12:56:58Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "containerd-1.2.6-5.16.1.aarch64",
"product": {
"name": "containerd-1.2.6-5.16.1.aarch64",
"product_id": "containerd-1.2.6-5.16.1.aarch64"
}
},
{
"category": "product_version",
"name": "containerd-ctr-1.2.6-5.16.1.aarch64",
"product": {
"name": "containerd-ctr-1.2.6-5.16.1.aarch64",
"product_id": "containerd-ctr-1.2.6-5.16.1.aarch64"
}
},
{
"category": "product_version",
"name": "containerd-kubic-1.2.6-5.16.1.aarch64",
"product": {
"name": "containerd-kubic-1.2.6-5.16.1.aarch64",
"product_id": "containerd-kubic-1.2.6-5.16.1.aarch64"
}
},
{
"category": "product_version",
"name": "containerd-kubic-ctr-1.2.6-5.16.1.aarch64",
"product": {
"name": "containerd-kubic-ctr-1.2.6-5.16.1.aarch64",
"product_id": "containerd-kubic-ctr-1.2.6-5.16.1.aarch64"
}
},
{
"category": "product_version",
"name": "docker-19.03.1_ce-6.26.2.aarch64",
"product": {
"name": "docker-19.03.1_ce-6.26.2.aarch64",
"product_id": "docker-19.03.1_ce-6.26.2.aarch64"
}
},
{
"category": "product_version",
"name": "docker-kubic-19.03.1_ce-6.26.2.aarch64",
"product": {
"name": "docker-kubic-19.03.1_ce-6.26.2.aarch64",
"product_id": "docker-kubic-19.03.1_ce-6.26.2.aarch64"
}
},
{
"category": "product_version",
"name": "docker-kubic-kubeadm-criconfig-19.03.1_ce-6.26.2.aarch64",
"product": {
"name": "docker-kubic-kubeadm-criconfig-19.03.1_ce-6.26.2.aarch64",
"product_id": "docker-kubic-kubeadm-criconfig-19.03.1_ce-6.26.2.aarch64"
}
},
{
"category": "product_version",
"name": "docker-kubic-test-19.03.1_ce-6.26.2.aarch64",
"product": {
"name": "docker-kubic-test-19.03.1_ce-6.26.2.aarch64",
"product_id": "docker-kubic-test-19.03.1_ce-6.26.2.aarch64"
}
},
{
"category": "product_version",
"name": "docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.aarch64",
"product": {
"name": "docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.aarch64",
"product_id": "docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.aarch64"
}
},
{
"category": "product_version",
"name": "docker-libnetwork-kubic-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.aarch64",
"product": {
"name": "docker-libnetwork-kubic-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.aarch64",
"product_id": "docker-libnetwork-kubic-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.aarch64"
}
},
{
"category": "product_version",
"name": "docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.aarch64",
"product": {
"name": "docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.aarch64",
"product_id": "docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.aarch64"
}
},
{
"category": "product_version",
"name": "docker-runc-kubic-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.aarch64",
"product": {
"name": "docker-runc-kubic-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.aarch64",
"product_id": "docker-runc-kubic-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.aarch64"
}
},
{
"category": "product_version",
"name": "docker-test-19.03.1_ce-6.26.2.aarch64",
"product": {
"name": "docker-test-19.03.1_ce-6.26.2.aarch64",
"product_id": "docker-test-19.03.1_ce-6.26.2.aarch64"
}
},
{
"category": "product_version",
"name": "golang-github-docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.aarch64",
"product": {
"name": "golang-github-docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.aarch64",
"product_id": "golang-github-docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.aarch64"
}
},
{
"category": "product_version",
"name": "golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.aarch64",
"product": {
"name": "golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.aarch64",
"product_id": "golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "containerd-1.2.6-5.16.1.i586",
"product": {
"name": "containerd-1.2.6-5.16.1.i586",
"product_id": "containerd-1.2.6-5.16.1.i586"
}
},
{
"category": "product_version",
"name": "containerd-ctr-1.2.6-5.16.1.i586",
"product": {
"name": "containerd-ctr-1.2.6-5.16.1.i586",
"product_id": "containerd-ctr-1.2.6-5.16.1.i586"
}
},
{
"category": "product_version",
"name": "containerd-kubic-1.2.6-5.16.1.i586",
"product": {
"name": "containerd-kubic-1.2.6-5.16.1.i586",
"product_id": "containerd-kubic-1.2.6-5.16.1.i586"
}
},
{
"category": "product_version",
"name": "containerd-kubic-ctr-1.2.6-5.16.1.i586",
"product": {
"name": "containerd-kubic-ctr-1.2.6-5.16.1.i586",
"product_id": "containerd-kubic-ctr-1.2.6-5.16.1.i586"
}
},
{
"category": "product_version",
"name": "docker-19.03.1_ce-6.26.2.i586",
"product": {
"name": "docker-19.03.1_ce-6.26.2.i586",
"product_id": "docker-19.03.1_ce-6.26.2.i586"
}
},
{
"category": "product_version",
"name": "docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.i586",
"product": {
"name": "docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.i586",
"product_id": "docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.i586"
}
},
{
"category": "product_version",
"name": "docker-libnetwork-kubic-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.i586",
"product": {
"name": "docker-libnetwork-kubic-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.i586",
"product_id": "docker-libnetwork-kubic-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.i586"
}
},
{
"category": "product_version",
"name": "docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.i586",
"product": {
"name": "docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.i586",
"product_id": "docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.i586"
}
},
{
"category": "product_version",
"name": "docker-runc-kubic-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.i586",
"product": {
"name": "docker-runc-kubic-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.i586",
"product_id": "docker-runc-kubic-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.i586"
}
},
{
"category": "product_version",
"name": "docker-test-19.03.1_ce-6.26.2.i586",
"product": {
"name": "docker-test-19.03.1_ce-6.26.2.i586",
"product_id": "docker-test-19.03.1_ce-6.26.2.i586"
}
},
{
"category": "product_version",
"name": "golang-github-docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.i586",
"product": {
"name": "golang-github-docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.i586",
"product_id": "golang-github-docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.i586"
}
},
{
"category": "product_version",
"name": "golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.i586",
"product": {
"name": "golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.i586",
"product_id": "golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "docker-bash-completion-19.03.1_ce-6.26.2.noarch",
"product": {
"name": "docker-bash-completion-19.03.1_ce-6.26.2.noarch",
"product_id": "docker-bash-completion-19.03.1_ce-6.26.2.noarch"
}
},
{
"category": "product_version",
"name": "docker-kubic-bash-completion-19.03.1_ce-6.26.2.noarch",
"product": {
"name": "docker-kubic-bash-completion-19.03.1_ce-6.26.2.noarch",
"product_id": "docker-kubic-bash-completion-19.03.1_ce-6.26.2.noarch"
}
},
{
"category": "product_version",
"name": "docker-kubic-zsh-completion-19.03.1_ce-6.26.2.noarch",
"product": {
"name": "docker-kubic-zsh-completion-19.03.1_ce-6.26.2.noarch",
"product_id": "docker-kubic-zsh-completion-19.03.1_ce-6.26.2.noarch"
}
},
{
"category": "product_version",
"name": "docker-zsh-completion-19.03.1_ce-6.26.2.noarch",
"product": {
"name": "docker-zsh-completion-19.03.1_ce-6.26.2.noarch",
"product_id": "docker-zsh-completion-19.03.1_ce-6.26.2.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "containerd-1.2.6-5.16.1.ppc64le",
"product": {
"name": "containerd-1.2.6-5.16.1.ppc64le",
"product_id": "containerd-1.2.6-5.16.1.ppc64le"
}
},
{
"category": "product_version",
"name": "containerd-ctr-1.2.6-5.16.1.ppc64le",
"product": {
"name": "containerd-ctr-1.2.6-5.16.1.ppc64le",
"product_id": "containerd-ctr-1.2.6-5.16.1.ppc64le"
}
},
{
"category": "product_version",
"name": "containerd-kubic-1.2.6-5.16.1.ppc64le",
"product": {
"name": "containerd-kubic-1.2.6-5.16.1.ppc64le",
"product_id": "containerd-kubic-1.2.6-5.16.1.ppc64le"
}
},
{
"category": "product_version",
"name": "containerd-kubic-ctr-1.2.6-5.16.1.ppc64le",
"product": {
"name": "containerd-kubic-ctr-1.2.6-5.16.1.ppc64le",
"product_id": "containerd-kubic-ctr-1.2.6-5.16.1.ppc64le"
}
},
{
"category": "product_version",
"name": "docker-19.03.1_ce-6.26.2.ppc64le",
"product": {
"name": "docker-19.03.1_ce-6.26.2.ppc64le",
"product_id": "docker-19.03.1_ce-6.26.2.ppc64le"
}
},
{
"category": "product_version",
"name": "docker-kubic-19.03.1_ce-6.26.2.ppc64le",
"product": {
"name": "docker-kubic-19.03.1_ce-6.26.2.ppc64le",
"product_id": "docker-kubic-19.03.1_ce-6.26.2.ppc64le"
}
},
{
"category": "product_version",
"name": "docker-kubic-kubeadm-criconfig-19.03.1_ce-6.26.2.ppc64le",
"product": {
"name": "docker-kubic-kubeadm-criconfig-19.03.1_ce-6.26.2.ppc64le",
"product_id": "docker-kubic-kubeadm-criconfig-19.03.1_ce-6.26.2.ppc64le"
}
},
{
"category": "product_version",
"name": "docker-kubic-test-19.03.1_ce-6.26.2.ppc64le",
"product": {
"name": "docker-kubic-test-19.03.1_ce-6.26.2.ppc64le",
"product_id": "docker-kubic-test-19.03.1_ce-6.26.2.ppc64le"
}
},
{
"category": "product_version",
"name": "docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.ppc64le",
"product": {
"name": "docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.ppc64le",
"product_id": "docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.ppc64le"
}
},
{
"category": "product_version",
"name": "docker-libnetwork-kubic-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.ppc64le",
"product": {
"name": "docker-libnetwork-kubic-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.ppc64le",
"product_id": "docker-libnetwork-kubic-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.ppc64le"
}
},
{
"category": "product_version",
"name": "docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.ppc64le",
"product": {
"name": "docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.ppc64le",
"product_id": "docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.ppc64le"
}
},
{
"category": "product_version",
"name": "docker-runc-kubic-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.ppc64le",
"product": {
"name": "docker-runc-kubic-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.ppc64le",
"product_id": "docker-runc-kubic-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.ppc64le"
}
},
{
"category": "product_version",
"name": "docker-test-19.03.1_ce-6.26.2.ppc64le",
"product": {
"name": "docker-test-19.03.1_ce-6.26.2.ppc64le",
"product_id": "docker-test-19.03.1_ce-6.26.2.ppc64le"
}
},
{
"category": "product_version",
"name": "golang-github-docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.ppc64le",
"product": {
"name": "golang-github-docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.ppc64le",
"product_id": "golang-github-docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.ppc64le"
}
},
{
"category": "product_version",
"name": "golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.ppc64le",
"product": {
"name": "golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.ppc64le",
"product_id": "golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "containerd-1.2.6-5.16.1.s390x",
"product": {
"name": "containerd-1.2.6-5.16.1.s390x",
"product_id": "containerd-1.2.6-5.16.1.s390x"
}
},
{
"category": "product_version",
"name": "containerd-ctr-1.2.6-5.16.1.s390x",
"product": {
"name": "containerd-ctr-1.2.6-5.16.1.s390x",
"product_id": "containerd-ctr-1.2.6-5.16.1.s390x"
}
},
{
"category": "product_version",
"name": "containerd-kubic-1.2.6-5.16.1.s390x",
"product": {
"name": "containerd-kubic-1.2.6-5.16.1.s390x",
"product_id": "containerd-kubic-1.2.6-5.16.1.s390x"
}
},
{
"category": "product_version",
"name": "containerd-kubic-ctr-1.2.6-5.16.1.s390x",
"product": {
"name": "containerd-kubic-ctr-1.2.6-5.16.1.s390x",
"product_id": "containerd-kubic-ctr-1.2.6-5.16.1.s390x"
}
},
{
"category": "product_version",
"name": "docker-19.03.1_ce-6.26.2.s390x",
"product": {
"name": "docker-19.03.1_ce-6.26.2.s390x",
"product_id": "docker-19.03.1_ce-6.26.2.s390x"
}
},
{
"category": "product_version",
"name": "docker-kubic-19.03.1_ce-6.26.2.s390x",
"product": {
"name": "docker-kubic-19.03.1_ce-6.26.2.s390x",
"product_id": "docker-kubic-19.03.1_ce-6.26.2.s390x"
}
},
{
"category": "product_version",
"name": "docker-kubic-kubeadm-criconfig-19.03.1_ce-6.26.2.s390x",
"product": {
"name": "docker-kubic-kubeadm-criconfig-19.03.1_ce-6.26.2.s390x",
"product_id": "docker-kubic-kubeadm-criconfig-19.03.1_ce-6.26.2.s390x"
}
},
{
"category": "product_version",
"name": "docker-kubic-test-19.03.1_ce-6.26.2.s390x",
"product": {
"name": "docker-kubic-test-19.03.1_ce-6.26.2.s390x",
"product_id": "docker-kubic-test-19.03.1_ce-6.26.2.s390x"
}
},
{
"category": "product_version",
"name": "docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.s390x",
"product": {
"name": "docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.s390x",
"product_id": "docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.s390x"
}
},
{
"category": "product_version",
"name": "docker-libnetwork-kubic-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.s390x",
"product": {
"name": "docker-libnetwork-kubic-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.s390x",
"product_id": "docker-libnetwork-kubic-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.s390x"
}
},
{
"category": "product_version",
"name": "docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.s390x",
"product": {
"name": "docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.s390x",
"product_id": "docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.s390x"
}
},
{
"category": "product_version",
"name": "docker-runc-kubic-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.s390x",
"product": {
"name": "docker-runc-kubic-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.s390x",
"product_id": "docker-runc-kubic-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.s390x"
}
},
{
"category": "product_version",
"name": "docker-test-19.03.1_ce-6.26.2.s390x",
"product": {
"name": "docker-test-19.03.1_ce-6.26.2.s390x",
"product_id": "docker-test-19.03.1_ce-6.26.2.s390x"
}
},
{
"category": "product_version",
"name": "golang-github-docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.s390x",
"product": {
"name": "golang-github-docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.s390x",
"product_id": "golang-github-docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.s390x"
}
},
{
"category": "product_version",
"name": "golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.s390x",
"product": {
"name": "golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.s390x",
"product_id": "golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "containerd-1.2.6-5.16.1.x86_64",
"product": {
"name": "containerd-1.2.6-5.16.1.x86_64",
"product_id": "containerd-1.2.6-5.16.1.x86_64"
}
},
{
"category": "product_version",
"name": "containerd-ctr-1.2.6-5.16.1.x86_64",
"product": {
"name": "containerd-ctr-1.2.6-5.16.1.x86_64",
"product_id": "containerd-ctr-1.2.6-5.16.1.x86_64"
}
},
{
"category": "product_version",
"name": "containerd-kubic-1.2.6-5.16.1.x86_64",
"product": {
"name": "containerd-kubic-1.2.6-5.16.1.x86_64",
"product_id": "containerd-kubic-1.2.6-5.16.1.x86_64"
}
},
{
"category": "product_version",
"name": "containerd-kubic-ctr-1.2.6-5.16.1.x86_64",
"product": {
"name": "containerd-kubic-ctr-1.2.6-5.16.1.x86_64",
"product_id": "containerd-kubic-ctr-1.2.6-5.16.1.x86_64"
}
},
{
"category": "product_version",
"name": "docker-19.03.1_ce-6.26.2.x86_64",
"product": {
"name": "docker-19.03.1_ce-6.26.2.x86_64",
"product_id": "docker-19.03.1_ce-6.26.2.x86_64"
}
},
{
"category": "product_version",
"name": "docker-kubic-19.03.1_ce-6.26.2.x86_64",
"product": {
"name": "docker-kubic-19.03.1_ce-6.26.2.x86_64",
"product_id": "docker-kubic-19.03.1_ce-6.26.2.x86_64"
}
},
{
"category": "product_version",
"name": "docker-kubic-kubeadm-criconfig-19.03.1_ce-6.26.2.x86_64",
"product": {
"name": "docker-kubic-kubeadm-criconfig-19.03.1_ce-6.26.2.x86_64",
"product_id": "docker-kubic-kubeadm-criconfig-19.03.1_ce-6.26.2.x86_64"
}
},
{
"category": "product_version",
"name": "docker-kubic-test-19.03.1_ce-6.26.2.x86_64",
"product": {
"name": "docker-kubic-test-19.03.1_ce-6.26.2.x86_64",
"product_id": "docker-kubic-test-19.03.1_ce-6.26.2.x86_64"
}
},
{
"category": "product_version",
"name": "docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.x86_64",
"product": {
"name": "docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.x86_64",
"product_id": "docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.x86_64"
}
},
{
"category": "product_version",
"name": "docker-libnetwork-kubic-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.x86_64",
"product": {
"name": "docker-libnetwork-kubic-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.x86_64",
"product_id": "docker-libnetwork-kubic-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.x86_64"
}
},
{
"category": "product_version",
"name": "docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.x86_64",
"product": {
"name": "docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.x86_64",
"product_id": "docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.x86_64"
}
},
{
"category": "product_version",
"name": "docker-runc-kubic-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.x86_64",
"product": {
"name": "docker-runc-kubic-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.x86_64",
"product_id": "docker-runc-kubic-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.x86_64"
}
},
{
"category": "product_version",
"name": "docker-test-19.03.1_ce-6.26.2.x86_64",
"product": {
"name": "docker-test-19.03.1_ce-6.26.2.x86_64",
"product_id": "docker-test-19.03.1_ce-6.26.2.x86_64"
}
},
{
"category": "product_version",
"name": "golang-github-docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.x86_64",
"product": {
"name": "golang-github-docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.x86_64",
"product_id": "golang-github-docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.x86_64"
}
},
{
"category": "product_version",
"name": "golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.x86_64",
"product": {
"name": "golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.x86_64",
"product_id": "golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Containers 15",
"product": {
"name": "SUSE Linux Enterprise Module for Containers 15",
"product_id": "SUSE Linux Enterprise Module for Containers 15",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-containers:15"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Containers 15 SP1",
"product": {
"name": "SUSE Linux Enterprise Module for Containers 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-containers:15:sp1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.2.6-5.16.1.ppc64le as component of SUSE Linux Enterprise Module for Containers 15",
"product_id": "SUSE Linux Enterprise Module for Containers 15:containerd-1.2.6-5.16.1.ppc64le"
},
"product_reference": "containerd-1.2.6-5.16.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.2.6-5.16.1.s390x as component of SUSE Linux Enterprise Module for Containers 15",
"product_id": "SUSE Linux Enterprise Module for Containers 15:containerd-1.2.6-5.16.1.s390x"
},
"product_reference": "containerd-1.2.6-5.16.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.2.6-5.16.1.x86_64 as component of SUSE Linux Enterprise Module for Containers 15",
"product_id": "SUSE Linux Enterprise Module for Containers 15:containerd-1.2.6-5.16.1.x86_64"
},
"product_reference": "containerd-1.2.6-5.16.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-19.03.1_ce-6.26.2.ppc64le as component of SUSE Linux Enterprise Module for Containers 15",
"product_id": "SUSE Linux Enterprise Module for Containers 15:docker-19.03.1_ce-6.26.2.ppc64le"
},
"product_reference": "docker-19.03.1_ce-6.26.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-19.03.1_ce-6.26.2.s390x as component of SUSE Linux Enterprise Module for Containers 15",
"product_id": "SUSE Linux Enterprise Module for Containers 15:docker-19.03.1_ce-6.26.2.s390x"
},
"product_reference": "docker-19.03.1_ce-6.26.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-19.03.1_ce-6.26.2.x86_64 as component of SUSE Linux Enterprise Module for Containers 15",
"product_id": "SUSE Linux Enterprise Module for Containers 15:docker-19.03.1_ce-6.26.2.x86_64"
},
"product_reference": "docker-19.03.1_ce-6.26.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-bash-completion-19.03.1_ce-6.26.2.noarch as component of SUSE Linux Enterprise Module for Containers 15",
"product_id": "SUSE Linux Enterprise Module for Containers 15:docker-bash-completion-19.03.1_ce-6.26.2.noarch"
},
"product_reference": "docker-bash-completion-19.03.1_ce-6.26.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.ppc64le as component of SUSE Linux Enterprise Module for Containers 15",
"product_id": "SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.ppc64le"
},
"product_reference": "docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.s390x as component of SUSE Linux Enterprise Module for Containers 15",
"product_id": "SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.s390x"
},
"product_reference": "docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.x86_64 as component of SUSE Linux Enterprise Module for Containers 15",
"product_id": "SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.x86_64"
},
"product_reference": "docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.ppc64le as component of SUSE Linux Enterprise Module for Containers 15",
"product_id": "SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.ppc64le"
},
"product_reference": "docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.s390x as component of SUSE Linux Enterprise Module for Containers 15",
"product_id": "SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.s390x"
},
"product_reference": "docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.x86_64 as component of SUSE Linux Enterprise Module for Containers 15",
"product_id": "SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.x86_64"
},
"product_reference": "docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.2.6-5.16.1.aarch64 as component of SUSE Linux Enterprise Module for Containers 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.6-5.16.1.aarch64"
},
"product_reference": "containerd-1.2.6-5.16.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.2.6-5.16.1.ppc64le as component of SUSE Linux Enterprise Module for Containers 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.6-5.16.1.ppc64le"
},
"product_reference": "containerd-1.2.6-5.16.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.2.6-5.16.1.s390x as component of SUSE Linux Enterprise Module for Containers 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.6-5.16.1.s390x"
},
"product_reference": "containerd-1.2.6-5.16.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.2.6-5.16.1.x86_64 as component of SUSE Linux Enterprise Module for Containers 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.6-5.16.1.x86_64"
},
"product_reference": "containerd-1.2.6-5.16.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-19.03.1_ce-6.26.2.aarch64 as component of SUSE Linux Enterprise Module for Containers 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP1:docker-19.03.1_ce-6.26.2.aarch64"
},
"product_reference": "docker-19.03.1_ce-6.26.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-19.03.1_ce-6.26.2.ppc64le as component of SUSE Linux Enterprise Module for Containers 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP1:docker-19.03.1_ce-6.26.2.ppc64le"
},
"product_reference": "docker-19.03.1_ce-6.26.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-19.03.1_ce-6.26.2.s390x as component of SUSE Linux Enterprise Module for Containers 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP1:docker-19.03.1_ce-6.26.2.s390x"
},
"product_reference": "docker-19.03.1_ce-6.26.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-19.03.1_ce-6.26.2.x86_64 as component of SUSE Linux Enterprise Module for Containers 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP1:docker-19.03.1_ce-6.26.2.x86_64"
},
"product_reference": "docker-19.03.1_ce-6.26.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-bash-completion-19.03.1_ce-6.26.2.noarch as component of SUSE Linux Enterprise Module for Containers 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP1:docker-bash-completion-19.03.1_ce-6.26.2.noarch"
},
"product_reference": "docker-bash-completion-19.03.1_ce-6.26.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.aarch64 as component of SUSE Linux Enterprise Module for Containers 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.aarch64"
},
"product_reference": "docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.ppc64le as component of SUSE Linux Enterprise Module for Containers 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.ppc64le"
},
"product_reference": "docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.s390x as component of SUSE Linux Enterprise Module for Containers 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.s390x"
},
"product_reference": "docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.x86_64 as component of SUSE Linux Enterprise Module for Containers 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.x86_64"
},
"product_reference": "docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.aarch64 as component of SUSE Linux Enterprise Module for Containers 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.aarch64"
},
"product_reference": "docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.ppc64le as component of SUSE Linux Enterprise Module for Containers 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.ppc64le"
},
"product_reference": "docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.s390x as component of SUSE Linux Enterprise Module for Containers 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.s390x"
},
"product_reference": "docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.x86_64 as component of SUSE Linux Enterprise Module for Containers 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.x86_64"
},
"product_reference": "docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-10892",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-10892"
}
],
"notes": [
{
"category": "general",
"text": "The default OCI linux spec in oci/defaults{_linux}.go in Docker/Moby from 1.11 to current does not block /proc/acpi pathnames. The flaw allows an attacker to modify host\u0027s hardware like enabling/disabling bluetooth or turning up/down keyboard brightness.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.6-5.16.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.6-5.16.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.6-5.16.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.6-5.16.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-19.03.1_ce-6.26.2.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-19.03.1_ce-6.26.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-19.03.1_ce-6.26.2.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-19.03.1_ce-6.26.2.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-bash-completion-19.03.1_ce-6.26.2.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.x86_64",
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.6-5.16.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.6-5.16.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.6-5.16.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-19.03.1_ce-6.26.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-19.03.1_ce-6.26.2.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-19.03.1_ce-6.26.2.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-bash-completion-19.03.1_ce-6.26.2.noarch",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-10892",
"url": "https://www.suse.com/security/cve/CVE-2018-10892"
},
{
"category": "external",
"summary": "SUSE Bug 1100331 for CVE-2018-10892",
"url": "https://bugzilla.suse.com/1100331"
},
{
"category": "external",
"summary": "SUSE Bug 1100838 for CVE-2018-10892",
"url": "https://bugzilla.suse.com/1100838"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.6-5.16.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.6-5.16.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.6-5.16.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.6-5.16.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-19.03.1_ce-6.26.2.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-19.03.1_ce-6.26.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-19.03.1_ce-6.26.2.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-19.03.1_ce-6.26.2.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-bash-completion-19.03.1_ce-6.26.2.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.x86_64",
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.6-5.16.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.6-5.16.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.6-5.16.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-19.03.1_ce-6.26.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-19.03.1_ce-6.26.2.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-19.03.1_ce-6.26.2.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-bash-completion-19.03.1_ce-6.26.2.noarch",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.6-5.16.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.6-5.16.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.6-5.16.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.6-5.16.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-19.03.1_ce-6.26.2.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-19.03.1_ce-6.26.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-19.03.1_ce-6.26.2.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-19.03.1_ce-6.26.2.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-bash-completion-19.03.1_ce-6.26.2.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.x86_64",
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.6-5.16.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.6-5.16.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.6-5.16.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-19.03.1_ce-6.26.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-19.03.1_ce-6.26.2.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-19.03.1_ce-6.26.2.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-bash-completion-19.03.1_ce-6.26.2.noarch",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-08-13T12:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2018-10892"
},
{
"cve": "CVE-2019-13509",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13509"
}
],
"notes": [
{
"category": "general",
"text": "In Docker CE and EE before 18.09.8 (as well as Docker EE before 17.06.2-ee-23 and 18.x before 18.03.1-ee-10), Docker Engine in debug mode may sometimes add secrets to the debug log. This applies to a scenario where docker stack deploy is run to redeploy a stack that includes (non external) secrets. It potentially applies to other API users of the stack API if they resend the secret.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.6-5.16.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.6-5.16.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.6-5.16.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.6-5.16.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-19.03.1_ce-6.26.2.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-19.03.1_ce-6.26.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-19.03.1_ce-6.26.2.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-19.03.1_ce-6.26.2.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-bash-completion-19.03.1_ce-6.26.2.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.x86_64",
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.6-5.16.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.6-5.16.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.6-5.16.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-19.03.1_ce-6.26.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-19.03.1_ce-6.26.2.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-19.03.1_ce-6.26.2.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-bash-completion-19.03.1_ce-6.26.2.noarch",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13509",
"url": "https://www.suse.com/security/cve/CVE-2019-13509"
},
{
"category": "external",
"summary": "SUSE Bug 1142160 for CVE-2019-13509",
"url": "https://bugzilla.suse.com/1142160"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.6-5.16.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.6-5.16.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.6-5.16.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.6-5.16.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-19.03.1_ce-6.26.2.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-19.03.1_ce-6.26.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-19.03.1_ce-6.26.2.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-19.03.1_ce-6.26.2.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-bash-completion-19.03.1_ce-6.26.2.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.x86_64",
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.6-5.16.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.6-5.16.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.6-5.16.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-19.03.1_ce-6.26.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-19.03.1_ce-6.26.2.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-19.03.1_ce-6.26.2.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-bash-completion-19.03.1_ce-6.26.2.noarch",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.6-5.16.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.6-5.16.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.6-5.16.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.6-5.16.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-19.03.1_ce-6.26.2.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-19.03.1_ce-6.26.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-19.03.1_ce-6.26.2.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-19.03.1_ce-6.26.2.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-bash-completion-19.03.1_ce-6.26.2.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.x86_64",
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.6-5.16.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.6-5.16.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.6-5.16.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-19.03.1_ce-6.26.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-19.03.1_ce-6.26.2.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-19.03.1_ce-6.26.2.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-bash-completion-19.03.1_ce-6.26.2.noarch",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-08-13T12:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2019-13509"
},
{
"cve": "CVE-2019-14271",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-14271"
}
],
"notes": [
{
"category": "general",
"text": "In Docker 19.03.x before 19.03.1 linked against the GNU C Library (aka glibc), code injection can occur when the nsswitch facility dynamically loads a library inside a chroot that contains the contents of the container.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.6-5.16.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.6-5.16.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.6-5.16.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.6-5.16.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-19.03.1_ce-6.26.2.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-19.03.1_ce-6.26.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-19.03.1_ce-6.26.2.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-19.03.1_ce-6.26.2.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-bash-completion-19.03.1_ce-6.26.2.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.x86_64",
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.6-5.16.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.6-5.16.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.6-5.16.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-19.03.1_ce-6.26.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-19.03.1_ce-6.26.2.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-19.03.1_ce-6.26.2.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-bash-completion-19.03.1_ce-6.26.2.noarch",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-14271",
"url": "https://www.suse.com/security/cve/CVE-2019-14271"
},
{
"category": "external",
"summary": "SUSE Bug 1143409 for CVE-2019-14271",
"url": "https://bugzilla.suse.com/1143409"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.6-5.16.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.6-5.16.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.6-5.16.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.6-5.16.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-19.03.1_ce-6.26.2.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-19.03.1_ce-6.26.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-19.03.1_ce-6.26.2.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-19.03.1_ce-6.26.2.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-bash-completion-19.03.1_ce-6.26.2.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.x86_64",
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.6-5.16.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.6-5.16.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.6-5.16.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-19.03.1_ce-6.26.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-19.03.1_ce-6.26.2.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-19.03.1_ce-6.26.2.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-bash-completion-19.03.1_ce-6.26.2.noarch",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.6-5.16.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.6-5.16.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.6-5.16.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.6-5.16.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-19.03.1_ce-6.26.2.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-19.03.1_ce-6.26.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-19.03.1_ce-6.26.2.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-19.03.1_ce-6.26.2.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-bash-completion-19.03.1_ce-6.26.2.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.x86_64",
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.6-5.16.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.6-5.16.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.6-5.16.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-19.03.1_ce-6.26.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-19.03.1_ce-6.26.2.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-19.03.1_ce-6.26.2.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-bash-completion-19.03.1_ce-6.26.2.noarch",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-08-13T12:56:58Z",
"details": "important"
}
],
"title": "CVE-2019-14271"
},
{
"cve": "CVE-2019-5736",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-5736"
}
],
"notes": [
{
"category": "general",
"text": "runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers: (1) a new container with an attacker-controlled image, or (2) an existing container, to which the attacker previously had write access, that can be attached with docker exec. This occurs because of file-descriptor mishandling, related to /proc/self/exe.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.6-5.16.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.6-5.16.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.6-5.16.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.6-5.16.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-19.03.1_ce-6.26.2.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-19.03.1_ce-6.26.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-19.03.1_ce-6.26.2.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-19.03.1_ce-6.26.2.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-bash-completion-19.03.1_ce-6.26.2.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.x86_64",
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.6-5.16.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.6-5.16.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.6-5.16.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-19.03.1_ce-6.26.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-19.03.1_ce-6.26.2.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-19.03.1_ce-6.26.2.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-bash-completion-19.03.1_ce-6.26.2.noarch",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-5736",
"url": "https://www.suse.com/security/cve/CVE-2019-5736"
},
{
"category": "external",
"summary": "SUSE Bug 1121967 for CVE-2019-5736",
"url": "https://bugzilla.suse.com/1121967"
},
{
"category": "external",
"summary": "SUSE Bug 1122185 for CVE-2019-5736",
"url": "https://bugzilla.suse.com/1122185"
},
{
"category": "external",
"summary": "SUSE Bug 1173421 for CVE-2019-5736",
"url": "https://bugzilla.suse.com/1173421"
},
{
"category": "external",
"summary": "SUSE Bug 1218894 for CVE-2019-5736",
"url": "https://bugzilla.suse.com/1218894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.6-5.16.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.6-5.16.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.6-5.16.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.6-5.16.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-19.03.1_ce-6.26.2.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-19.03.1_ce-6.26.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-19.03.1_ce-6.26.2.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-19.03.1_ce-6.26.2.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-bash-completion-19.03.1_ce-6.26.2.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.x86_64",
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.6-5.16.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.6-5.16.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.6-5.16.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-19.03.1_ce-6.26.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-19.03.1_ce-6.26.2.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-19.03.1_ce-6.26.2.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-bash-completion-19.03.1_ce-6.26.2.noarch",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.6-5.16.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.6-5.16.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.6-5.16.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:containerd-1.2.6-5.16.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-19.03.1_ce-6.26.2.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-19.03.1_ce-6.26.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-19.03.1_ce-6.26.2.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-19.03.1_ce-6.26.2.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-bash-completion-19.03.1_ce-6.26.2.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.x86_64",
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.6-5.16.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.6-5.16.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:containerd-1.2.6-5.16.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-19.03.1_ce-6.26.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-19.03.1_ce-6.26.2.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-19.03.1_ce-6.26.2.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-bash-completion-19.03.1_ce-6.26.2.noarch",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.s390x",
"SUSE Linux Enterprise Module for Containers 15:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-08-13T12:56:58Z",
"details": "moderate"
}
],
"title": "CVE-2019-5736"
}
]
}
SUSE-SU-2019:2119-1
Vulnerability from csaf_suse - Published: 2019-08-13 12:58 - Updated: 2019-08-13 12:58Summary
Security update for containerd, docker, docker-runc, golang-github-docker-libnetwork
Severity
Important
Notes
Title of the patch: Security update for containerd, docker, docker-runc, golang-github-docker-libnetwork
Description of the patch: This update for containerd, docker, docker-runc, golang-github-docker-libnetwork fixes the following issues:
Docker:
- CVE-2019-14271: Fixed a code injection if the nsswitch facility dynamically loaded a library inside a chroot (bsc#1143409).
- CVE-2019-13509: Fixed an information leak in the debug log (bsc#1142160).
- Update to version 19.03.1-ce, see changelog at /usr/share/doc/packages/docker/CHANGELOG.md (bsc#1142413).
golang-github-docker-libnetwork:
- Update to version git.fc5a7d91d54cc98f64fc28f9e288b46a0bee756c, which is required by docker (bsc#1142413).
Patchnames: SUSE-2019-2119,SUSE-OpenStack-Cloud-6-LTSS-2019-2119,SUSE-SLE-Module-Containers-12-2019-2119
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
6.3 (Medium)
Affected products
Recommended
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:containerd-1.2.6-16.23.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:containerd-1.2.6-16.23.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:containerd-1.2.6-16.23.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-19.03.1_ce-98.46.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-19.03.1_ce-98.46.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-19.03.1_ce-98.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 6-LTSS:containerd-1.2.6-16.23.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 6-LTSS:docker-19.03.1_ce-98.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 6-LTSS:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 6-LTSS:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:containerd-1.2.6-16.23.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:containerd-1.2.6-16.23.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:containerd-1.2.6-16.23.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-19.03.1_ce-98.46.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-19.03.1_ce-98.46.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-19.03.1_ce-98.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 6-LTSS:containerd-1.2.6-16.23.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 6-LTSS:docker-19.03.1_ce-98.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 6-LTSS:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 6-LTSS:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
8.3 (High)
Affected products
Recommended
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:containerd-1.2.6-16.23.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:containerd-1.2.6-16.23.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:containerd-1.2.6-16.23.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-19.03.1_ce-98.46.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-19.03.1_ce-98.46.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-19.03.1_ce-98.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 6-LTSS:containerd-1.2.6-16.23.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 6-LTSS:docker-19.03.1_ce-98.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 6-LTSS:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 6-LTSS:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:containerd-1.2.6-16.23.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:containerd-1.2.6-16.23.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:containerd-1.2.6-16.23.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-19.03.1_ce-98.46.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-19.03.1_ce-98.46.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-19.03.1_ce-98.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 6-LTSS:containerd-1.2.6-16.23.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 6-LTSS:docker-19.03.1_ce-98.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 6-LTSS:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 6-LTSS:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
25 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for containerd, docker, docker-runc, golang-github-docker-libnetwork",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for containerd, docker, docker-runc, golang-github-docker-libnetwork fixes the following issues:\n\nDocker:\n\n- CVE-2019-14271: Fixed a code injection if the nsswitch facility dynamically loaded a library inside a chroot (bsc#1143409).\n- CVE-2019-13509: Fixed an information leak in the debug log (bsc#1142160).\n- Update to version 19.03.1-ce, see changelog at /usr/share/doc/packages/docker/CHANGELOG.md (bsc#1142413).\n\ngolang-github-docker-libnetwork:\n\n- Update to version git.fc5a7d91d54cc98f64fc28f9e288b46a0bee756c, which is required by docker (bsc#1142413).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2019-2119,SUSE-OpenStack-Cloud-6-LTSS-2019-2119,SUSE-SLE-Module-Containers-12-2019-2119",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2019_2119-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2019:2119-1",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192119-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2019:2119-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2019-August/005814.html"
},
{
"category": "self",
"summary": "SUSE Bug 1100331",
"url": "https://bugzilla.suse.com/1100331"
},
{
"category": "self",
"summary": "SUSE Bug 1121967",
"url": "https://bugzilla.suse.com/1121967"
},
{
"category": "self",
"summary": "SUSE Bug 1142160",
"url": "https://bugzilla.suse.com/1142160"
},
{
"category": "self",
"summary": "SUSE Bug 1142413",
"url": "https://bugzilla.suse.com/1142413"
},
{
"category": "self",
"summary": "SUSE Bug 1143409",
"url": "https://bugzilla.suse.com/1143409"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-10892 page",
"url": "https://www.suse.com/security/cve/CVE-2018-10892/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13509 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13509/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-14271 page",
"url": "https://www.suse.com/security/cve/CVE-2019-14271/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-5736 page",
"url": "https://www.suse.com/security/cve/CVE-2019-5736/"
}
],
"title": "Security update for containerd, docker, docker-runc, golang-github-docker-libnetwork",
"tracking": {
"current_release_date": "2019-08-13T12:58:40Z",
"generator": {
"date": "2019-08-13T12:58:40Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2019:2119-1",
"initial_release_date": "2019-08-13T12:58:40Z",
"revision_history": [
{
"date": "2019-08-13T12:58:40Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "containerd-1.2.6-16.23.1.aarch64",
"product": {
"name": "containerd-1.2.6-16.23.1.aarch64",
"product_id": "containerd-1.2.6-16.23.1.aarch64"
}
},
{
"category": "product_version",
"name": "containerd-ctr-1.2.6-16.23.1.aarch64",
"product": {
"name": "containerd-ctr-1.2.6-16.23.1.aarch64",
"product_id": "containerd-ctr-1.2.6-16.23.1.aarch64"
}
},
{
"category": "product_version",
"name": "containerd-kubic-1.2.6-16.23.1.aarch64",
"product": {
"name": "containerd-kubic-1.2.6-16.23.1.aarch64",
"product_id": "containerd-kubic-1.2.6-16.23.1.aarch64"
}
},
{
"category": "product_version",
"name": "containerd-kubic-ctr-1.2.6-16.23.1.aarch64",
"product": {
"name": "containerd-kubic-ctr-1.2.6-16.23.1.aarch64",
"product_id": "containerd-kubic-ctr-1.2.6-16.23.1.aarch64"
}
},
{
"category": "product_version",
"name": "docker-19.03.1_ce-98.46.1.aarch64",
"product": {
"name": "docker-19.03.1_ce-98.46.1.aarch64",
"product_id": "docker-19.03.1_ce-98.46.1.aarch64"
}
},
{
"category": "product_version",
"name": "docker-kubic-19.03.1_ce-98.46.1.aarch64",
"product": {
"name": "docker-kubic-19.03.1_ce-98.46.1.aarch64",
"product_id": "docker-kubic-19.03.1_ce-98.46.1.aarch64"
}
},
{
"category": "product_version",
"name": "docker-kubic-kubeadm-criconfig-19.03.1_ce-98.46.1.aarch64",
"product": {
"name": "docker-kubic-kubeadm-criconfig-19.03.1_ce-98.46.1.aarch64",
"product_id": "docker-kubic-kubeadm-criconfig-19.03.1_ce-98.46.1.aarch64"
}
},
{
"category": "product_version",
"name": "docker-kubic-test-19.03.1_ce-98.46.1.aarch64",
"product": {
"name": "docker-kubic-test-19.03.1_ce-98.46.1.aarch64",
"product_id": "docker-kubic-test-19.03.1_ce-98.46.1.aarch64"
}
},
{
"category": "product_version",
"name": "docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.aarch64",
"product": {
"name": "docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.aarch64",
"product_id": "docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.aarch64"
}
},
{
"category": "product_version",
"name": "docker-libnetwork-kubic-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.aarch64",
"product": {
"name": "docker-libnetwork-kubic-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.aarch64",
"product_id": "docker-libnetwork-kubic-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.aarch64"
}
},
{
"category": "product_version",
"name": "docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.aarch64",
"product": {
"name": "docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.aarch64",
"product_id": "docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.aarch64"
}
},
{
"category": "product_version",
"name": "docker-runc-kubic-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.aarch64",
"product": {
"name": "docker-runc-kubic-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.aarch64",
"product_id": "docker-runc-kubic-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.aarch64"
}
},
{
"category": "product_version",
"name": "docker-test-19.03.1_ce-98.46.1.aarch64",
"product": {
"name": "docker-test-19.03.1_ce-98.46.1.aarch64",
"product_id": "docker-test-19.03.1_ce-98.46.1.aarch64"
}
},
{
"category": "product_version",
"name": "golang-github-docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.aarch64",
"product": {
"name": "golang-github-docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.aarch64",
"product_id": "golang-github-docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.aarch64"
}
},
{
"category": "product_version",
"name": "golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.aarch64",
"product": {
"name": "golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.aarch64",
"product_id": "golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "containerd-1.2.6-16.23.1.i586",
"product": {
"name": "containerd-1.2.6-16.23.1.i586",
"product_id": "containerd-1.2.6-16.23.1.i586"
}
},
{
"category": "product_version",
"name": "containerd-ctr-1.2.6-16.23.1.i586",
"product": {
"name": "containerd-ctr-1.2.6-16.23.1.i586",
"product_id": "containerd-ctr-1.2.6-16.23.1.i586"
}
},
{
"category": "product_version",
"name": "containerd-kubic-1.2.6-16.23.1.i586",
"product": {
"name": "containerd-kubic-1.2.6-16.23.1.i586",
"product_id": "containerd-kubic-1.2.6-16.23.1.i586"
}
},
{
"category": "product_version",
"name": "containerd-kubic-ctr-1.2.6-16.23.1.i586",
"product": {
"name": "containerd-kubic-ctr-1.2.6-16.23.1.i586",
"product_id": "containerd-kubic-ctr-1.2.6-16.23.1.i586"
}
},
{
"category": "product_version",
"name": "docker-19.03.1_ce-98.46.1.i586",
"product": {
"name": "docker-19.03.1_ce-98.46.1.i586",
"product_id": "docker-19.03.1_ce-98.46.1.i586"
}
},
{
"category": "product_version",
"name": "docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.i586",
"product": {
"name": "docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.i586",
"product_id": "docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.i586"
}
},
{
"category": "product_version",
"name": "docker-libnetwork-kubic-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.i586",
"product": {
"name": "docker-libnetwork-kubic-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.i586",
"product_id": "docker-libnetwork-kubic-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.i586"
}
},
{
"category": "product_version",
"name": "docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.i586",
"product": {
"name": "docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.i586",
"product_id": "docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.i586"
}
},
{
"category": "product_version",
"name": "docker-runc-kubic-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.i586",
"product": {
"name": "docker-runc-kubic-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.i586",
"product_id": "docker-runc-kubic-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.i586"
}
},
{
"category": "product_version",
"name": "docker-test-19.03.1_ce-98.46.1.i586",
"product": {
"name": "docker-test-19.03.1_ce-98.46.1.i586",
"product_id": "docker-test-19.03.1_ce-98.46.1.i586"
}
},
{
"category": "product_version",
"name": "golang-github-docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.i586",
"product": {
"name": "golang-github-docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.i586",
"product_id": "golang-github-docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.i586"
}
},
{
"category": "product_version",
"name": "golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.i586",
"product": {
"name": "golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.i586",
"product_id": "golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "docker-bash-completion-19.03.1_ce-98.46.1.noarch",
"product": {
"name": "docker-bash-completion-19.03.1_ce-98.46.1.noarch",
"product_id": "docker-bash-completion-19.03.1_ce-98.46.1.noarch"
}
},
{
"category": "product_version",
"name": "docker-kubic-bash-completion-19.03.1_ce-98.46.1.noarch",
"product": {
"name": "docker-kubic-bash-completion-19.03.1_ce-98.46.1.noarch",
"product_id": "docker-kubic-bash-completion-19.03.1_ce-98.46.1.noarch"
}
},
{
"category": "product_version",
"name": "docker-kubic-zsh-completion-19.03.1_ce-98.46.1.noarch",
"product": {
"name": "docker-kubic-zsh-completion-19.03.1_ce-98.46.1.noarch",
"product_id": "docker-kubic-zsh-completion-19.03.1_ce-98.46.1.noarch"
}
},
{
"category": "product_version",
"name": "docker-zsh-completion-19.03.1_ce-98.46.1.noarch",
"product": {
"name": "docker-zsh-completion-19.03.1_ce-98.46.1.noarch",
"product_id": "docker-zsh-completion-19.03.1_ce-98.46.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "containerd-1.2.6-16.23.1.ppc64le",
"product": {
"name": "containerd-1.2.6-16.23.1.ppc64le",
"product_id": "containerd-1.2.6-16.23.1.ppc64le"
}
},
{
"category": "product_version",
"name": "containerd-ctr-1.2.6-16.23.1.ppc64le",
"product": {
"name": "containerd-ctr-1.2.6-16.23.1.ppc64le",
"product_id": "containerd-ctr-1.2.6-16.23.1.ppc64le"
}
},
{
"category": "product_version",
"name": "containerd-kubic-1.2.6-16.23.1.ppc64le",
"product": {
"name": "containerd-kubic-1.2.6-16.23.1.ppc64le",
"product_id": "containerd-kubic-1.2.6-16.23.1.ppc64le"
}
},
{
"category": "product_version",
"name": "containerd-kubic-ctr-1.2.6-16.23.1.ppc64le",
"product": {
"name": "containerd-kubic-ctr-1.2.6-16.23.1.ppc64le",
"product_id": "containerd-kubic-ctr-1.2.6-16.23.1.ppc64le"
}
},
{
"category": "product_version",
"name": "docker-19.03.1_ce-98.46.1.ppc64le",
"product": {
"name": "docker-19.03.1_ce-98.46.1.ppc64le",
"product_id": "docker-19.03.1_ce-98.46.1.ppc64le"
}
},
{
"category": "product_version",
"name": "docker-kubic-19.03.1_ce-98.46.1.ppc64le",
"product": {
"name": "docker-kubic-19.03.1_ce-98.46.1.ppc64le",
"product_id": "docker-kubic-19.03.1_ce-98.46.1.ppc64le"
}
},
{
"category": "product_version",
"name": "docker-kubic-kubeadm-criconfig-19.03.1_ce-98.46.1.ppc64le",
"product": {
"name": "docker-kubic-kubeadm-criconfig-19.03.1_ce-98.46.1.ppc64le",
"product_id": "docker-kubic-kubeadm-criconfig-19.03.1_ce-98.46.1.ppc64le"
}
},
{
"category": "product_version",
"name": "docker-kubic-test-19.03.1_ce-98.46.1.ppc64le",
"product": {
"name": "docker-kubic-test-19.03.1_ce-98.46.1.ppc64le",
"product_id": "docker-kubic-test-19.03.1_ce-98.46.1.ppc64le"
}
},
{
"category": "product_version",
"name": "docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.ppc64le",
"product": {
"name": "docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.ppc64le",
"product_id": "docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.ppc64le"
}
},
{
"category": "product_version",
"name": "docker-libnetwork-kubic-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.ppc64le",
"product": {
"name": "docker-libnetwork-kubic-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.ppc64le",
"product_id": "docker-libnetwork-kubic-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.ppc64le"
}
},
{
"category": "product_version",
"name": "docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.ppc64le",
"product": {
"name": "docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.ppc64le",
"product_id": "docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.ppc64le"
}
},
{
"category": "product_version",
"name": "docker-runc-kubic-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.ppc64le",
"product": {
"name": "docker-runc-kubic-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.ppc64le",
"product_id": "docker-runc-kubic-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.ppc64le"
}
},
{
"category": "product_version",
"name": "docker-test-19.03.1_ce-98.46.1.ppc64le",
"product": {
"name": "docker-test-19.03.1_ce-98.46.1.ppc64le",
"product_id": "docker-test-19.03.1_ce-98.46.1.ppc64le"
}
},
{
"category": "product_version",
"name": "golang-github-docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.ppc64le",
"product": {
"name": "golang-github-docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.ppc64le",
"product_id": "golang-github-docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.ppc64le"
}
},
{
"category": "product_version",
"name": "golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.ppc64le",
"product": {
"name": "golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.ppc64le",
"product_id": "golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "containerd-1.2.6-16.23.1.s390x",
"product": {
"name": "containerd-1.2.6-16.23.1.s390x",
"product_id": "containerd-1.2.6-16.23.1.s390x"
}
},
{
"category": "product_version",
"name": "containerd-ctr-1.2.6-16.23.1.s390x",
"product": {
"name": "containerd-ctr-1.2.6-16.23.1.s390x",
"product_id": "containerd-ctr-1.2.6-16.23.1.s390x"
}
},
{
"category": "product_version",
"name": "containerd-kubic-1.2.6-16.23.1.s390x",
"product": {
"name": "containerd-kubic-1.2.6-16.23.1.s390x",
"product_id": "containerd-kubic-1.2.6-16.23.1.s390x"
}
},
{
"category": "product_version",
"name": "containerd-kubic-ctr-1.2.6-16.23.1.s390x",
"product": {
"name": "containerd-kubic-ctr-1.2.6-16.23.1.s390x",
"product_id": "containerd-kubic-ctr-1.2.6-16.23.1.s390x"
}
},
{
"category": "product_version",
"name": "docker-19.03.1_ce-98.46.1.s390x",
"product": {
"name": "docker-19.03.1_ce-98.46.1.s390x",
"product_id": "docker-19.03.1_ce-98.46.1.s390x"
}
},
{
"category": "product_version",
"name": "docker-kubic-19.03.1_ce-98.46.1.s390x",
"product": {
"name": "docker-kubic-19.03.1_ce-98.46.1.s390x",
"product_id": "docker-kubic-19.03.1_ce-98.46.1.s390x"
}
},
{
"category": "product_version",
"name": "docker-kubic-kubeadm-criconfig-19.03.1_ce-98.46.1.s390x",
"product": {
"name": "docker-kubic-kubeadm-criconfig-19.03.1_ce-98.46.1.s390x",
"product_id": "docker-kubic-kubeadm-criconfig-19.03.1_ce-98.46.1.s390x"
}
},
{
"category": "product_version",
"name": "docker-kubic-test-19.03.1_ce-98.46.1.s390x",
"product": {
"name": "docker-kubic-test-19.03.1_ce-98.46.1.s390x",
"product_id": "docker-kubic-test-19.03.1_ce-98.46.1.s390x"
}
},
{
"category": "product_version",
"name": "docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.s390x",
"product": {
"name": "docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.s390x",
"product_id": "docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.s390x"
}
},
{
"category": "product_version",
"name": "docker-libnetwork-kubic-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.s390x",
"product": {
"name": "docker-libnetwork-kubic-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.s390x",
"product_id": "docker-libnetwork-kubic-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.s390x"
}
},
{
"category": "product_version",
"name": "docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.s390x",
"product": {
"name": "docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.s390x",
"product_id": "docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.s390x"
}
},
{
"category": "product_version",
"name": "docker-runc-kubic-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.s390x",
"product": {
"name": "docker-runc-kubic-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.s390x",
"product_id": "docker-runc-kubic-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.s390x"
}
},
{
"category": "product_version",
"name": "docker-test-19.03.1_ce-98.46.1.s390x",
"product": {
"name": "docker-test-19.03.1_ce-98.46.1.s390x",
"product_id": "docker-test-19.03.1_ce-98.46.1.s390x"
}
},
{
"category": "product_version",
"name": "golang-github-docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.s390x",
"product": {
"name": "golang-github-docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.s390x",
"product_id": "golang-github-docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.s390x"
}
},
{
"category": "product_version",
"name": "golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.s390x",
"product": {
"name": "golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.s390x",
"product_id": "golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "containerd-1.2.6-16.23.1.x86_64",
"product": {
"name": "containerd-1.2.6-16.23.1.x86_64",
"product_id": "containerd-1.2.6-16.23.1.x86_64"
}
},
{
"category": "product_version",
"name": "containerd-ctr-1.2.6-16.23.1.x86_64",
"product": {
"name": "containerd-ctr-1.2.6-16.23.1.x86_64",
"product_id": "containerd-ctr-1.2.6-16.23.1.x86_64"
}
},
{
"category": "product_version",
"name": "containerd-kubic-1.2.6-16.23.1.x86_64",
"product": {
"name": "containerd-kubic-1.2.6-16.23.1.x86_64",
"product_id": "containerd-kubic-1.2.6-16.23.1.x86_64"
}
},
{
"category": "product_version",
"name": "containerd-kubic-ctr-1.2.6-16.23.1.x86_64",
"product": {
"name": "containerd-kubic-ctr-1.2.6-16.23.1.x86_64",
"product_id": "containerd-kubic-ctr-1.2.6-16.23.1.x86_64"
}
},
{
"category": "product_version",
"name": "docker-19.03.1_ce-98.46.1.x86_64",
"product": {
"name": "docker-19.03.1_ce-98.46.1.x86_64",
"product_id": "docker-19.03.1_ce-98.46.1.x86_64"
}
},
{
"category": "product_version",
"name": "docker-kubic-19.03.1_ce-98.46.1.x86_64",
"product": {
"name": "docker-kubic-19.03.1_ce-98.46.1.x86_64",
"product_id": "docker-kubic-19.03.1_ce-98.46.1.x86_64"
}
},
{
"category": "product_version",
"name": "docker-kubic-kubeadm-criconfig-19.03.1_ce-98.46.1.x86_64",
"product": {
"name": "docker-kubic-kubeadm-criconfig-19.03.1_ce-98.46.1.x86_64",
"product_id": "docker-kubic-kubeadm-criconfig-19.03.1_ce-98.46.1.x86_64"
}
},
{
"category": "product_version",
"name": "docker-kubic-test-19.03.1_ce-98.46.1.x86_64",
"product": {
"name": "docker-kubic-test-19.03.1_ce-98.46.1.x86_64",
"product_id": "docker-kubic-test-19.03.1_ce-98.46.1.x86_64"
}
},
{
"category": "product_version",
"name": "docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.x86_64",
"product": {
"name": "docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.x86_64",
"product_id": "docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.x86_64"
}
},
{
"category": "product_version",
"name": "docker-libnetwork-kubic-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.x86_64",
"product": {
"name": "docker-libnetwork-kubic-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.x86_64",
"product_id": "docker-libnetwork-kubic-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.x86_64"
}
},
{
"category": "product_version",
"name": "docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.x86_64",
"product": {
"name": "docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.x86_64",
"product_id": "docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.x86_64"
}
},
{
"category": "product_version",
"name": "docker-runc-kubic-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.x86_64",
"product": {
"name": "docker-runc-kubic-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.x86_64",
"product_id": "docker-runc-kubic-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.x86_64"
}
},
{
"category": "product_version",
"name": "docker-test-19.03.1_ce-98.46.1.x86_64",
"product": {
"name": "docker-test-19.03.1_ce-98.46.1.x86_64",
"product_id": "docker-test-19.03.1_ce-98.46.1.x86_64"
}
},
{
"category": "product_version",
"name": "golang-github-docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.x86_64",
"product": {
"name": "golang-github-docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.x86_64",
"product_id": "golang-github-docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.x86_64"
}
},
{
"category": "product_version",
"name": "golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.x86_64",
"product": {
"name": "golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.x86_64",
"product_id": "golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE OpenStack Cloud 6-LTSS",
"product": {
"name": "SUSE OpenStack Cloud 6-LTSS",
"product_id": "SUSE OpenStack Cloud 6-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-openstack-cloud-ltss:6"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Containers 12",
"product": {
"name": "SUSE Linux Enterprise Module for Containers 12",
"product_id": "SUSE Linux Enterprise Module for Containers 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-containers:12"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.2.6-16.23.1.x86_64 as component of SUSE OpenStack Cloud 6-LTSS",
"product_id": "SUSE OpenStack Cloud 6-LTSS:containerd-1.2.6-16.23.1.x86_64"
},
"product_reference": "containerd-1.2.6-16.23.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-19.03.1_ce-98.46.1.x86_64 as component of SUSE OpenStack Cloud 6-LTSS",
"product_id": "SUSE OpenStack Cloud 6-LTSS:docker-19.03.1_ce-98.46.1.x86_64"
},
"product_reference": "docker-19.03.1_ce-98.46.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.x86_64 as component of SUSE OpenStack Cloud 6-LTSS",
"product_id": "SUSE OpenStack Cloud 6-LTSS:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.x86_64"
},
"product_reference": "docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.x86_64 as component of SUSE OpenStack Cloud 6-LTSS",
"product_id": "SUSE OpenStack Cloud 6-LTSS:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.x86_64"
},
"product_reference": "docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.2.6-16.23.1.ppc64le as component of SUSE Linux Enterprise Module for Containers 12",
"product_id": "SUSE Linux Enterprise Module for Containers 12:containerd-1.2.6-16.23.1.ppc64le"
},
"product_reference": "containerd-1.2.6-16.23.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.2.6-16.23.1.s390x as component of SUSE Linux Enterprise Module for Containers 12",
"product_id": "SUSE Linux Enterprise Module for Containers 12:containerd-1.2.6-16.23.1.s390x"
},
"product_reference": "containerd-1.2.6-16.23.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.2.6-16.23.1.x86_64 as component of SUSE Linux Enterprise Module for Containers 12",
"product_id": "SUSE Linux Enterprise Module for Containers 12:containerd-1.2.6-16.23.1.x86_64"
},
"product_reference": "containerd-1.2.6-16.23.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-19.03.1_ce-98.46.1.ppc64le as component of SUSE Linux Enterprise Module for Containers 12",
"product_id": "SUSE Linux Enterprise Module for Containers 12:docker-19.03.1_ce-98.46.1.ppc64le"
},
"product_reference": "docker-19.03.1_ce-98.46.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-19.03.1_ce-98.46.1.s390x as component of SUSE Linux Enterprise Module for Containers 12",
"product_id": "SUSE Linux Enterprise Module for Containers 12:docker-19.03.1_ce-98.46.1.s390x"
},
"product_reference": "docker-19.03.1_ce-98.46.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-19.03.1_ce-98.46.1.x86_64 as component of SUSE Linux Enterprise Module for Containers 12",
"product_id": "SUSE Linux Enterprise Module for Containers 12:docker-19.03.1_ce-98.46.1.x86_64"
},
"product_reference": "docker-19.03.1_ce-98.46.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.ppc64le as component of SUSE Linux Enterprise Module for Containers 12",
"product_id": "SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.ppc64le"
},
"product_reference": "docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.s390x as component of SUSE Linux Enterprise Module for Containers 12",
"product_id": "SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.s390x"
},
"product_reference": "docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.x86_64 as component of SUSE Linux Enterprise Module for Containers 12",
"product_id": "SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.x86_64"
},
"product_reference": "docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.ppc64le as component of SUSE Linux Enterprise Module for Containers 12",
"product_id": "SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.ppc64le"
},
"product_reference": "docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.s390x as component of SUSE Linux Enterprise Module for Containers 12",
"product_id": "SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.s390x"
},
"product_reference": "docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.x86_64 as component of SUSE Linux Enterprise Module for Containers 12",
"product_id": "SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.x86_64"
},
"product_reference": "docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 12"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-10892",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-10892"
}
],
"notes": [
{
"category": "general",
"text": "The default OCI linux spec in oci/defaults{_linux}.go in Docker/Moby from 1.11 to current does not block /proc/acpi pathnames. The flaw allows an attacker to modify host\u0027s hardware like enabling/disabling bluetooth or turning up/down keyboard brightness.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Containers 12:containerd-1.2.6-16.23.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.2.6-16.23.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.2.6-16.23.1.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-19.03.1_ce-98.46.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-19.03.1_ce-98.46.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-19.03.1_ce-98.46.1.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.x86_64",
"SUSE OpenStack Cloud 6-LTSS:containerd-1.2.6-16.23.1.x86_64",
"SUSE OpenStack Cloud 6-LTSS:docker-19.03.1_ce-98.46.1.x86_64",
"SUSE OpenStack Cloud 6-LTSS:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.x86_64",
"SUSE OpenStack Cloud 6-LTSS:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-10892",
"url": "https://www.suse.com/security/cve/CVE-2018-10892"
},
{
"category": "external",
"summary": "SUSE Bug 1100331 for CVE-2018-10892",
"url": "https://bugzilla.suse.com/1100331"
},
{
"category": "external",
"summary": "SUSE Bug 1100838 for CVE-2018-10892",
"url": "https://bugzilla.suse.com/1100838"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Containers 12:containerd-1.2.6-16.23.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.2.6-16.23.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.2.6-16.23.1.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-19.03.1_ce-98.46.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-19.03.1_ce-98.46.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-19.03.1_ce-98.46.1.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.x86_64",
"SUSE OpenStack Cloud 6-LTSS:containerd-1.2.6-16.23.1.x86_64",
"SUSE OpenStack Cloud 6-LTSS:docker-19.03.1_ce-98.46.1.x86_64",
"SUSE OpenStack Cloud 6-LTSS:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.x86_64",
"SUSE OpenStack Cloud 6-LTSS:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Containers 12:containerd-1.2.6-16.23.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.2.6-16.23.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.2.6-16.23.1.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-19.03.1_ce-98.46.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-19.03.1_ce-98.46.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-19.03.1_ce-98.46.1.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.x86_64",
"SUSE OpenStack Cloud 6-LTSS:containerd-1.2.6-16.23.1.x86_64",
"SUSE OpenStack Cloud 6-LTSS:docker-19.03.1_ce-98.46.1.x86_64",
"SUSE OpenStack Cloud 6-LTSS:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.x86_64",
"SUSE OpenStack Cloud 6-LTSS:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-08-13T12:58:40Z",
"details": "moderate"
}
],
"title": "CVE-2018-10892"
},
{
"cve": "CVE-2019-13509",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13509"
}
],
"notes": [
{
"category": "general",
"text": "In Docker CE and EE before 18.09.8 (as well as Docker EE before 17.06.2-ee-23 and 18.x before 18.03.1-ee-10), Docker Engine in debug mode may sometimes add secrets to the debug log. This applies to a scenario where docker stack deploy is run to redeploy a stack that includes (non external) secrets. It potentially applies to other API users of the stack API if they resend the secret.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Containers 12:containerd-1.2.6-16.23.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.2.6-16.23.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.2.6-16.23.1.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-19.03.1_ce-98.46.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-19.03.1_ce-98.46.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-19.03.1_ce-98.46.1.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.x86_64",
"SUSE OpenStack Cloud 6-LTSS:containerd-1.2.6-16.23.1.x86_64",
"SUSE OpenStack Cloud 6-LTSS:docker-19.03.1_ce-98.46.1.x86_64",
"SUSE OpenStack Cloud 6-LTSS:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.x86_64",
"SUSE OpenStack Cloud 6-LTSS:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13509",
"url": "https://www.suse.com/security/cve/CVE-2019-13509"
},
{
"category": "external",
"summary": "SUSE Bug 1142160 for CVE-2019-13509",
"url": "https://bugzilla.suse.com/1142160"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Containers 12:containerd-1.2.6-16.23.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.2.6-16.23.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.2.6-16.23.1.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-19.03.1_ce-98.46.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-19.03.1_ce-98.46.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-19.03.1_ce-98.46.1.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.x86_64",
"SUSE OpenStack Cloud 6-LTSS:containerd-1.2.6-16.23.1.x86_64",
"SUSE OpenStack Cloud 6-LTSS:docker-19.03.1_ce-98.46.1.x86_64",
"SUSE OpenStack Cloud 6-LTSS:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.x86_64",
"SUSE OpenStack Cloud 6-LTSS:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Containers 12:containerd-1.2.6-16.23.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.2.6-16.23.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.2.6-16.23.1.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-19.03.1_ce-98.46.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-19.03.1_ce-98.46.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-19.03.1_ce-98.46.1.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.x86_64",
"SUSE OpenStack Cloud 6-LTSS:containerd-1.2.6-16.23.1.x86_64",
"SUSE OpenStack Cloud 6-LTSS:docker-19.03.1_ce-98.46.1.x86_64",
"SUSE OpenStack Cloud 6-LTSS:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.x86_64",
"SUSE OpenStack Cloud 6-LTSS:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-08-13T12:58:40Z",
"details": "moderate"
}
],
"title": "CVE-2019-13509"
},
{
"cve": "CVE-2019-14271",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-14271"
}
],
"notes": [
{
"category": "general",
"text": "In Docker 19.03.x before 19.03.1 linked against the GNU C Library (aka glibc), code injection can occur when the nsswitch facility dynamically loads a library inside a chroot that contains the contents of the container.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Containers 12:containerd-1.2.6-16.23.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.2.6-16.23.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.2.6-16.23.1.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-19.03.1_ce-98.46.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-19.03.1_ce-98.46.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-19.03.1_ce-98.46.1.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.x86_64",
"SUSE OpenStack Cloud 6-LTSS:containerd-1.2.6-16.23.1.x86_64",
"SUSE OpenStack Cloud 6-LTSS:docker-19.03.1_ce-98.46.1.x86_64",
"SUSE OpenStack Cloud 6-LTSS:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.x86_64",
"SUSE OpenStack Cloud 6-LTSS:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-14271",
"url": "https://www.suse.com/security/cve/CVE-2019-14271"
},
{
"category": "external",
"summary": "SUSE Bug 1143409 for CVE-2019-14271",
"url": "https://bugzilla.suse.com/1143409"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Containers 12:containerd-1.2.6-16.23.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.2.6-16.23.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.2.6-16.23.1.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-19.03.1_ce-98.46.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-19.03.1_ce-98.46.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-19.03.1_ce-98.46.1.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.x86_64",
"SUSE OpenStack Cloud 6-LTSS:containerd-1.2.6-16.23.1.x86_64",
"SUSE OpenStack Cloud 6-LTSS:docker-19.03.1_ce-98.46.1.x86_64",
"SUSE OpenStack Cloud 6-LTSS:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.x86_64",
"SUSE OpenStack Cloud 6-LTSS:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Containers 12:containerd-1.2.6-16.23.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.2.6-16.23.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.2.6-16.23.1.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-19.03.1_ce-98.46.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-19.03.1_ce-98.46.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-19.03.1_ce-98.46.1.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.x86_64",
"SUSE OpenStack Cloud 6-LTSS:containerd-1.2.6-16.23.1.x86_64",
"SUSE OpenStack Cloud 6-LTSS:docker-19.03.1_ce-98.46.1.x86_64",
"SUSE OpenStack Cloud 6-LTSS:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.x86_64",
"SUSE OpenStack Cloud 6-LTSS:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-08-13T12:58:40Z",
"details": "important"
}
],
"title": "CVE-2019-14271"
},
{
"cve": "CVE-2019-5736",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-5736"
}
],
"notes": [
{
"category": "general",
"text": "runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers: (1) a new container with an attacker-controlled image, or (2) an existing container, to which the attacker previously had write access, that can be attached with docker exec. This occurs because of file-descriptor mishandling, related to /proc/self/exe.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Containers 12:containerd-1.2.6-16.23.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.2.6-16.23.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.2.6-16.23.1.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-19.03.1_ce-98.46.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-19.03.1_ce-98.46.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-19.03.1_ce-98.46.1.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.x86_64",
"SUSE OpenStack Cloud 6-LTSS:containerd-1.2.6-16.23.1.x86_64",
"SUSE OpenStack Cloud 6-LTSS:docker-19.03.1_ce-98.46.1.x86_64",
"SUSE OpenStack Cloud 6-LTSS:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.x86_64",
"SUSE OpenStack Cloud 6-LTSS:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-5736",
"url": "https://www.suse.com/security/cve/CVE-2019-5736"
},
{
"category": "external",
"summary": "SUSE Bug 1121967 for CVE-2019-5736",
"url": "https://bugzilla.suse.com/1121967"
},
{
"category": "external",
"summary": "SUSE Bug 1122185 for CVE-2019-5736",
"url": "https://bugzilla.suse.com/1122185"
},
{
"category": "external",
"summary": "SUSE Bug 1173421 for CVE-2019-5736",
"url": "https://bugzilla.suse.com/1173421"
},
{
"category": "external",
"summary": "SUSE Bug 1218894 for CVE-2019-5736",
"url": "https://bugzilla.suse.com/1218894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Containers 12:containerd-1.2.6-16.23.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.2.6-16.23.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.2.6-16.23.1.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-19.03.1_ce-98.46.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-19.03.1_ce-98.46.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-19.03.1_ce-98.46.1.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.x86_64",
"SUSE OpenStack Cloud 6-LTSS:containerd-1.2.6-16.23.1.x86_64",
"SUSE OpenStack Cloud 6-LTSS:docker-19.03.1_ce-98.46.1.x86_64",
"SUSE OpenStack Cloud 6-LTSS:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.x86_64",
"SUSE OpenStack Cloud 6-LTSS:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Containers 12:containerd-1.2.6-16.23.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.2.6-16.23.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.2.6-16.23.1.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-19.03.1_ce-98.46.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-19.03.1_ce-98.46.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-19.03.1_ce-98.46.1.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.x86_64",
"SUSE OpenStack Cloud 6-LTSS:containerd-1.2.6-16.23.1.x86_64",
"SUSE OpenStack Cloud 6-LTSS:docker-19.03.1_ce-98.46.1.x86_64",
"SUSE OpenStack Cloud 6-LTSS:docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25.1.x86_64",
"SUSE OpenStack Cloud 6-LTSS:docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-08-13T12:58:40Z",
"details": "moderate"
}
],
"title": "CVE-2019-5736"
}
]
}
SUSE-SU-2021:1458-1
Vulnerability from csaf_suse - Published: 2021-04-30 10:58 - Updated: 2021-04-30 10:58Summary
Security update for containerd, docker, runc
Severity
Important
Notes
Title of the patch: Security update for containerd, docker, runc
Description of the patch: This update for containerd, docker, runc fixes the following issues:
- Docker was updated to 20.10.6-ce
* Switch version to use -ce suffix rather than _ce to avoid confusing other
tools (bsc#1182476).
* CVE-2021-21284: Fixed a potential privilege escalation when the root user in
the remapped namespace has access to the host filesystem (bsc#1181732)
* CVE-2021-21285: Fixed an issue where pulling a malformed Docker image manifest
crashes the dockerd daemon (bsc#1181730).
- runc was updated to v1.0.0~rc93 (bsc#1182451 and bsc#1184962).
* Use the upstream runc package (bsc#1181641, bsc#1181677, bsc#1175821).
* Fixed /dev/null is not available (bsc#1168481).
* Fixed an issue where podman hangs when spawned by salt-minion process (bsc#1149954).
* CVE-2019-19921: Fixed a race condition with shared mounts (bsc#1160452).
* CVE-2019-16884: Fixed an LSM bypass via malicious Docker image that mount
over a /proc directory (bsc#1152308).
* CVE-2019-5736: Fixed potential write attacks to the host runc binary (bsc#1121967).
* Fixed an issue where after a kernel-update docker doesn't run (bsc#1131314 bsc#1131553)
* Ensure that we always include the version information in runc (bsc#1053532).
- Switch to Go 1.13 for build.
* CVE-2018-16873: Fixed a potential remote code execution (bsc#1118897).
* CVE-2018-16874: Fixed a directory traversal in 'go get' via curly braces
in import paths (bsc#1118898).
* CVE-2018-16875: Fixed a CPU denial of service (bsc#1118899).
* Fixed an issue with building containers (bsc#1095817).
- containerd was updated to v1.4.4
* CVE-2021-21334: Fixed a potential information leak through environment variables (bsc#1183397).
* Handle a requirement from docker (bsc#1181594).
* Install the containerd-shim* binaries and stop creating (bsc#1183024).
* update version to the one required by docker (bsc#1034053)
- Use -buildmode=pie for tests and binary build (bsc#1048046, bsc#1051429)
- Cleanup seccomp builds similar (bsc#1028638).
- Update to handle the docker-runc removal, and drop the -kubic flavour (bsc#1181677, bsc#1181749)
Patchnames: SUSE-2021-1458,SUSE-SLE-Module-Containers-12-2021-1458
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.5 (High)
Affected products
Recommended
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.8 (Medium)
Affected products
Recommended
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.9 (Medium)
Affected products
Recommended
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.3 (Medium)
Affected products
Recommended
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
5 (Medium)
Affected products
Recommended
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.3 (Medium)
Affected products
Recommended
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
73 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for containerd, docker, runc",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for containerd, docker, runc fixes the following issues:\n\n- Docker was updated to 20.10.6-ce\n * Switch version to use -ce suffix rather than _ce to avoid confusing other\n tools (bsc#1182476).\n * CVE-2021-21284: Fixed a potential privilege escalation when the root user in \n the remapped namespace has access to the host filesystem (bsc#1181732)\n * CVE-2021-21285: Fixed an issue where pulling a malformed Docker image manifest \n crashes the dockerd daemon (bsc#1181730). \n\n- runc was updated to v1.0.0~rc93 (bsc#1182451 and bsc#1184962).\n * Use the upstream runc package (bsc#1181641, bsc#1181677, bsc#1175821).\n * Fixed /dev/null is not available (bsc#1168481).\n * Fixed an issue where podman hangs when spawned by salt-minion process (bsc#1149954).\n * CVE-2019-19921: Fixed a race condition with shared mounts (bsc#1160452).\n * CVE-2019-16884: Fixed an LSM bypass via malicious Docker image that mount \n over a /proc directory (bsc#1152308).\n * CVE-2019-5736: Fixed potential write attacks to the host runc binary (bsc#1121967).\n * Fixed an issue where after a kernel-update docker doesn\u0027t run (bsc#1131314 bsc#1131553)\n * Ensure that we always include the version information in runc (bsc#1053532).\n \n- Switch to Go 1.13 for build.\n * CVE-2018-16873: Fixed a potential remote code execution (bsc#1118897).\n * CVE-2018-16874: Fixed a directory traversal in \u0027go get\u0027 via curly braces \n in import paths (bsc#1118898).\n * CVE-2018-16875: Fixed a CPU denial of service (bsc#1118899).\n * Fixed an issue with building containers (bsc#1095817).\n\n- containerd was updated to v1.4.4\n * CVE-2021-21334: Fixed a potential information leak through environment variables (bsc#1183397).\n * Handle a requirement from docker (bsc#1181594).\n * Install the containerd-shim* binaries and stop creating (bsc#1183024).\n * update version to the one required by docker (bsc#1034053)\n\n- Use -buildmode=pie for tests and binary build (bsc#1048046, bsc#1051429)\n- Cleanup seccomp builds similar (bsc#1028638).\n- Update to handle the docker-runc removal, and drop the -kubic flavour (bsc#1181677, bsc#1181749)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2021-1458,SUSE-SLE-Module-Containers-12-2021-1458",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2021_1458-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2021:1458-1",
"url": "https://www.suse.com/support/update/announcement/2021/suse-su-20211458-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2021:1458-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-April/008717.html"
},
{
"category": "self",
"summary": "SUSE Bug 1028638",
"url": "https://bugzilla.suse.com/1028638"
},
{
"category": "self",
"summary": "SUSE Bug 1034053",
"url": "https://bugzilla.suse.com/1034053"
},
{
"category": "self",
"summary": "SUSE Bug 1048046",
"url": "https://bugzilla.suse.com/1048046"
},
{
"category": "self",
"summary": "SUSE Bug 1051429",
"url": "https://bugzilla.suse.com/1051429"
},
{
"category": "self",
"summary": "SUSE Bug 1053532",
"url": "https://bugzilla.suse.com/1053532"
},
{
"category": "self",
"summary": "SUSE Bug 1095817",
"url": "https://bugzilla.suse.com/1095817"
},
{
"category": "self",
"summary": "SUSE Bug 1118897",
"url": "https://bugzilla.suse.com/1118897"
},
{
"category": "self",
"summary": "SUSE Bug 1118898",
"url": "https://bugzilla.suse.com/1118898"
},
{
"category": "self",
"summary": "SUSE Bug 1118899",
"url": "https://bugzilla.suse.com/1118899"
},
{
"category": "self",
"summary": "SUSE Bug 1121967",
"url": "https://bugzilla.suse.com/1121967"
},
{
"category": "self",
"summary": "SUSE Bug 1131314",
"url": "https://bugzilla.suse.com/1131314"
},
{
"category": "self",
"summary": "SUSE Bug 1131553",
"url": "https://bugzilla.suse.com/1131553"
},
{
"category": "self",
"summary": "SUSE Bug 1149954",
"url": "https://bugzilla.suse.com/1149954"
},
{
"category": "self",
"summary": "SUSE Bug 1152308",
"url": "https://bugzilla.suse.com/1152308"
},
{
"category": "self",
"summary": "SUSE Bug 1160452",
"url": "https://bugzilla.suse.com/1160452"
},
{
"category": "self",
"summary": "SUSE Bug 1168481",
"url": "https://bugzilla.suse.com/1168481"
},
{
"category": "self",
"summary": "SUSE Bug 1175081",
"url": "https://bugzilla.suse.com/1175081"
},
{
"category": "self",
"summary": "SUSE Bug 1175821",
"url": "https://bugzilla.suse.com/1175821"
},
{
"category": "self",
"summary": "SUSE Bug 1181594",
"url": "https://bugzilla.suse.com/1181594"
},
{
"category": "self",
"summary": "SUSE Bug 1181641",
"url": "https://bugzilla.suse.com/1181641"
},
{
"category": "self",
"summary": "SUSE Bug 1181677",
"url": "https://bugzilla.suse.com/1181677"
},
{
"category": "self",
"summary": "SUSE Bug 1181730",
"url": "https://bugzilla.suse.com/1181730"
},
{
"category": "self",
"summary": "SUSE Bug 1181732",
"url": "https://bugzilla.suse.com/1181732"
},
{
"category": "self",
"summary": "SUSE Bug 1181749",
"url": "https://bugzilla.suse.com/1181749"
},
{
"category": "self",
"summary": "SUSE Bug 1182451",
"url": "https://bugzilla.suse.com/1182451"
},
{
"category": "self",
"summary": "SUSE Bug 1182476",
"url": "https://bugzilla.suse.com/1182476"
},
{
"category": "self",
"summary": "SUSE Bug 1182947",
"url": "https://bugzilla.suse.com/1182947"
},
{
"category": "self",
"summary": "SUSE Bug 1183024",
"url": "https://bugzilla.suse.com/1183024"
},
{
"category": "self",
"summary": "SUSE Bug 1183397",
"url": "https://bugzilla.suse.com/1183397"
},
{
"category": "self",
"summary": "SUSE Bug 1183855",
"url": "https://bugzilla.suse.com/1183855"
},
{
"category": "self",
"summary": "SUSE Bug 1184768",
"url": "https://bugzilla.suse.com/1184768"
},
{
"category": "self",
"summary": "SUSE Bug 1184962",
"url": "https://bugzilla.suse.com/1184962"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16873 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16873/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16874 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16874/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16875 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16875/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-16884 page",
"url": "https://www.suse.com/security/cve/CVE-2019-16884/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19921 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19921/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-5736 page",
"url": "https://www.suse.com/security/cve/CVE-2019-5736/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-21284 page",
"url": "https://www.suse.com/security/cve/CVE-2021-21284/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-21285 page",
"url": "https://www.suse.com/security/cve/CVE-2021-21285/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-21334 page",
"url": "https://www.suse.com/security/cve/CVE-2021-21334/"
}
],
"title": "Security update for containerd, docker, runc",
"tracking": {
"current_release_date": "2021-04-30T10:58:51Z",
"generator": {
"date": "2021-04-30T10:58:51Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2021:1458-1",
"initial_release_date": "2021-04-30T10:58:51Z",
"revision_history": [
{
"date": "2021-04-30T10:58:51Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "containerd-1.4.4-16.38.1.aarch64",
"product": {
"name": "containerd-1.4.4-16.38.1.aarch64",
"product_id": "containerd-1.4.4-16.38.1.aarch64"
}
},
{
"category": "product_version",
"name": "containerd-ctr-1.4.4-16.38.1.aarch64",
"product": {
"name": "containerd-ctr-1.4.4-16.38.1.aarch64",
"product_id": "containerd-ctr-1.4.4-16.38.1.aarch64"
}
},
{
"category": "product_version",
"name": "docker-20.10.6_ce-98.66.1.aarch64",
"product": {
"name": "docker-20.10.6_ce-98.66.1.aarch64",
"product_id": "docker-20.10.6_ce-98.66.1.aarch64"
}
},
{
"category": "product_version",
"name": "docker-kubic-20.10.6_ce-98.66.1.aarch64",
"product": {
"name": "docker-kubic-20.10.6_ce-98.66.1.aarch64",
"product_id": "docker-kubic-20.10.6_ce-98.66.1.aarch64"
}
},
{
"category": "product_version",
"name": "docker-kubic-kubeadm-criconfig-20.10.6_ce-98.66.1.aarch64",
"product": {
"name": "docker-kubic-kubeadm-criconfig-20.10.6_ce-98.66.1.aarch64",
"product_id": "docker-kubic-kubeadm-criconfig-20.10.6_ce-98.66.1.aarch64"
}
},
{
"category": "product_version",
"name": "runc-1.0.0~rc93-16.8.1.aarch64",
"product": {
"name": "runc-1.0.0~rc93-16.8.1.aarch64",
"product_id": "runc-1.0.0~rc93-16.8.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "containerd-1.4.4-16.38.1.i586",
"product": {
"name": "containerd-1.4.4-16.38.1.i586",
"product_id": "containerd-1.4.4-16.38.1.i586"
}
},
{
"category": "product_version",
"name": "containerd-ctr-1.4.4-16.38.1.i586",
"product": {
"name": "containerd-ctr-1.4.4-16.38.1.i586",
"product_id": "containerd-ctr-1.4.4-16.38.1.i586"
}
},
{
"category": "product_version",
"name": "docker-20.10.6_ce-98.66.1.i586",
"product": {
"name": "docker-20.10.6_ce-98.66.1.i586",
"product_id": "docker-20.10.6_ce-98.66.1.i586"
}
},
{
"category": "product_version",
"name": "runc-1.0.0~rc93-16.8.1.i586",
"product": {
"name": "runc-1.0.0~rc93-16.8.1.i586",
"product_id": "runc-1.0.0~rc93-16.8.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "docker-bash-completion-20.10.6_ce-98.66.1.noarch",
"product": {
"name": "docker-bash-completion-20.10.6_ce-98.66.1.noarch",
"product_id": "docker-bash-completion-20.10.6_ce-98.66.1.noarch"
}
},
{
"category": "product_version",
"name": "docker-fish-completion-20.10.6_ce-98.66.1.noarch",
"product": {
"name": "docker-fish-completion-20.10.6_ce-98.66.1.noarch",
"product_id": "docker-fish-completion-20.10.6_ce-98.66.1.noarch"
}
},
{
"category": "product_version",
"name": "docker-kubic-bash-completion-20.10.6_ce-98.66.1.noarch",
"product": {
"name": "docker-kubic-bash-completion-20.10.6_ce-98.66.1.noarch",
"product_id": "docker-kubic-bash-completion-20.10.6_ce-98.66.1.noarch"
}
},
{
"category": "product_version",
"name": "docker-kubic-fish-completion-20.10.6_ce-98.66.1.noarch",
"product": {
"name": "docker-kubic-fish-completion-20.10.6_ce-98.66.1.noarch",
"product_id": "docker-kubic-fish-completion-20.10.6_ce-98.66.1.noarch"
}
},
{
"category": "product_version",
"name": "docker-kubic-zsh-completion-20.10.6_ce-98.66.1.noarch",
"product": {
"name": "docker-kubic-zsh-completion-20.10.6_ce-98.66.1.noarch",
"product_id": "docker-kubic-zsh-completion-20.10.6_ce-98.66.1.noarch"
}
},
{
"category": "product_version",
"name": "docker-zsh-completion-20.10.6_ce-98.66.1.noarch",
"product": {
"name": "docker-zsh-completion-20.10.6_ce-98.66.1.noarch",
"product_id": "docker-zsh-completion-20.10.6_ce-98.66.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "containerd-1.4.4-16.38.1.ppc64le",
"product": {
"name": "containerd-1.4.4-16.38.1.ppc64le",
"product_id": "containerd-1.4.4-16.38.1.ppc64le"
}
},
{
"category": "product_version",
"name": "containerd-ctr-1.4.4-16.38.1.ppc64le",
"product": {
"name": "containerd-ctr-1.4.4-16.38.1.ppc64le",
"product_id": "containerd-ctr-1.4.4-16.38.1.ppc64le"
}
},
{
"category": "product_version",
"name": "docker-20.10.6_ce-98.66.1.ppc64le",
"product": {
"name": "docker-20.10.6_ce-98.66.1.ppc64le",
"product_id": "docker-20.10.6_ce-98.66.1.ppc64le"
}
},
{
"category": "product_version",
"name": "docker-kubic-20.10.6_ce-98.66.1.ppc64le",
"product": {
"name": "docker-kubic-20.10.6_ce-98.66.1.ppc64le",
"product_id": "docker-kubic-20.10.6_ce-98.66.1.ppc64le"
}
},
{
"category": "product_version",
"name": "docker-kubic-kubeadm-criconfig-20.10.6_ce-98.66.1.ppc64le",
"product": {
"name": "docker-kubic-kubeadm-criconfig-20.10.6_ce-98.66.1.ppc64le",
"product_id": "docker-kubic-kubeadm-criconfig-20.10.6_ce-98.66.1.ppc64le"
}
},
{
"category": "product_version",
"name": "runc-1.0.0~rc93-16.8.1.ppc64le",
"product": {
"name": "runc-1.0.0~rc93-16.8.1.ppc64le",
"product_id": "runc-1.0.0~rc93-16.8.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "containerd-1.4.4-16.38.1.s390x",
"product": {
"name": "containerd-1.4.4-16.38.1.s390x",
"product_id": "containerd-1.4.4-16.38.1.s390x"
}
},
{
"category": "product_version",
"name": "containerd-ctr-1.4.4-16.38.1.s390x",
"product": {
"name": "containerd-ctr-1.4.4-16.38.1.s390x",
"product_id": "containerd-ctr-1.4.4-16.38.1.s390x"
}
},
{
"category": "product_version",
"name": "docker-20.10.6_ce-98.66.1.s390x",
"product": {
"name": "docker-20.10.6_ce-98.66.1.s390x",
"product_id": "docker-20.10.6_ce-98.66.1.s390x"
}
},
{
"category": "product_version",
"name": "docker-kubic-20.10.6_ce-98.66.1.s390x",
"product": {
"name": "docker-kubic-20.10.6_ce-98.66.1.s390x",
"product_id": "docker-kubic-20.10.6_ce-98.66.1.s390x"
}
},
{
"category": "product_version",
"name": "docker-kubic-kubeadm-criconfig-20.10.6_ce-98.66.1.s390x",
"product": {
"name": "docker-kubic-kubeadm-criconfig-20.10.6_ce-98.66.1.s390x",
"product_id": "docker-kubic-kubeadm-criconfig-20.10.6_ce-98.66.1.s390x"
}
},
{
"category": "product_version",
"name": "runc-1.0.0~rc93-16.8.1.s390x",
"product": {
"name": "runc-1.0.0~rc93-16.8.1.s390x",
"product_id": "runc-1.0.0~rc93-16.8.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "containerd-1.4.4-16.38.1.x86_64",
"product": {
"name": "containerd-1.4.4-16.38.1.x86_64",
"product_id": "containerd-1.4.4-16.38.1.x86_64"
}
},
{
"category": "product_version",
"name": "containerd-ctr-1.4.4-16.38.1.x86_64",
"product": {
"name": "containerd-ctr-1.4.4-16.38.1.x86_64",
"product_id": "containerd-ctr-1.4.4-16.38.1.x86_64"
}
},
{
"category": "product_version",
"name": "docker-20.10.6_ce-98.66.1.x86_64",
"product": {
"name": "docker-20.10.6_ce-98.66.1.x86_64",
"product_id": "docker-20.10.6_ce-98.66.1.x86_64"
}
},
{
"category": "product_version",
"name": "docker-kubic-20.10.6_ce-98.66.1.x86_64",
"product": {
"name": "docker-kubic-20.10.6_ce-98.66.1.x86_64",
"product_id": "docker-kubic-20.10.6_ce-98.66.1.x86_64"
}
},
{
"category": "product_version",
"name": "docker-kubic-kubeadm-criconfig-20.10.6_ce-98.66.1.x86_64",
"product": {
"name": "docker-kubic-kubeadm-criconfig-20.10.6_ce-98.66.1.x86_64",
"product_id": "docker-kubic-kubeadm-criconfig-20.10.6_ce-98.66.1.x86_64"
}
},
{
"category": "product_version",
"name": "runc-1.0.0~rc93-16.8.1.x86_64",
"product": {
"name": "runc-1.0.0~rc93-16.8.1.x86_64",
"product_id": "runc-1.0.0~rc93-16.8.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Containers 12",
"product": {
"name": "SUSE Linux Enterprise Module for Containers 12",
"product_id": "SUSE Linux Enterprise Module for Containers 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-containers:12"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.4.4-16.38.1.ppc64le as component of SUSE Linux Enterprise Module for Containers 12",
"product_id": "SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.ppc64le"
},
"product_reference": "containerd-1.4.4-16.38.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.4.4-16.38.1.s390x as component of SUSE Linux Enterprise Module for Containers 12",
"product_id": "SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.s390x"
},
"product_reference": "containerd-1.4.4-16.38.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.4.4-16.38.1.x86_64 as component of SUSE Linux Enterprise Module for Containers 12",
"product_id": "SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.x86_64"
},
"product_reference": "containerd-1.4.4-16.38.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-20.10.6_ce-98.66.1.ppc64le as component of SUSE Linux Enterprise Module for Containers 12",
"product_id": "SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.ppc64le"
},
"product_reference": "docker-20.10.6_ce-98.66.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-20.10.6_ce-98.66.1.s390x as component of SUSE Linux Enterprise Module for Containers 12",
"product_id": "SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.s390x"
},
"product_reference": "docker-20.10.6_ce-98.66.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-20.10.6_ce-98.66.1.x86_64 as component of SUSE Linux Enterprise Module for Containers 12",
"product_id": "SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.x86_64"
},
"product_reference": "docker-20.10.6_ce-98.66.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.0.0~rc93-16.8.1.ppc64le as component of SUSE Linux Enterprise Module for Containers 12",
"product_id": "SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.ppc64le"
},
"product_reference": "runc-1.0.0~rc93-16.8.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.0.0~rc93-16.8.1.s390x as component of SUSE Linux Enterprise Module for Containers 12",
"product_id": "SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.s390x"
},
"product_reference": "runc-1.0.0~rc93-16.8.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.0.0~rc93-16.8.1.x86_64 as component of SUSE Linux Enterprise Module for Containers 12",
"product_id": "SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.x86_64"
},
"product_reference": "runc-1.0.0~rc93-16.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 12"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-16873",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16873"
}
],
"notes": [
{
"category": "general",
"text": "In Go before 1.10.6 and 1.11.x before 1.11.3, the \"go get\" command is vulnerable to remote code execution when executed with the -u flag and the import path of a malicious Go package, or a package that imports it directly or indirectly. Specifically, it is only vulnerable in GOPATH mode, but not in module mode (the distinction is documented at https://golang.org/cmd/go/#hdr-Module_aware_go_get). Using custom domains, it\u0027s possible to arrange things so that a Git repository is cloned to a folder named \".git\" by using a vanity import path that ends with \"/.git\". If the Git repository root contains a \"HEAD\" file, a \"config\" file, an \"objects\" directory, a \"refs\" directory, with some work to ensure the proper ordering of operations, \"go get -u\" can be tricked into considering the parent directory as a repository root, and running Git commands on it. That will use the \"config\" file in the original Git repository root for its configuration, and if that config file contains malicious commands, they will execute on the system running \"go get -u\".",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.x86_64",
"SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16873",
"url": "https://www.suse.com/security/cve/CVE-2018-16873"
},
{
"category": "external",
"summary": "SUSE Bug 1118897 for CVE-2018-16873",
"url": "https://bugzilla.suse.com/1118897"
},
{
"category": "external",
"summary": "SUSE Bug 1118898 for CVE-2018-16873",
"url": "https://bugzilla.suse.com/1118898"
},
{
"category": "external",
"summary": "SUSE Bug 1118899 for CVE-2018-16873",
"url": "https://bugzilla.suse.com/1118899"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.x86_64",
"SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.x86_64",
"SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-04-30T10:58:51Z",
"details": "important"
}
],
"title": "CVE-2018-16873"
},
{
"cve": "CVE-2018-16874",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16874"
}
],
"notes": [
{
"category": "general",
"text": "In Go before 1.10.6 and 1.11.x before 1.11.3, the \"go get\" command is vulnerable to directory traversal when executed with the import path of a malicious Go package which contains curly braces (both \u0027{\u0027 and \u0027}\u0027 characters). Specifically, it is only vulnerable in GOPATH mode, but not in module mode (the distinction is documented at https://golang.org/cmd/go/#hdr-Module_aware_go_get). The attacker can cause an arbitrary filesystem write, which can lead to code execution.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.x86_64",
"SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16874",
"url": "https://www.suse.com/security/cve/CVE-2018-16874"
},
{
"category": "external",
"summary": "SUSE Bug 1118897 for CVE-2018-16874",
"url": "https://bugzilla.suse.com/1118897"
},
{
"category": "external",
"summary": "SUSE Bug 1118898 for CVE-2018-16874",
"url": "https://bugzilla.suse.com/1118898"
},
{
"category": "external",
"summary": "SUSE Bug 1118899 for CVE-2018-16874",
"url": "https://bugzilla.suse.com/1118899"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.x86_64",
"SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.x86_64",
"SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-04-30T10:58:51Z",
"details": "moderate"
}
],
"title": "CVE-2018-16874"
},
{
"cve": "CVE-2018-16875",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16875"
}
],
"notes": [
{
"category": "general",
"text": "The crypto/x509 package of Go before 1.10.6 and 1.11.x before 1.11.3 does not limit the amount of work performed for each chain verification, which might allow attackers to craft pathological inputs leading to a CPU denial of service. Go TLS servers accepting client certificates and TLS clients are affected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.x86_64",
"SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16875",
"url": "https://www.suse.com/security/cve/CVE-2018-16875"
},
{
"category": "external",
"summary": "SUSE Bug 1118897 for CVE-2018-16875",
"url": "https://bugzilla.suse.com/1118897"
},
{
"category": "external",
"summary": "SUSE Bug 1118898 for CVE-2018-16875",
"url": "https://bugzilla.suse.com/1118898"
},
{
"category": "external",
"summary": "SUSE Bug 1118899 for CVE-2018-16875",
"url": "https://bugzilla.suse.com/1118899"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.x86_64",
"SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.x86_64",
"SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-04-30T10:58:51Z",
"details": "moderate"
}
],
"title": "CVE-2018-16875"
},
{
"cve": "CVE-2019-16884",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-16884"
}
],
"notes": [
{
"category": "general",
"text": "runc through 1.0.0-rc8, as used in Docker through 19.03.2-ce and other products, allows AppArmor restriction bypass because libcontainer/rootfs_linux.go incorrectly checks mount targets, and thus a malicious Docker image can mount over a /proc directory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.x86_64",
"SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-16884",
"url": "https://www.suse.com/security/cve/CVE-2019-16884"
},
{
"category": "external",
"summary": "SUSE Bug 1152308 for CVE-2019-16884",
"url": "https://bugzilla.suse.com/1152308"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.x86_64",
"SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.x86_64",
"SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-04-30T10:58:51Z",
"details": "moderate"
}
],
"title": "CVE-2019-16884"
},
{
"cve": "CVE-2019-19921",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19921"
}
],
"notes": [
{
"category": "general",
"text": "runc through 1.0.0-rc9 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. (This vulnerability does not affect Docker due to an implementation detail that happens to block the attack.)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.x86_64",
"SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19921",
"url": "https://www.suse.com/security/cve/CVE-2019-19921"
},
{
"category": "external",
"summary": "SUSE Bug 1160452 for CVE-2019-19921",
"url": "https://bugzilla.suse.com/1160452"
},
{
"category": "external",
"summary": "SUSE Bug 1208962 for CVE-2019-19921",
"url": "https://bugzilla.suse.com/1208962"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.x86_64",
"SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.x86_64",
"SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-04-30T10:58:51Z",
"details": "important"
}
],
"title": "CVE-2019-19921"
},
{
"cve": "CVE-2019-5736",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-5736"
}
],
"notes": [
{
"category": "general",
"text": "runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers: (1) a new container with an attacker-controlled image, or (2) an existing container, to which the attacker previously had write access, that can be attached with docker exec. This occurs because of file-descriptor mishandling, related to /proc/self/exe.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.x86_64",
"SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-5736",
"url": "https://www.suse.com/security/cve/CVE-2019-5736"
},
{
"category": "external",
"summary": "SUSE Bug 1121967 for CVE-2019-5736",
"url": "https://bugzilla.suse.com/1121967"
},
{
"category": "external",
"summary": "SUSE Bug 1122185 for CVE-2019-5736",
"url": "https://bugzilla.suse.com/1122185"
},
{
"category": "external",
"summary": "SUSE Bug 1173421 for CVE-2019-5736",
"url": "https://bugzilla.suse.com/1173421"
},
{
"category": "external",
"summary": "SUSE Bug 1218894 for CVE-2019-5736",
"url": "https://bugzilla.suse.com/1218894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.x86_64",
"SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.x86_64",
"SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-04-30T10:58:51Z",
"details": "moderate"
}
],
"title": "CVE-2019-5736"
},
{
"cve": "CVE-2021-21284",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-21284"
}
],
"notes": [
{
"category": "general",
"text": "In Docker before versions 9.03.15, 20.10.3 there is a vulnerability involving the --userns-remap option in which access to remapped root allows privilege escalation to real root. When using \"--userns-remap\", if the root user in the remapped namespace has access to the host filesystem they can modify files under \"/var/lib/docker/\u003cremapping\u003e\" that cause writing files with extended privileges. Versions 20.10.3 and 19.03.15 contain patches that prevent privilege escalation from remapped user.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.x86_64",
"SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-21284",
"url": "https://www.suse.com/security/cve/CVE-2021-21284"
},
{
"category": "external",
"summary": "SUSE Bug 1181732 for CVE-2021-21284",
"url": "https://bugzilla.suse.com/1181732"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.x86_64",
"SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.x86_64",
"SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-04-30T10:58:51Z",
"details": "low"
}
],
"title": "CVE-2021-21284"
},
{
"cve": "CVE-2021-21285",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-21285"
}
],
"notes": [
{
"category": "general",
"text": "In Docker before versions 9.03.15, 20.10.3 there is a vulnerability in which pulling an intentionally malformed Docker image manifest crashes the dockerd daemon. Versions 20.10.3 and 19.03.15 contain patches that prevent the daemon from crashing.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.x86_64",
"SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-21285",
"url": "https://www.suse.com/security/cve/CVE-2021-21285"
},
{
"category": "external",
"summary": "SUSE Bug 1181730 for CVE-2021-21285",
"url": "https://bugzilla.suse.com/1181730"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.x86_64",
"SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.x86_64",
"SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-04-30T10:58:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-21285"
},
{
"cve": "CVE-2021-21334",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-21334"
}
],
"notes": [
{
"category": "general",
"text": "In containerd (an industry-standard container runtime) before versions 1.3.10 and 1.4.4, containers launched through containerd\u0027s CRI implementation (through Kubernetes, crictl, or any other pod/container client that uses the containerd CRI service) that share the same image may receive incorrect environment variables, including values that are defined for other containers. If the affected containers have different security contexts, this may allow sensitive information to be unintentionally shared. If you are not using containerd\u0027s CRI implementation (through one of the mechanisms described above), you are not vulnerable to this issue. If you are not launching multiple containers or Kubernetes pods from the same image which have different environment variables, you are not vulnerable to this issue. If you are not launching multiple containers or Kubernetes pods from the same image in rapid succession, you have reduced likelihood of being vulnerable to this issue This vulnerability has been fixed in containerd 1.3.10 and containerd 1.4.4. Users should update to these versions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.x86_64",
"SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-21334",
"url": "https://www.suse.com/security/cve/CVE-2021-21334"
},
{
"category": "external",
"summary": "SUSE Bug 1183397 for CVE-2021-21334",
"url": "https://bugzilla.suse.com/1183397"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.x86_64",
"SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:containerd-1.4.4-16.38.1.x86_64",
"SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:docker-20.10.6_ce-98.66.1.x86_64",
"SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.s390x",
"SUSE Linux Enterprise Module for Containers 12:runc-1.0.0~rc93-16.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-04-30T10:58:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-21334"
}
]
}
tid-207
Vulnerability from emb3d
Type
Description
Container environments, such as Docker and Kubernetes, share the same underlying kernel as the host operating system. Malicious code that succeeds in executing within a container may attempt to exploit any vulnerabilities present in exposed OS system calls, container management system functions, excessive permissions in shared resources, or other misconfigurations in the environment. One or more of these can be sufficient for a threat actor to escape the container into the underlying host and then begin manipulating the host OS or the applications and data within other containers resident on the device.
CWE
- CWE-693: Protection Mechanisms Failure (Pillar)
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…