Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2024-11218 (GCVE-0-2024-11218)
Vulnerability from cvelistv5 – Published: 2025-01-22 04:55 – Updated: 2026-04-29 07:53
VLAI
EPSS
Title
Podman: buildah: container breakout by using --jobs=2 and a race condition when building a malicious containerfile
Summary
A vulnerability was found in `podman build` and `buildah.` This issue occurs in a container breakout by using --jobs=2 and a race condition when building a malicious Containerfile. SELinux might mitigate it, but even with SELinux on, it still allows the enumeration of files and directories on the host.
Severity
8.6 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
32 references
Impacted products
34 products
| Vendor | Product | Version | |
|---|---|---|---|
|
Affected:
0 , < 1.33.12
(semver)
Affected: 1.35.0 , < 1.35.5 (semver) Affected: 1.37.0 , < 1.37.6 (semver) Affected: 1.38.0 , < 1.38.1 (semver) |
|||
| Red Hat | Red Hat Enterprise Linux 8 |
Unaffected:
8100020250124120243.afee755d , < *
(rpm)
cpe:/a:redhat:enterprise_linux:8::appstream |
|
| Red Hat | Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support |
Unaffected:
8060020250203202123.3b538bd8 , < *
(rpm)
cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream |
|
| Red Hat | Red Hat Enterprise Linux 8.6 Telecommunications Update Service |
Unaffected:
8060020250203202123.3b538bd8 , < *
(rpm)
cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream |
|
| Red Hat | Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions |
Unaffected:
8060020250203202123.3b538bd8 , < *
(rpm)
cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream |
|
| Red Hat | Red Hat Enterprise Linux 8.8 Extended Update Support |
Unaffected:
8080020250207173112.0f77c1b7 , < *
(rpm)
cpe:/a:redhat:rhel_eus:8.8::appstream |
|
| Red Hat | Red Hat Enterprise Linux 9 |
Unaffected:
4:5.2.2-13.el9_5 , < *
(rpm)
cpe:/a:redhat:enterprise_linux:9::appstream |
|
| Red Hat | Red Hat Enterprise Linux 9 |
Unaffected:
2:1.37.6-1.el9_5 , < *
(rpm)
cpe:/a:redhat:enterprise_linux:9::appstream |
|
| Red Hat | Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions |
Unaffected:
2:4.2.0-6.el9_0 , < *
(rpm)
cpe:/a:redhat:rhel_e4s:9.0::appstream |
|
| Red Hat | Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions |
Unaffected:
1:1.26.9-1.el9_0 , < *
(rpm)
cpe:/a:redhat:rhel_e4s:9.0::appstream |
|
| Red Hat | Red Hat Enterprise Linux 9.2 Extended Update Support |
Unaffected:
1:1.29.5-1.el9_2 , < *
(rpm)
cpe:/a:redhat:rhel_eus:9.2::appstream |
|
| Red Hat | Red Hat Enterprise Linux 9.2 Extended Update Support |
Unaffected:
2:4.4.1-22.el9_2 , < *
(rpm)
cpe:/a:redhat:rhel_eus:9.2::appstream |
|
| Red Hat | Red Hat Enterprise Linux 9.4 Extended Update Support |
Unaffected:
2:1.33.12-2.el9_4 , < *
(rpm)
cpe:/a:redhat:rhel_eus:9.4::appstream |
|
| Red Hat | Red Hat Enterprise Linux 9.4 Extended Update Support |
Unaffected:
4:4.9.4-17.el9_4 , < *
(rpm)
cpe:/a:redhat:rhel_eus:9.4::appstream |
|
| Red Hat | Red Hat OpenShift Container Platform 4.12 |
Unaffected:
412.86.202503052321-0 , < *
(rpm)
cpe:/a:redhat:openshift:4.12::el8 cpe:/a:redhat:openshift:4.12::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.12 |
Unaffected:
3:4.2.0-13.rhaos4.12.el9 , < *
(rpm)
cpe:/a:redhat:openshift:4.12::el8 cpe:/a:redhat:openshift:4.12::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.13 |
Unaffected:
1:1.29.5-1.rhaos4.13.el8 , < *
(rpm)
cpe:/a:redhat:openshift:4.13::el8 cpe:/a:redhat:openshift:4.13::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.13 |
Unaffected:
3:4.4.1-16.rhaos4.13.el8 , < *
(rpm)
cpe:/a:redhat:openshift:4.13::el8 cpe:/a:redhat:openshift:4.13::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.13 |
Unaffected:
413.92.202503112237-0 , < *
(rpm)
cpe:/a:redhat:openshift:4.13::el8 cpe:/a:redhat:openshift:4.13::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.14 |
Unaffected:
3:4.4.1-22.rhaos4.14.el8 , < *
(rpm)
cpe:/a:redhat:openshift:4.14::el8 cpe:/a:redhat:openshift:4.14::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.14 |
Unaffected:
1:1.29.5-1.rhaos4.14.el8 , < *
(rpm)
cpe:/a:redhat:openshift:4.14::el8 cpe:/a:redhat:openshift:4.14::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.14 |
Unaffected:
414.92.202503100617-0 , < *
(rpm)
cpe:/a:redhat:openshift:4.14::el8 cpe:/a:redhat:openshift:4.14::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.15 |
Unaffected:
3:4.4.1-33.rhaos4.15.el8 , < *
(rpm)
cpe:/a:redhat:openshift:4.15::el8 cpe:/a:redhat:openshift:4.15::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.15 |
Unaffected:
1:1.29.5-1.rhaos4.15.el8 , < *
(rpm)
cpe:/a:redhat:openshift:4.15::el8 cpe:/a:redhat:openshift:4.15::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.15 |
Unaffected:
415.92.202503060749-0 , < *
(rpm)
cpe:/a:redhat:openshift:4.15::el8 cpe:/a:redhat:openshift:4.15::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.16 |
Unaffected:
4:4.9.4-13.rhaos4.16.el8 , < *
(rpm)
cpe:/a:redhat:openshift:4.16::el8 cpe:/a:redhat:openshift:4.16::el9 cpe:/a:redhat:openshift_ironic:4.16::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.16 |
Unaffected:
2:1.33.12-1.rhaos4.16.el8 , < *
(rpm)
cpe:/a:redhat:openshift:4.16::el8 cpe:/a:redhat:openshift:4.16::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.16 |
Unaffected:
416.94.202502180249-0 , < *
(rpm)
cpe:/a:redhat:openshift:4.16::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.17 |
Unaffected:
5:5.2.2-2.rhaos4.17.el8 , < *
(rpm)
cpe:/a:redhat:openshift:4.17::el8 cpe:/a:redhat:openshift:4.17::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.17 |
Unaffected:
2:1.33.12-1.rhaos4.17.el8 , < *
(rpm)
cpe:/a:redhat:openshift:4.17::el8 cpe:/a:redhat:openshift:4.17::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.17 |
Unaffected:
417.94.202504080421-0 , < *
(rpm)
cpe:/a:redhat:openshift:4.17::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.18 |
Unaffected:
2:1.33.12-1.rhaos4.18.el9 , < *
(rpm)
cpe:/a:redhat:openshift:4.18::el8 cpe:/a:redhat:openshift:4.18::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.18 |
Unaffected:
418.94.202504021150-0 , < *
(rpm)
cpe:/a:redhat:openshift:4.18::el9 |
|
| Red Hat | Red Hat Enterprise Linux 10 |
cpe:/o:redhat:enterprise_linux:10 |
Date Public
2025-01-20 00:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-11218",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-22T14:11:18.056703Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-12T17:08:25.061Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://github.com/containers/buildah",
"defaultStatus": "unaffected",
"packageName": "buildah",
"versions": [
{
"lessThan": "1.33.12",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "1.35.5",
"status": "affected",
"version": "1.35.0",
"versionType": "semver"
},
{
"lessThan": "1.37.6",
"status": "affected",
"version": "1.37.0",
"versionType": "semver"
},
{
"lessThan": "1.38.1",
"status": "affected",
"version": "1.38.0",
"versionType": "semver"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:enterprise_linux:8::appstream"
],
"defaultStatus": "affected",
"packageName": "container-tools:rhel8",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "8100020250124120243.afee755d",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhel_aus:8.6::appstream",
"cpe:/a:redhat:rhel_e4s:8.6::appstream",
"cpe:/a:redhat:rhel_tus:8.6::appstream"
],
"defaultStatus": "affected",
"packageName": "container-tools:rhel8",
"product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "8060020250203202123.3b538bd8",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhel_aus:8.6::appstream",
"cpe:/a:redhat:rhel_e4s:8.6::appstream",
"cpe:/a:redhat:rhel_tus:8.6::appstream"
],
"defaultStatus": "affected",
"packageName": "container-tools:rhel8",
"product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "8060020250203202123.3b538bd8",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhel_aus:8.6::appstream",
"cpe:/a:redhat:rhel_e4s:8.6::appstream",
"cpe:/a:redhat:rhel_tus:8.6::appstream"
],
"defaultStatus": "affected",
"packageName": "container-tools:rhel8",
"product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "8060020250203202123.3b538bd8",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhel_eus:8.8::appstream"
],
"defaultStatus": "affected",
"packageName": "container-tools:rhel8",
"product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "8080020250207173112.0f77c1b7",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:enterprise_linux:9::appstream"
],
"defaultStatus": "affected",
"packageName": "podman",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "4:5.2.2-13.el9_5",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:enterprise_linux:9::appstream"
],
"defaultStatus": "affected",
"packageName": "buildah",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "2:1.37.6-1.el9_5",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhel_e4s:9.0::appstream"
],
"defaultStatus": "affected",
"packageName": "podman",
"product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "2:4.2.0-6.el9_0",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhel_e4s:9.0::appstream"
],
"defaultStatus": "affected",
"packageName": "buildah",
"product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1:1.26.9-1.el9_0",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhel_eus:9.2::appstream"
],
"defaultStatus": "affected",
"packageName": "buildah",
"product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1:1.29.5-1.el9_2",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhel_eus:9.2::appstream"
],
"defaultStatus": "affected",
"packageName": "podman",
"product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "2:4.4.1-22.el9_2",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhel_eus:9.4::appstream"
],
"defaultStatus": "affected",
"packageName": "buildah",
"product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "2:1.33.12-2.el9_4",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhel_eus:9.4::appstream"
],
"defaultStatus": "affected",
"packageName": "podman",
"product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "4:4.9.4-17.el9_4",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.12::el8",
"cpe:/a:redhat:openshift:4.12::el9"
],
"defaultStatus": "affected",
"packageName": "rhcos",
"product": "Red Hat OpenShift Container Platform 4.12",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "412.86.202503052321-0",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4.12::el8",
"cpe:/a:redhat:openshift:4.12::el9"
],
"defaultStatus": "affected",
"packageName": "podman",
"product": "Red Hat OpenShift Container Platform 4.12",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "3:4.2.0-13.rhaos4.12.el9",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4.13::el8",
"cpe:/a:redhat:openshift:4.13::el9"
],
"defaultStatus": "affected",
"packageName": "buildah",
"product": "Red Hat OpenShift Container Platform 4.13",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1:1.29.5-1.rhaos4.13.el8",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4.13::el8",
"cpe:/a:redhat:openshift:4.13::el9"
],
"defaultStatus": "affected",
"packageName": "podman",
"product": "Red Hat OpenShift Container Platform 4.13",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "3:4.4.1-16.rhaos4.13.el8",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.13::el8",
"cpe:/a:redhat:openshift:4.13::el9"
],
"defaultStatus": "affected",
"packageName": "rhcos",
"product": "Red Hat OpenShift Container Platform 4.13",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "413.92.202503112237-0",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4.14::el8",
"cpe:/a:redhat:openshift:4.14::el9"
],
"defaultStatus": "affected",
"packageName": "podman",
"product": "Red Hat OpenShift Container Platform 4.14",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "3:4.4.1-22.rhaos4.14.el8",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4.14::el8",
"cpe:/a:redhat:openshift:4.14::el9"
],
"defaultStatus": "affected",
"packageName": "buildah",
"product": "Red Hat OpenShift Container Platform 4.14",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1:1.29.5-1.rhaos4.14.el8",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.14::el8",
"cpe:/a:redhat:openshift:4.14::el9"
],
"defaultStatus": "affected",
"packageName": "rhcos",
"product": "Red Hat OpenShift Container Platform 4.14",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "414.92.202503100617-0",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4.14::el8",
"cpe:/a:redhat:openshift:4.14::el9"
],
"defaultStatus": "affected",
"packageName": "buildah",
"product": "Red Hat OpenShift Container Platform 4.14",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1:1.29.5-1.rhaos4.14.el8",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4.15::el8",
"cpe:/a:redhat:openshift:4.15::el9"
],
"defaultStatus": "affected",
"packageName": "podman",
"product": "Red Hat OpenShift Container Platform 4.15",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "3:4.4.1-33.rhaos4.15.el8",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4.15::el8",
"cpe:/a:redhat:openshift:4.15::el9"
],
"defaultStatus": "affected",
"packageName": "buildah",
"product": "Red Hat OpenShift Container Platform 4.15",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1:1.29.5-1.rhaos4.15.el8",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.15::el8",
"cpe:/a:redhat:openshift:4.15::el9"
],
"defaultStatus": "affected",
"packageName": "rhcos",
"product": "Red Hat OpenShift Container Platform 4.15",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "415.92.202503060749-0",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4.15::el8",
"cpe:/a:redhat:openshift:4.15::el9"
],
"defaultStatus": "affected",
"packageName": "buildah",
"product": "Red Hat OpenShift Container Platform 4.15",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1:1.29.5-1.rhaos4.15.el8",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4.16::el8",
"cpe:/a:redhat:openshift:4.16::el9",
"cpe:/a:redhat:openshift_ironic:4.16::el9"
],
"defaultStatus": "affected",
"packageName": "podman",
"product": "Red Hat OpenShift Container Platform 4.16",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "4:4.9.4-13.rhaos4.16.el8",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4.16::el8",
"cpe:/a:redhat:openshift:4.16::el9"
],
"defaultStatus": "affected",
"packageName": "buildah",
"product": "Red Hat OpenShift Container Platform 4.16",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "2:1.33.12-1.rhaos4.16.el8",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.16::el9"
],
"defaultStatus": "affected",
"packageName": "rhcos",
"product": "Red Hat OpenShift Container Platform 4.16",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "416.94.202502180249-0",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4.16::el8",
"cpe:/a:redhat:openshift:4.16::el9"
],
"defaultStatus": "affected",
"packageName": "buildah",
"product": "Red Hat OpenShift Container Platform 4.16",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "2:1.33.12-1.rhaos4.16.el8",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4.17::el8",
"cpe:/a:redhat:openshift:4.17::el9"
],
"defaultStatus": "affected",
"packageName": "podman",
"product": "Red Hat OpenShift Container Platform 4.17",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "5:5.2.2-2.rhaos4.17.el8",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4.17::el8",
"cpe:/a:redhat:openshift:4.17::el9"
],
"defaultStatus": "affected",
"packageName": "buildah",
"product": "Red Hat OpenShift Container Platform 4.17",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "2:1.33.12-1.rhaos4.17.el8",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4.17::el8",
"cpe:/a:redhat:openshift:4.17::el9"
],
"defaultStatus": "affected",
"packageName": "buildah",
"product": "Red Hat OpenShift Container Platform 4.17",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "2:1.33.12-1.rhaos4.17.el8",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.17::el9"
],
"defaultStatus": "affected",
"packageName": "rhcos",
"product": "Red Hat OpenShift Container Platform 4.17",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "417.94.202504080421-0",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4.18::el8",
"cpe:/a:redhat:openshift:4.18::el9"
],
"defaultStatus": "affected",
"packageName": "buildah",
"product": "Red Hat OpenShift Container Platform 4.18",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "2:1.33.12-1.rhaos4.18.el9",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.18::el9"
],
"defaultStatus": "affected",
"packageName": "rhcos",
"product": "Red Hat OpenShift Container Platform 4.18",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "418.94.202504021150-0",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "unaffected",
"packageName": "buildah",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "affected",
"packageName": "podman",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
}
],
"datePublic": "2025-01-20T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in `podman build` and `buildah.` This issue occurs in a container breakout by using --jobs=2 and a race condition when building a malicious Containerfile. SELinux might mitigate it, but even with SELinux on, it still allows the enumeration of files and directories on the host."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Important"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-29T07:53:03.366Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2025:0830",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:0830"
},
{
"name": "RHSA-2025:0878",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:0878"
},
{
"name": "RHSA-2025:0922",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:0922"
},
{
"name": "RHSA-2025:0923",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:0923"
},
{
"name": "RHSA-2025:1186",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:1186"
},
{
"name": "RHSA-2025:1187",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:1187"
},
{
"name": "RHSA-2025:1188",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:1188"
},
{
"name": "RHSA-2025:1189",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:1189"
},
{
"name": "RHSA-2025:1207",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:1207"
},
{
"name": "RHSA-2025:1275",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:1275"
},
{
"name": "RHSA-2025:1295",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:1295"
},
{
"name": "RHSA-2025:1296",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:1296"
},
{
"name": "RHSA-2025:1372",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:1372"
},
{
"name": "RHSA-2025:1453",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:1453"
},
{
"name": "RHSA-2025:1707",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:1707"
},
{
"name": "RHSA-2025:1713",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:1713"
},
{
"name": "RHSA-2025:1908",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:1908"
},
{
"name": "RHSA-2025:1910",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:1910"
},
{
"name": "RHSA-2025:1914",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:1914"
},
{
"name": "RHSA-2025:2441",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:2441"
},
{
"name": "RHSA-2025:2443",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:2443"
},
{
"name": "RHSA-2025:2454",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:2454"
},
{
"name": "RHSA-2025:2456",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:2456"
},
{
"name": "RHSA-2025:2701",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:2701"
},
{
"name": "RHSA-2025:2703",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:2703"
},
{
"name": "RHSA-2025:2710",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:2710"
},
{
"name": "RHSA-2025:2712",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:2712"
},
{
"name": "RHSA-2025:3577",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:3577"
},
{
"name": "RHSA-2025:3798",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:3798"
},
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2024-11218"
},
{
"name": "RHBZ#2326231",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2326231"
},
{
"url": "https://github.com/containers/buildah/pull/5918"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-11-14T13:05:29.849Z",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2025-01-20T00:00:00.000Z",
"value": "Made public."
}
],
"title": "Podman: buildah: container breakout by using --jobs=2 and a race condition when building a malicious containerfile",
"workarounds": [
{
"lang": "en",
"value": "Mandatory access controls should limit the access of the process performing the build, on systems where they are enabled.\n\nSELinux enforces strict access controls by confining the build process (e.g., Podman) to specific domains like container_t. This prevents unauthorized access to sensitive host files and directories, even if a malicious Containerfile tries to exploit the --mount flag."
}
],
"x_generator": {
"engine": "cvelib 1.8.0"
},
"x_redhatCweChain": "CWE-269: Improper Privilege Management"
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2024-11218",
"datePublished": "2025-01-22T04:55:30.649Z",
"dateReserved": "2024-11-14T13:11:49.476Z",
"dateUpdated": "2026-04-29T07:53:03.366Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2024-11218",
"date": "2026-06-05",
"epss": "0.00167",
"percentile": "0.37575"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2024-11218\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2025-01-22T05:15:08.903\",\"lastModified\":\"2025-10-02T00:15:28.633\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability was found in `podman build` and `buildah.` This issue occurs in a container breakout by using --jobs=2 and a race condition when building a malicious Containerfile. SELinux might mitigate it, but even with SELinux on, it still allows the enumeration of files and directories on the host.\"},{\"lang\":\"es\",\"value\":\"Se encontr\u00f3 una vulnerabilidad en `podman build` y `buildah`. Este problema ocurre en una ruptura de contenedor mediante el uso de --jobs=2 y una condici\u00f3n ejecuci\u00f3n al crear un Containerfile malicioso. SELinux podr\u00eda mitigarlo, pero incluso con SELinux activado, a\u00fan permite la enumeraci\u00f3n de archivos y directorios en el host.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\",\"baseScore\":8.6,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":6.0}]},\"weaknesses\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-269\"}]}],\"references\":[{\"url\":\"https://access.redhat.com/errata/RHSA-2025:0830\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:0878\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:0922\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:0923\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:1186\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:1187\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:1188\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:1189\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:1207\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:1275\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:1295\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:1296\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:1372\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:1453\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:1707\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:1713\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:1908\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:1910\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:1914\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:2441\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:2443\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:2454\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:2456\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:2701\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:2703\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:2710\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:2712\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:3577\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:3798\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/security/cve/CVE-2024-11218\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2326231\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://github.com/containers/buildah/pull/5918\",\"source\":\"secalert@redhat.com\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-11218\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-01-22T14:11:18.056703Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-02-12T17:08:18.179Z\"}}], \"cna\": {\"title\": \"Podman: buildah: container breakout by using --jobs=2 and a race condition when building a malicious containerfile\", \"metrics\": [{\"other\": {\"type\": \"Red Hat severity rating\", \"content\": {\"value\": \"Important\", \"namespace\": \"https://access.redhat.com/security/updates/classification/\"}}}, {\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 8.6, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"1.33.12\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"1.35.0\", \"lessThan\": \"1.35.5\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"1.37.0\", \"lessThan\": \"1.37.6\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"1.38.0\", \"lessThan\": \"1.38.1\", \"versionType\": \"semver\"}], \"packageName\": \"buildah\", \"collectionURL\": \"https://github.com/containers/buildah\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/a:redhat:enterprise_linux:8::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"8100020250124120243.afee755d\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"container-tools:rhel8\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_aus:8.6::appstream\", \"cpe:/a:redhat:rhel_e4s:8.6::appstream\", \"cpe:/a:redhat:rhel_tus:8.6::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"8060020250203202123.3b538bd8\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"container-tools:rhel8\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_aus:8.6::appstream\", \"cpe:/a:redhat:rhel_e4s:8.6::appstream\", \"cpe:/a:redhat:rhel_tus:8.6::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8.6 Telecommunications Update Service\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"8060020250203202123.3b538bd8\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"container-tools:rhel8\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_aus:8.6::appstream\", \"cpe:/a:redhat:rhel_e4s:8.6::appstream\", \"cpe:/a:redhat:rhel_tus:8.6::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"8060020250203202123.3b538bd8\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"container-tools:rhel8\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_eus:8.8::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8.8 Extended Update Support\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"8080020250207173112.0f77c1b7\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"container-tools:rhel8\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:enterprise_linux:9::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"4:5.2.2-13.el9_5\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"podman\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:enterprise_linux:9::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"2:1.37.6-1.el9_5\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"buildah\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_e4s:9.0::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"2:4.2.0-6.el9_0\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"podman\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_e4s:9.0::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1:1.26.9-1.el9_0\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"buildah\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_eus:9.2::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 9.2 Extended Update Support\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1:1.29.5-1.el9_2\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"buildah\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_eus:9.2::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 9.2 Extended Update Support\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"2:4.4.1-22.el9_2\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"podman\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_eus:9.4::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 9.4 Extended Update Support\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"2:1.33.12-2.el9_4\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"buildah\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_eus:9.4::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 9.4 Extended Update Support\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"4:4.9.4-17.el9_4\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"podman\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4.12::el8\", \"cpe:/a:redhat:openshift:4.12::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4.12\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"412.86.202503052321-0\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"rhcos\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4.12::el8\", \"cpe:/a:redhat:openshift:4.12::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4.12\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"3:4.2.0-13.rhaos4.12.el9\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"podman\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4.13::el8\", \"cpe:/a:redhat:openshift:4.13::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4.13\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1:1.29.5-1.rhaos4.13.el8\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"buildah\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4.13::el8\", \"cpe:/a:redhat:openshift:4.13::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4.13\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"3:4.4.1-16.rhaos4.13.el8\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"podman\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4.13::el8\", \"cpe:/a:redhat:openshift:4.13::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4.13\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"413.92.202503112237-0\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"rhcos\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4.14::el8\", \"cpe:/a:redhat:openshift:4.14::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4.14\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"3:4.4.1-22.rhaos4.14.el8\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"podman\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4.14::el8\", \"cpe:/a:redhat:openshift:4.14::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4.14\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1:1.29.5-1.rhaos4.14.el8\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"buildah\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4.14::el8\", \"cpe:/a:redhat:openshift:4.14::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4.14\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"414.92.202503100617-0\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"rhcos\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4.14::el8\", \"cpe:/a:redhat:openshift:4.14::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4.14\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1:1.29.5-1.rhaos4.14.el8\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"buildah\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4.15::el8\", \"cpe:/a:redhat:openshift:4.15::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4.15\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"3:4.4.1-33.rhaos4.15.el8\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"podman\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4.15::el8\", \"cpe:/a:redhat:openshift:4.15::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4.15\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1:1.29.5-1.rhaos4.15.el8\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"buildah\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4.15::el8\", \"cpe:/a:redhat:openshift:4.15::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4.15\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"415.92.202503060749-0\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"rhcos\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4.15::el8\", \"cpe:/a:redhat:openshift:4.15::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4.15\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1:1.29.5-1.rhaos4.15.el8\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"buildah\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4.16::el8\", \"cpe:/a:redhat:openshift:4.16::el9\", \"cpe:/a:redhat:openshift_ironic:4.16::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4.16\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"4:4.9.4-13.rhaos4.16.el8\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"podman\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4.16::el8\", \"cpe:/a:redhat:openshift:4.16::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4.16\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"2:1.33.12-1.rhaos4.16.el8\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"buildah\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4.16::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4.16\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"416.94.202502180249-0\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"rhcos\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4.16::el8\", \"cpe:/a:redhat:openshift:4.16::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4.16\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"2:1.33.12-1.rhaos4.16.el8\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"buildah\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4.17::el8\", \"cpe:/a:redhat:openshift:4.17::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4.17\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"5:5.2.2-2.rhaos4.17.el8\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"podman\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4.17::el8\", \"cpe:/a:redhat:openshift:4.17::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4.17\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"2:1.33.12-1.rhaos4.17.el8\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"buildah\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4.17::el8\", \"cpe:/a:redhat:openshift:4.17::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4.17\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"2:1.33.12-1.rhaos4.17.el8\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"buildah\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4.17::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4.17\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"417.94.202504080421-0\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"rhcos\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4.18::el8\", \"cpe:/a:redhat:openshift:4.18::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4.18\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"2:1.33.12-1.rhaos4.18.el9\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"buildah\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4.18::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4.18\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"418.94.202504021150-0\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"rhcos\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:10\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 10\", \"packageName\": \"buildah\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:10\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 10\", \"packageName\": \"podman\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2024-11-14T13:05:29.849Z\", \"value\": \"Reported to Red Hat.\"}, {\"lang\": \"en\", \"time\": \"2025-01-20T00:00:00.000Z\", \"value\": \"Made public.\"}], \"datePublic\": \"2025-01-20T00:00:00.000Z\", \"references\": [{\"url\": \"https://access.redhat.com/errata/RHSA-2025:0830\", \"name\": \"RHSA-2025:0830\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:0878\", \"name\": \"RHSA-2025:0878\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:0922\", \"name\": \"RHSA-2025:0922\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:0923\", \"name\": \"RHSA-2025:0923\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:1186\", \"name\": \"RHSA-2025:1186\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:1187\", \"name\": \"RHSA-2025:1187\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:1188\", \"name\": \"RHSA-2025:1188\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:1189\", \"name\": \"RHSA-2025:1189\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:1207\", \"name\": \"RHSA-2025:1207\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:1275\", \"name\": \"RHSA-2025:1275\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:1295\", \"name\": \"RHSA-2025:1295\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:1296\", \"name\": \"RHSA-2025:1296\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:1372\", \"name\": \"RHSA-2025:1372\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:1453\", \"name\": \"RHSA-2025:1453\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:1707\", \"name\": \"RHSA-2025:1707\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:1713\", \"name\": \"RHSA-2025:1713\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:1908\", \"name\": \"RHSA-2025:1908\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:1910\", \"name\": \"RHSA-2025:1910\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:1914\", \"name\": \"RHSA-2025:1914\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:2441\", \"name\": \"RHSA-2025:2441\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:2443\", \"name\": \"RHSA-2025:2443\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:2454\", \"name\": \"RHSA-2025:2454\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:2456\", \"name\": \"RHSA-2025:2456\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:2701\", \"name\": \"RHSA-2025:2701\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:2703\", \"name\": \"RHSA-2025:2703\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:2710\", \"name\": \"RHSA-2025:2710\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:2712\", \"name\": \"RHSA-2025:2712\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:3577\", \"name\": \"RHSA-2025:3577\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:3798\", \"name\": \"RHSA-2025:3798\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/security/cve/CVE-2024-11218\", \"tags\": [\"vdb-entry\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2326231\", \"name\": \"RHBZ#2326231\", \"tags\": [\"issue-tracking\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://github.com/containers/buildah/pull/5918\"}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"Mandatory access controls should limit the access of the process performing the build, on systems where they are enabled.\\n\\nSELinux enforces strict access controls by confining the build process (e.g., Podman) to specific domains like container_t. This prevents unauthorized access to sensitive host files and directories, even if a malicious Containerfile tries to exploit the --mount flag.\"}], \"x_generator\": {\"engine\": \"cvelib 1.8.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"A vulnerability was found in `podman build` and `buildah.` This issue occurs in a container breakout by using --jobs=2 and a race condition when building a malicious Containerfile. SELinux might mitigate it, but even with SELinux on, it still allows the enumeration of files and directories on the host.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-269\", \"description\": \"Improper Privilege Management\"}]}], \"providerMetadata\": {\"orgId\": \"53f830b8-0a3f-465b-8143-3b8a9948e749\", \"shortName\": \"redhat\", \"dateUpdated\": \"2026-04-29T07:53:03.366Z\"}, \"x_redhatCweChain\": \"CWE-269: Improper Privilege Management\"}}",
"cveMetadata": "{\"cveId\": \"CVE-2024-11218\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-04-29T07:53:03.366Z\", \"dateReserved\": \"2024-11-14T13:11:49.476Z\", \"assignerOrgId\": \"53f830b8-0a3f-465b-8143-3b8a9948e749\", \"datePublished\": \"2025-01-22T04:55:30.649Z\", \"assignerShortName\": \"redhat\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
SUSE-SU-2025:0267-1
Vulnerability from csaf_suse - Published: 2025-01-28 11:25 - Updated: 2025-01-28 11:25Summary
Security update for podman
Severity
Important
Notes
Title of the patch: Security update for podman
Description of the patch:
This update for podman fixes the following issues:
- CVE-2024-9676: github.com/containers/storage: Fixed symlink traversal vulnerability in the containers/storage library can cause Denial of Service (DoS) (bsc#1231698)
- Load ip_tables and ip6_tables kernel module (bsc#1214612)
* Required for rootless mode as a regular user has no permission
to load kernel modules
- CVE-2024-9675: Fixed cache arbitrary directory mount in buildah (bsc#1231499)
- CVE-2024-9407: Fixed Improper Input Validation in bind-propagation Option of Dockerfile RUN --mount Instruction in buildah (bsc#1231208)
- CVE-2024-9341: cri-o: FIPS Crypto-Policy Directory Mounting Issue in containers/common Go Library (bsc#1231230)
- CVE-2024-1753: Fixed full container escape at build time in buildah (bsc#1221677)
- CVE-2024-11218: Fixed a container breakout by using --jobs=2 and a race condition when building a malicious Containerfile. (bsc#1236270)
- Refactor network backend dependencies:
* podman requires either netavark or cni-plugins. On ALP, require
netavark, otherwise prefer netavark but don't force it.
* This fixes missing cni-plugins in some scenarios
* Default to netavark everywhere where it's available
Patchnames: SUSE-2025-267,SUSE-SLE-Micro-5.3-2025-267,SUSE-SLE-Micro-5.4-2025-267,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-267,SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-267,SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-267,SUSE-SLE-Product-SLES_SAP-15-SP4-2025-267
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.7 (High)
Affected products
Recommended
36 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.35.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.35.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-docker-4.9.5-150400.4.35.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.35.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.35.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-docker-4.9.5-150400.4.35.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.35.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.35.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.35.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.35.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.35.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.35.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.35.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.35.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.35.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.35.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.35.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.35.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:podman-docker-4.9.5-150400.4.35.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.35.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.35.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-docker-4.9.5-150400.4.35.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.35.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.35.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.6 (High)
Affected products
Recommended
36 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.35.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.35.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-docker-4.9.5-150400.4.35.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.35.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.35.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-docker-4.9.5-150400.4.35.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.35.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.35.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.35.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.35.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.35.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.35.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.35.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.35.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.35.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.35.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.35.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.35.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:podman-docker-4.9.5-150400.4.35.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.35.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.35.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-docker-4.9.5-150400.4.35.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.35.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.35.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.4 (Medium)
Affected products
Recommended
36 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.35.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.35.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-docker-4.9.5-150400.4.35.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.35.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.35.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-docker-4.9.5-150400.4.35.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.35.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.35.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.35.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.35.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.35.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.35.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.35.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.35.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.35.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.35.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.35.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.35.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:podman-docker-4.9.5-150400.4.35.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.35.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.35.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-docker-4.9.5-150400.4.35.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.35.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.35.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.3 (Medium)
Affected products
Recommended
36 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.35.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.35.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-docker-4.9.5-150400.4.35.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.35.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.35.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-docker-4.9.5-150400.4.35.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.35.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.35.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.35.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.35.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.35.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.35.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.35.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.35.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.35.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.35.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.35.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.35.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:podman-docker-4.9.5-150400.4.35.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.35.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.35.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-docker-4.9.5-150400.4.35.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.35.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.35.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.4 (Medium)
Affected products
Recommended
36 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.35.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.35.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-docker-4.9.5-150400.4.35.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.35.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.35.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-docker-4.9.5-150400.4.35.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.35.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.35.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.35.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.35.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.35.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.35.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.35.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.35.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.35.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.35.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.35.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.35.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:podman-docker-4.9.5-150400.4.35.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.35.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.35.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-docker-4.9.5-150400.4.35.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.35.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.35.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.7 (Medium)
Affected products
Recommended
36 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.35.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.35.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-docker-4.9.5-150400.4.35.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.35.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.35.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-docker-4.9.5-150400.4.35.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.35.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.35.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.35.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.35.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.35.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.35.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.35.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.35.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.35.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.35.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.35.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.35.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:podman-docker-4.9.5-150400.4.35.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.35.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.35.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-docker-4.9.5-150400.4.35.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.35.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.35.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
33 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for podman",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis update for podman fixes the following issues:\n\n- CVE-2024-9676: github.com/containers/storage: Fixed symlink traversal vulnerability in the containers/storage library can cause Denial of Service (DoS) (bsc#1231698) \n\n- Load ip_tables and ip6_tables kernel module (bsc#1214612)\n * Required for rootless mode as a regular user has no permission\n to load kernel modules\n\n- CVE-2024-9675: Fixed cache arbitrary directory mount in buildah (bsc#1231499)\n- CVE-2024-9407: Fixed Improper Input Validation in bind-propagation Option of Dockerfile RUN --mount Instruction in buildah (bsc#1231208)\n- CVE-2024-9341: cri-o: FIPS Crypto-Policy Directory Mounting Issue in containers/common Go Library (bsc#1231230)\n- CVE-2024-1753: Fixed full container escape at build time in buildah (bsc#1221677)\n- CVE-2024-11218: Fixed a container breakout by using --jobs=2 and a race condition when building a malicious Containerfile. (bsc#1236270)\n\n- Refactor network backend dependencies:\n * podman requires either netavark or cni-plugins. On ALP, require\n netavark, otherwise prefer netavark but don\u0027t force it.\n * This fixes missing cni-plugins in some scenarios\n * Default to netavark everywhere where it\u0027s available\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-267,SUSE-SLE-Micro-5.3-2025-267,SUSE-SLE-Micro-5.4-2025-267,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-267,SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-267,SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-267,SUSE-SLE-Product-SLES_SAP-15-SP4-2025-267",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_0267-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:0267-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20250267-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:0267-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-January/020225.html"
},
{
"category": "self",
"summary": "SUSE Bug 1214612",
"url": "https://bugzilla.suse.com/1214612"
},
{
"category": "self",
"summary": "SUSE Bug 1215807",
"url": "https://bugzilla.suse.com/1215807"
},
{
"category": "self",
"summary": "SUSE Bug 1215926",
"url": "https://bugzilla.suse.com/1215926"
},
{
"category": "self",
"summary": "SUSE Bug 1217828",
"url": "https://bugzilla.suse.com/1217828"
},
{
"category": "self",
"summary": "SUSE Bug 1221677",
"url": "https://bugzilla.suse.com/1221677"
},
{
"category": "self",
"summary": "SUSE Bug 1231208",
"url": "https://bugzilla.suse.com/1231208"
},
{
"category": "self",
"summary": "SUSE Bug 1231230",
"url": "https://bugzilla.suse.com/1231230"
},
{
"category": "self",
"summary": "SUSE Bug 1231499",
"url": "https://bugzilla.suse.com/1231499"
},
{
"category": "self",
"summary": "SUSE Bug 1231698",
"url": "https://bugzilla.suse.com/1231698"
},
{
"category": "self",
"summary": "SUSE Bug 1236270",
"url": "https://bugzilla.suse.com/1236270"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-11218 page",
"url": "https://www.suse.com/security/cve/CVE-2024-11218/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-1753 page",
"url": "https://www.suse.com/security/cve/CVE-2024-1753/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-9341 page",
"url": "https://www.suse.com/security/cve/CVE-2024-9341/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-9407 page",
"url": "https://www.suse.com/security/cve/CVE-2024-9407/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-9675 page",
"url": "https://www.suse.com/security/cve/CVE-2024-9675/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-9676 page",
"url": "https://www.suse.com/security/cve/CVE-2024-9676/"
}
],
"title": "Security update for podman",
"tracking": {
"current_release_date": "2025-01-28T11:25:30Z",
"generator": {
"date": "2025-01-28T11:25:30Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:0267-1",
"initial_release_date": "2025-01-28T11:25:30Z",
"revision_history": [
{
"date": "2025-01-28T11:25:30Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "podman-4.9.5-150400.4.35.1.aarch64",
"product": {
"name": "podman-4.9.5-150400.4.35.1.aarch64",
"product_id": "podman-4.9.5-150400.4.35.1.aarch64"
}
},
{
"category": "product_version",
"name": "podman-remote-4.9.5-150400.4.35.1.aarch64",
"product": {
"name": "podman-remote-4.9.5-150400.4.35.1.aarch64",
"product_id": "podman-remote-4.9.5-150400.4.35.1.aarch64"
}
},
{
"category": "product_version",
"name": "podmansh-4.9.5-150400.4.35.1.aarch64",
"product": {
"name": "podmansh-4.9.5-150400.4.35.1.aarch64",
"product_id": "podmansh-4.9.5-150400.4.35.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-4.9.5-150400.4.35.1.i586",
"product": {
"name": "podman-4.9.5-150400.4.35.1.i586",
"product_id": "podman-4.9.5-150400.4.35.1.i586"
}
},
{
"category": "product_version",
"name": "podman-remote-4.9.5-150400.4.35.1.i586",
"product": {
"name": "podman-remote-4.9.5-150400.4.35.1.i586",
"product_id": "podman-remote-4.9.5-150400.4.35.1.i586"
}
},
{
"category": "product_version",
"name": "podmansh-4.9.5-150400.4.35.1.i586",
"product": {
"name": "podmansh-4.9.5-150400.4.35.1.i586",
"product_id": "podmansh-4.9.5-150400.4.35.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-docker-4.9.5-150400.4.35.1.noarch",
"product": {
"name": "podman-docker-4.9.5-150400.4.35.1.noarch",
"product_id": "podman-docker-4.9.5-150400.4.35.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-4.9.5-150400.4.35.1.ppc64le",
"product": {
"name": "podman-4.9.5-150400.4.35.1.ppc64le",
"product_id": "podman-4.9.5-150400.4.35.1.ppc64le"
}
},
{
"category": "product_version",
"name": "podman-remote-4.9.5-150400.4.35.1.ppc64le",
"product": {
"name": "podman-remote-4.9.5-150400.4.35.1.ppc64le",
"product_id": "podman-remote-4.9.5-150400.4.35.1.ppc64le"
}
},
{
"category": "product_version",
"name": "podmansh-4.9.5-150400.4.35.1.ppc64le",
"product": {
"name": "podmansh-4.9.5-150400.4.35.1.ppc64le",
"product_id": "podmansh-4.9.5-150400.4.35.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-4.9.5-150400.4.35.1.s390x",
"product": {
"name": "podman-4.9.5-150400.4.35.1.s390x",
"product_id": "podman-4.9.5-150400.4.35.1.s390x"
}
},
{
"category": "product_version",
"name": "podman-remote-4.9.5-150400.4.35.1.s390x",
"product": {
"name": "podman-remote-4.9.5-150400.4.35.1.s390x",
"product_id": "podman-remote-4.9.5-150400.4.35.1.s390x"
}
},
{
"category": "product_version",
"name": "podmansh-4.9.5-150400.4.35.1.s390x",
"product": {
"name": "podmansh-4.9.5-150400.4.35.1.s390x",
"product_id": "podmansh-4.9.5-150400.4.35.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-4.9.5-150400.4.35.1.x86_64",
"product": {
"name": "podman-4.9.5-150400.4.35.1.x86_64",
"product_id": "podman-4.9.5-150400.4.35.1.x86_64"
}
},
{
"category": "product_version",
"name": "podman-remote-4.9.5-150400.4.35.1.x86_64",
"product": {
"name": "podman-remote-4.9.5-150400.4.35.1.x86_64",
"product_id": "podman-remote-4.9.5-150400.4.35.1.x86_64"
}
},
{
"category": "product_version",
"name": "podmansh-4.9.5-150400.4.35.1.x86_64",
"product": {
"name": "podmansh-4.9.5-150400.4.35.1.x86_64",
"product_id": "podmansh-4.9.5-150400.4.35.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.3",
"product": {
"name": "SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-micro:5.3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.4",
"product": {
"name": "SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-micro:5.4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150400.4.35.1.aarch64 as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.35.1.aarch64"
},
"product_reference": "podman-4.9.5-150400.4.35.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150400.4.35.1.s390x as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.35.1.s390x"
},
"product_reference": "podman-4.9.5-150400.4.35.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150400.4.35.1.x86_64 as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.35.1.x86_64"
},
"product_reference": "podman-4.9.5-150400.4.35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150400.4.35.1.aarch64 as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.35.1.aarch64"
},
"product_reference": "podman-remote-4.9.5-150400.4.35.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150400.4.35.1.s390x as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.35.1.s390x"
},
"product_reference": "podman-remote-4.9.5-150400.4.35.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150400.4.35.1.x86_64 as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.35.1.x86_64"
},
"product_reference": "podman-remote-4.9.5-150400.4.35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150400.4.35.1.aarch64 as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.35.1.aarch64"
},
"product_reference": "podman-4.9.5-150400.4.35.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150400.4.35.1.s390x as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.35.1.s390x"
},
"product_reference": "podman-4.9.5-150400.4.35.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150400.4.35.1.x86_64 as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.35.1.x86_64"
},
"product_reference": "podman-4.9.5-150400.4.35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150400.4.35.1.aarch64 as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.35.1.aarch64"
},
"product_reference": "podman-remote-4.9.5-150400.4.35.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150400.4.35.1.s390x as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.35.1.s390x"
},
"product_reference": "podman-remote-4.9.5-150400.4.35.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150400.4.35.1.x86_64 as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.35.1.x86_64"
},
"product_reference": "podman-remote-4.9.5-150400.4.35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150400.4.35.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.35.1.aarch64"
},
"product_reference": "podman-4.9.5-150400.4.35.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150400.4.35.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.35.1.x86_64"
},
"product_reference": "podman-4.9.5-150400.4.35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-docker-4.9.5-150400.4.35.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-docker-4.9.5-150400.4.35.1.noarch"
},
"product_reference": "podman-docker-4.9.5-150400.4.35.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150400.4.35.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.35.1.aarch64"
},
"product_reference": "podman-remote-4.9.5-150400.4.35.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150400.4.35.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.35.1.x86_64"
},
"product_reference": "podman-remote-4.9.5-150400.4.35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150400.4.35.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.aarch64"
},
"product_reference": "podman-4.9.5-150400.4.35.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150400.4.35.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.x86_64"
},
"product_reference": "podman-4.9.5-150400.4.35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-docker-4.9.5-150400.4.35.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-docker-4.9.5-150400.4.35.1.noarch"
},
"product_reference": "podman-docker-4.9.5-150400.4.35.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150400.4.35.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.aarch64"
},
"product_reference": "podman-remote-4.9.5-150400.4.35.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150400.4.35.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.x86_64"
},
"product_reference": "podman-remote-4.9.5-150400.4.35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150400.4.35.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.aarch64"
},
"product_reference": "podman-4.9.5-150400.4.35.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150400.4.35.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.ppc64le"
},
"product_reference": "podman-4.9.5-150400.4.35.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150400.4.35.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.s390x"
},
"product_reference": "podman-4.9.5-150400.4.35.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150400.4.35.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.x86_64"
},
"product_reference": "podman-4.9.5-150400.4.35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-docker-4.9.5-150400.4.35.1.noarch as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-docker-4.9.5-150400.4.35.1.noarch"
},
"product_reference": "podman-docker-4.9.5-150400.4.35.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150400.4.35.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.aarch64"
},
"product_reference": "podman-remote-4.9.5-150400.4.35.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150400.4.35.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.ppc64le"
},
"product_reference": "podman-remote-4.9.5-150400.4.35.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150400.4.35.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.s390x"
},
"product_reference": "podman-remote-4.9.5-150400.4.35.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150400.4.35.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.x86_64"
},
"product_reference": "podman-remote-4.9.5-150400.4.35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150400.4.35.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.35.1.ppc64le"
},
"product_reference": "podman-4.9.5-150400.4.35.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150400.4.35.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.35.1.x86_64"
},
"product_reference": "podman-4.9.5-150400.4.35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-docker-4.9.5-150400.4.35.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-docker-4.9.5-150400.4.35.1.noarch"
},
"product_reference": "podman-docker-4.9.5-150400.4.35.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150400.4.35.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.35.1.ppc64le"
},
"product_reference": "podman-remote-4.9.5-150400.4.35.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150400.4.35.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.35.1.x86_64"
},
"product_reference": "podman-remote-4.9.5-150400.4.35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-11218",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-11218"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability was found in `podman build` and `buildah.` This issue occurs in a container breakout by using --jobs=2 and a race condition when building a malicious Containerfile. SELinux might mitigate it, but even with SELinux on, it still allows the enumeration of files and directories on the host.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-docker-4.9.5-150400.4.35.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-docker-4.9.5-150400.4.35.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-docker-4.9.5-150400.4.35.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-docker-4.9.5-150400.4.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.35.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-11218",
"url": "https://www.suse.com/security/cve/CVE-2024-11218"
},
{
"category": "external",
"summary": "SUSE Bug 1236269 for CVE-2024-11218",
"url": "https://bugzilla.suse.com/1236269"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-docker-4.9.5-150400.4.35.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-docker-4.9.5-150400.4.35.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-docker-4.9.5-150400.4.35.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-docker-4.9.5-150400.4.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.35.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-docker-4.9.5-150400.4.35.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-docker-4.9.5-150400.4.35.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-docker-4.9.5-150400.4.35.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-docker-4.9.5-150400.4.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.35.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-28T11:25:30Z",
"details": "important"
}
],
"title": "CVE-2024-11218"
},
{
"cve": "CVE-2024-1753",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-1753"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in Buildah (and subsequently Podman Build) which allows containers to mount arbitrary locations on the host filesystem into build containers. A malicious Containerfile can use a dummy image with a symbolic link to the root filesystem as a mount source and cause the mount operation to mount the host root filesystem inside the RUN step. The commands inside the RUN step will then have read-write access to the host filesystem, allowing for full container escape at build time.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-docker-4.9.5-150400.4.35.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-docker-4.9.5-150400.4.35.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-docker-4.9.5-150400.4.35.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-docker-4.9.5-150400.4.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.35.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-1753",
"url": "https://www.suse.com/security/cve/CVE-2024-1753"
},
{
"category": "external",
"summary": "SUSE Bug 1221677 for CVE-2024-1753",
"url": "https://bugzilla.suse.com/1221677"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-docker-4.9.5-150400.4.35.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-docker-4.9.5-150400.4.35.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-docker-4.9.5-150400.4.35.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-docker-4.9.5-150400.4.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.35.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-docker-4.9.5-150400.4.35.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-docker-4.9.5-150400.4.35.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-docker-4.9.5-150400.4.35.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-docker-4.9.5-150400.4.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.35.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-28T11:25:30Z",
"details": "important"
}
],
"title": "CVE-2024-1753"
},
{
"cve": "CVE-2024-9341",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-9341"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in Go. When FIPS mode is enabled on a system, container runtimes may incorrectly handle certain file paths due to improper validation in the containers/common Go library. This flaw allows an attacker to exploit symbolic links and trick the system into mounting sensitive host directories inside a container. This issue also allows attackers to access critical host files, bypassing the intended isolation between containers and the host system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-docker-4.9.5-150400.4.35.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-docker-4.9.5-150400.4.35.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-docker-4.9.5-150400.4.35.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-docker-4.9.5-150400.4.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.35.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-9341",
"url": "https://www.suse.com/security/cve/CVE-2024-9341"
},
{
"category": "external",
"summary": "SUSE Bug 1231230 for CVE-2024-9341",
"url": "https://bugzilla.suse.com/1231230"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-docker-4.9.5-150400.4.35.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-docker-4.9.5-150400.4.35.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-docker-4.9.5-150400.4.35.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-docker-4.9.5-150400.4.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.35.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-docker-4.9.5-150400.4.35.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-docker-4.9.5-150400.4.35.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-docker-4.9.5-150400.4.35.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-docker-4.9.5-150400.4.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.35.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-28T11:25:30Z",
"details": "moderate"
}
],
"title": "CVE-2024-9341"
},
{
"cve": "CVE-2024-9407",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-9407"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability exists in the bind-propagation option of the Dockerfile RUN --mount instruction. The system does not properly validate the input passed to this option, allowing users to pass arbitrary parameters to the mount instruction. This issue can be exploited to mount sensitive directories from the host into a container during the build process and, in some cases, modify the contents of those mounted files. Even if SELinux is used, this vulnerability can bypass its protection by allowing the source directory to be relabeled to give the container access to host files.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-docker-4.9.5-150400.4.35.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-docker-4.9.5-150400.4.35.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-docker-4.9.5-150400.4.35.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-docker-4.9.5-150400.4.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.35.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-9407",
"url": "https://www.suse.com/security/cve/CVE-2024-9407"
},
{
"category": "external",
"summary": "SUSE Bug 1231208 for CVE-2024-9407",
"url": "https://bugzilla.suse.com/1231208"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-docker-4.9.5-150400.4.35.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-docker-4.9.5-150400.4.35.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-docker-4.9.5-150400.4.35.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-docker-4.9.5-150400.4.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.35.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-docker-4.9.5-150400.4.35.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-docker-4.9.5-150400.4.35.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-docker-4.9.5-150400.4.35.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-docker-4.9.5-150400.4.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.35.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-28T11:25:30Z",
"details": "moderate"
}
],
"title": "CVE-2024-9407"
},
{
"cve": "CVE-2024-9675",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-9675"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability was found in Buildah. Cache mounts do not properly validate that user-specified paths for the cache are within our cache directory, allowing a `RUN` instruction in a Container file to mount an arbitrary directory from the host (read/write) into the container as long as those files can be accessed by the user running Buildah.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-docker-4.9.5-150400.4.35.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-docker-4.9.5-150400.4.35.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-docker-4.9.5-150400.4.35.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-docker-4.9.5-150400.4.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.35.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-9675",
"url": "https://www.suse.com/security/cve/CVE-2024-9675"
},
{
"category": "external",
"summary": "SUSE Bug 1231499 for CVE-2024-9675",
"url": "https://bugzilla.suse.com/1231499"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-docker-4.9.5-150400.4.35.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-docker-4.9.5-150400.4.35.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-docker-4.9.5-150400.4.35.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-docker-4.9.5-150400.4.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.35.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-docker-4.9.5-150400.4.35.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-docker-4.9.5-150400.4.35.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-docker-4.9.5-150400.4.35.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-docker-4.9.5-150400.4.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.35.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-28T11:25:30Z",
"details": "moderate"
}
],
"title": "CVE-2024-9675"
},
{
"cve": "CVE-2024-9676",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-9676"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability was found in Podman, Buildah, and CRI-O. A symlink traversal vulnerability in the containers/storage library can cause Podman, Buildah, and CRI-O to hang and result in a denial of service via OOM kill when running a malicious image using an automatically assigned user namespace (`--userns=auto` in Podman and Buildah). The containers/storage library will read /etc/passwd inside the container, but does not properly validate if that file is a symlink, which can be used to cause the library to read an arbitrary file on the host.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-docker-4.9.5-150400.4.35.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-docker-4.9.5-150400.4.35.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-docker-4.9.5-150400.4.35.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-docker-4.9.5-150400.4.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.35.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-9676",
"url": "https://www.suse.com/security/cve/CVE-2024-9676"
},
{
"category": "external",
"summary": "SUSE Bug 1231698 for CVE-2024-9676",
"url": "https://bugzilla.suse.com/1231698"
},
{
"category": "external",
"summary": "SUSE Bug 1231785 for CVE-2024-9676",
"url": "https://bugzilla.suse.com/1231785"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-docker-4.9.5-150400.4.35.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-docker-4.9.5-150400.4.35.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-docker-4.9.5-150400.4.35.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-docker-4.9.5-150400.4.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.35.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-docker-4.9.5-150400.4.35.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-docker-4.9.5-150400.4.35.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-docker-4.9.5-150400.4.35.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-docker-4.9.5-150400.4.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.35.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-28T11:25:30Z",
"details": "moderate"
}
],
"title": "CVE-2024-9676"
}
]
}
SUSE-SU-2025:0297-1
Vulnerability from csaf_suse - Published: 2025-01-30 14:03 - Updated: 2025-01-30 14:03Summary
Security update for govulncheck-vulndb
Severity
Moderate
Notes
Title of the patch: Security update for govulncheck-vulndb
Description of the patch: This update for govulncheck-vulndb fixes the following issues:
- Update to version 0.0.20250128T150132 2025-01-28T15:01:32Z.
Refs jsc#PED-11136
Go CVE Numbering Authority IDs added or updated with aliases:
* GO-2025-3409 CVE-2025-23208 GHSA-c9p4-xwr9-rfhx
* GO-2025-3410 CVE-2025-24337 GHSA-3qc3-mx6x-267h
* GO-2025-3413 CVE-2025-0377 GHSA-wpfp-cm49-9m9q
* GO-2025-3414 CVE-2024-11218 GHSA-5vpc-35f4-r8w6
* GO-2025-3415 CVE-2025-23028 GHSA-9m5p-c77c-f9j7
* GO-2025-3416 CVE-2025-23047 GHSA-h78m-j95m-5356
* GO-2025-3418 CVE-2025-24030 GHSA-j777-63hf-hx76
* GO-2025-3419 CVE-2025-24355 GHSA-v34r-vj4r-38j6
* GO-2025-3422 CVE-2025-24354
- Update to version 0.0.20250128T004730 2025-01-28T00:47:30Z.
Refs jsc#PED-11136
Go CVE Numbering Authority IDs added or updated with aliases:
* GO-2025-3372 CVE-2024-45339
* GO-2025-3373 CVE-2024-45341
* GO-2025-3383 CVE-2024-45340
* GO-2025-3420 CVE-2024-45336
* GO-2025-3421 CVE-2025-22865
- Update to version 0.0.20250117T214834 2025-01-17T21:48:34Z.
Refs jsc#PED-11136
Go CVE Numbering Authority IDs added or updated with aliases:
* GO-2025-3392 CVE-2025-20086 GHSA-5m7j-6gc4-ff5g
* GO-2025-3393 CVE-2025-21088 GHSA-8j3q-gc9x-7972
* GO-2025-3394 CVE-2025-20088 GHSA-45v9-w9fh-33j6
* GO-2025-3396 CVE-2024-52594
* GO-2025-3397 CVE-2024-36402 GHSA-8vmr-h7h5-cqhg
* GO-2025-3398 CVE-2024-52791 GHSA-gp86-q8hg-fpxj
* GO-2025-3399 CVE-2024-52602 GHSA-r6jg-jfv6-2fjv
* GO-2025-3400 CVE-2024-56515 GHSA-rcxc-wjgw-579r
* GO-2025-3401 CVE-2024-36403 GHSA-vc2m-hw89-qjxf
* GO-2025-3407 CVE-2025-20621 GHSA-w6xh-c82w-h997
- Update to version 0.0.20250115T172141 2025-01-15T17:21:41Z.
Refs jsc#PED-11136
Go CVE Numbering Authority IDs added or updated with aliases:
* GO-2025-3381 CVE-2024-56138 GHSA-45v3-38pc-874v
* GO-2025-3382 CVE-2024-51491 GHSA-qjh3-4j3h-vmwp
* GO-2025-3384 CVE-2024-56323 GHSA-32q6-rr98-cjqv
* GO-2025-3390 CVE-2024-53263 GHSA-q6r2-x2cc-vrp7
* GO-2025-3391 CVE-2024-52281 GHSA-2v2w-8v8c-wcm9
- Update to version 0.0.20250109T194159 2025-01-09T19:41:59Z.
Refs jsc#PED-11136
Go CVE Numbering Authority IDs added or updated with aliases:
* GO-2025-3376 CVE-2025-22149 GHSA-675f-rq2r-jw82
* GO-2025-3377 CVE-2025-22449 GHSA-q8fg-cp3q-5jwm
* GO-2025-3379 CVE-2025-20033 GHSA-2549-xh72-qrpm
* GO-2025-3380 CVE-2025-22445 GHSA-7rgp-4j56-fm79
Patchnames: SUSE-2025-297,SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-297,openSUSE-SLE-15.6-2025-297
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.7 (High)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch | — |
Vendor Fix
|
Threats
Impact
moderate
5.9 (Medium)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch | — |
Vendor Fix
|
Threats
Impact
moderate
7.1 (High)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch | — |
Vendor Fix
|
Threats
Impact
important
7.7 (High)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch | — |
Vendor Fix
|
Threats
Impact
important
4.2 (Medium)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch | — |
Vendor Fix
|
Threats
Impact
low
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch | — |
Vendor Fix
|
Threats
Impact
low
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch | — |
Vendor Fix
|
Threats
Impact
low
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch | — |
Vendor Fix
|
Threats
Impact
low
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch | — |
Vendor Fix
|
Threats
Impact
low
7.5 (High)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch | — |
Vendor Fix
|
Threats
Impact
important
References
81 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for govulncheck-vulndb",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for govulncheck-vulndb fixes the following issues:\n\n- Update to version 0.0.20250128T150132 2025-01-28T15:01:32Z.\n Refs jsc#PED-11136\n Go CVE Numbering Authority IDs added or updated with aliases:\n * GO-2025-3409 CVE-2025-23208 GHSA-c9p4-xwr9-rfhx\n * GO-2025-3410 CVE-2025-24337 GHSA-3qc3-mx6x-267h\n * GO-2025-3413 CVE-2025-0377 GHSA-wpfp-cm49-9m9q\n * GO-2025-3414 CVE-2024-11218 GHSA-5vpc-35f4-r8w6\n * GO-2025-3415 CVE-2025-23028 GHSA-9m5p-c77c-f9j7\n * GO-2025-3416 CVE-2025-23047 GHSA-h78m-j95m-5356\n * GO-2025-3418 CVE-2025-24030 GHSA-j777-63hf-hx76\n * GO-2025-3419 CVE-2025-24355 GHSA-v34r-vj4r-38j6\n * GO-2025-3422 CVE-2025-24354\n\n- Update to version 0.0.20250128T004730 2025-01-28T00:47:30Z.\n Refs jsc#PED-11136\n Go CVE Numbering Authority IDs added or updated with aliases:\n * GO-2025-3372 CVE-2024-45339\n * GO-2025-3373 CVE-2024-45341\n * GO-2025-3383 CVE-2024-45340\n * GO-2025-3420 CVE-2024-45336\n * GO-2025-3421 CVE-2025-22865\n\n- Update to version 0.0.20250117T214834 2025-01-17T21:48:34Z.\n Refs jsc#PED-11136\n Go CVE Numbering Authority IDs added or updated with aliases:\n * GO-2025-3392 CVE-2025-20086 GHSA-5m7j-6gc4-ff5g\n * GO-2025-3393 CVE-2025-21088 GHSA-8j3q-gc9x-7972\n * GO-2025-3394 CVE-2025-20088 GHSA-45v9-w9fh-33j6\n * GO-2025-3396 CVE-2024-52594\n * GO-2025-3397 CVE-2024-36402 GHSA-8vmr-h7h5-cqhg\n * GO-2025-3398 CVE-2024-52791 GHSA-gp86-q8hg-fpxj\n * GO-2025-3399 CVE-2024-52602 GHSA-r6jg-jfv6-2fjv\n * GO-2025-3400 CVE-2024-56515 GHSA-rcxc-wjgw-579r\n * GO-2025-3401 CVE-2024-36403 GHSA-vc2m-hw89-qjxf\n * GO-2025-3407 CVE-2025-20621 GHSA-w6xh-c82w-h997\n\n- Update to version 0.0.20250115T172141 2025-01-15T17:21:41Z.\n Refs jsc#PED-11136\n Go CVE Numbering Authority IDs added or updated with aliases:\n * GO-2025-3381 CVE-2024-56138 GHSA-45v3-38pc-874v\n * GO-2025-3382 CVE-2024-51491 GHSA-qjh3-4j3h-vmwp\n * GO-2025-3384 CVE-2024-56323 GHSA-32q6-rr98-cjqv\n * GO-2025-3390 CVE-2024-53263 GHSA-q6r2-x2cc-vrp7\n * GO-2025-3391 CVE-2024-52281 GHSA-2v2w-8v8c-wcm9\n\n- Update to version 0.0.20250109T194159 2025-01-09T19:41:59Z.\n Refs jsc#PED-11136\n Go CVE Numbering Authority IDs added or updated with aliases:\n * GO-2025-3376 CVE-2025-22149 GHSA-675f-rq2r-jw82\n * GO-2025-3377 CVE-2025-22449 GHSA-q8fg-cp3q-5jwm\n * GO-2025-3379 CVE-2025-20033 GHSA-2549-xh72-qrpm\n * GO-2025-3380 CVE-2025-22445 GHSA-7rgp-4j56-fm79\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-297,SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-297,openSUSE-SLE-15.6-2025-297",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_0297-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:0297-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20250297-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:0297-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-January/020248.html"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-11218 page",
"url": "https://www.suse.com/security/cve/CVE-2024-11218/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36402 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36402/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36403 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36403/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-45336 page",
"url": "https://www.suse.com/security/cve/CVE-2024-45336/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-45339 page",
"url": "https://www.suse.com/security/cve/CVE-2024-45339/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-45340 page",
"url": "https://www.suse.com/security/cve/CVE-2024-45340/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-45341 page",
"url": "https://www.suse.com/security/cve/CVE-2024-45341/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-51491 page",
"url": "https://www.suse.com/security/cve/CVE-2024-51491/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-52281 page",
"url": "https://www.suse.com/security/cve/CVE-2024-52281/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-52594 page",
"url": "https://www.suse.com/security/cve/CVE-2024-52594/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-52602 page",
"url": "https://www.suse.com/security/cve/CVE-2024-52602/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-52791 page",
"url": "https://www.suse.com/security/cve/CVE-2024-52791/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53263 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53263/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56138 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56138/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56323 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56323/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56515 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56515/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-0377 page",
"url": "https://www.suse.com/security/cve/CVE-2025-0377/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-20033 page",
"url": "https://www.suse.com/security/cve/CVE-2025-20033/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-20086 page",
"url": "https://www.suse.com/security/cve/CVE-2025-20086/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-20088 page",
"url": "https://www.suse.com/security/cve/CVE-2025-20088/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-20621 page",
"url": "https://www.suse.com/security/cve/CVE-2025-20621/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21088 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21088/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22149 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22149/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22445 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22445/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22449 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22449/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22865 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22865/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23028 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23028/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23047 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23047/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23208 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23208/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-24030 page",
"url": "https://www.suse.com/security/cve/CVE-2025-24030/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-24337 page",
"url": "https://www.suse.com/security/cve/CVE-2025-24337/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-24354 page",
"url": "https://www.suse.com/security/cve/CVE-2025-24354/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-24355 page",
"url": "https://www.suse.com/security/cve/CVE-2025-24355/"
}
],
"title": "Security update for govulncheck-vulndb",
"tracking": {
"current_release_date": "2025-01-30T14:03:37Z",
"generator": {
"date": "2025-01-30T14:03:37Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:0297-1",
"initial_release_date": "2025-01-30T14:03:37Z",
"revision_history": [
{
"date": "2025-01-30T14:03:37Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch",
"product": {
"name": "govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch",
"product_id": "govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Package Hub 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Module for Package Hub 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:packagehub:15:sp6"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch as component of SUSE Linux Enterprise Module for Package Hub 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch"
},
"product_reference": "govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch"
},
"product_reference": "govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-11218",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-11218"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability was found in `podman build` and `buildah.` This issue occurs in a container breakout by using --jobs=2 and a race condition when building a malicious Containerfile. SELinux might mitigate it, but even with SELinux on, it still allows the enumeration of files and directories on the host.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch",
"openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-11218",
"url": "https://www.suse.com/security/cve/CVE-2024-11218"
},
{
"category": "external",
"summary": "SUSE Bug 1236269 for CVE-2024-11218",
"url": "https://bugzilla.suse.com/1236269"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch",
"openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch",
"openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-30T14:03:37Z",
"details": "important"
}
],
"title": "CVE-2024-11218"
},
{
"cve": "CVE-2024-36402",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36402"
}
],
"notes": [
{
"category": "general",
"text": "Matrix Media Repo (MMR) is a highly configurable multi-homeserver media repository for Matrix. MMR before version 1.3.5 allows, by design, unauthenticated remote participants to trigger a download and caching of remote media from a remote homeserver to the local media repository. Such content then also becomes available for download from the local homeserver in an unauthenticated way. The implication is that unauthenticated remote adversaries can use this functionality to plant problematic content into the media repository. MMR 1.3.5 introduces a partial mitigation in the form of new endpoints which require authentication for media downloads. The unauthenticated endpoints will be frozen in a future release, closing the attack vector. Though extremely limited, server operators can use more strict rate limits based on IP address as a partial workaround.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch",
"openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36402",
"url": "https://www.suse.com/security/cve/CVE-2024-36402"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch",
"openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-30T14:03:37Z",
"details": "moderate"
}
],
"title": "CVE-2024-36402"
},
{
"cve": "CVE-2024-36403",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36403"
}
],
"notes": [
{
"category": "general",
"text": "Matrix Media Repo (MMR) is a highly configurable multi-homeserver media repository for Matrix. MMR before version 1.3.5 is vulnerable to unbounded disk consumption, where an unauthenticated adversary can induce it to download and cache large amounts of remote media files. MMR\u0027s typical operating environment uses S3-like storage as a backend, with file-backed store as an alternative option. Instances using a file-backed store or those which self-host an S3 storage system are therefore vulnerable to a disk fill attack. Once the disk is full, authenticated users will be unable to upload new media, resulting in denial of service. For instances configured to use a cloud-based S3 storage option, this could result in high service fees instead of a denial of service. MMR 1.3.5 introduces a new default-on \"leaky bucket\" rate limit to reduce the amount of data a user can request at a time. This does not fully address the issue, but does limit an unauthenticated user\u0027s ability to request large amounts of data. Operators should note that the leaky bucket implementation introduced in MMR 1.3.5 requires the IP address associated with the request to be forwarded, to avoid mistakenly applying the rate limit to the reverse proxy instead. To avoid this issue, the reverse proxy should populate the X-Forwarded-For header when sending the request to MMR. Operators who cannot update may wish to lower the maximum file size they allow and implement harsh rate limits, though this can still lead to a large amount of data to be downloaded.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch",
"openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36403",
"url": "https://www.suse.com/security/cve/CVE-2024-36403"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch",
"openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-30T14:03:37Z",
"details": "moderate"
}
],
"title": "CVE-2024-36403"
},
{
"cve": "CVE-2024-45336",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-45336"
}
],
"notes": [
{
"category": "general",
"text": "The HTTP client drops sensitive headers after following a cross-domain redirect. For example, a request to a.com/ containing an Authorization header which is redirected to b.com/ will not send that header to b.com. In the event that the client received a subsequent same-domain redirect, however, the sensitive headers would be restored. For example, a chain of redirects from a.com/, to b.com/1, and finally to b.com/2 would incorrectly send the Authorization header to b.com/2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch",
"openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-45336",
"url": "https://www.suse.com/security/cve/CVE-2024-45336"
},
{
"category": "external",
"summary": "SUSE Bug 1236045 for CVE-2024-45336",
"url": "https://bugzilla.suse.com/1236045"
},
{
"category": "external",
"summary": "SUSE Bug 1236046 for CVE-2024-45336",
"url": "https://bugzilla.suse.com/1236046"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch",
"openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch",
"openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-30T14:03:37Z",
"details": "moderate"
}
],
"title": "CVE-2024-45336"
},
{
"cve": "CVE-2024-45339",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-45339"
}
],
"notes": [
{
"category": "general",
"text": "When logs are written to a widely-writable directory (the default), an unprivileged attacker may predict a privileged process\u0027s log file path and pre-create a symbolic link to a sensitive file in its place. When that privileged process runs, it will follow the planted symlink and overwrite that sensitive file. To fix that, glog now causes the program to exit (with status code 2) when it finds that the configured log file already exists.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch",
"openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-45339",
"url": "https://www.suse.com/security/cve/CVE-2024-45339"
},
{
"category": "external",
"summary": "SUSE Bug 1236541 for CVE-2024-45339",
"url": "https://bugzilla.suse.com/1236541"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch",
"openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch",
"openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-30T14:03:37Z",
"details": "important"
}
],
"title": "CVE-2024-45339"
},
{
"cve": "CVE-2024-45340",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-45340"
}
],
"notes": [
{
"category": "general",
"text": "Credentials provided via the new GOAUTH feature were not being properly segmented by domain, allowing a malicious server to request credentials they should not have access to. By default, unless otherwise set, this only affected credentials stored in the users .netrc file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch",
"openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-45340",
"url": "https://www.suse.com/security/cve/CVE-2024-45340"
},
{
"category": "external",
"summary": "SUSE Bug 1236360 for CVE-2024-45340",
"url": "https://bugzilla.suse.com/1236360"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch",
"openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch",
"openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-30T14:03:37Z",
"details": "important"
}
],
"title": "CVE-2024-45340"
},
{
"cve": "CVE-2024-45341",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-45341"
}
],
"notes": [
{
"category": "general",
"text": "A certificate with a URI which has a IPv6 address with a zone ID may incorrectly satisfy a URI name constraint that applies to the certificate chain. Certificates containing URIs are not permitted in the web PKI, so this only affects users of private PKIs which make use of URIs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch",
"openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-45341",
"url": "https://www.suse.com/security/cve/CVE-2024-45341"
},
{
"category": "external",
"summary": "SUSE Bug 1236045 for CVE-2024-45341",
"url": "https://bugzilla.suse.com/1236045"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch",
"openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch",
"openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-30T14:03:37Z",
"details": "moderate"
}
],
"title": "CVE-2024-45341"
},
{
"cve": "CVE-2024-51491",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-51491"
}
],
"notes": [
{
"category": "general",
"text": "notion-go is a collection of libraries for supporting sign and verify OCI artifacts. Based on Notary Project specifications. The issue was identified during Quarkslab\u0027s security audit on the Certificate Revocation List (CRL) based revocation check feature.\nAfter retrieving the CRL, notation-go attempts to update the CRL cache using the os.Rename method. However, this operation may fail due to operating system-specific limitations, particularly when the source and destination paths are on different mount points. This failure could lead to an unexpected program termination. In method `crl.(*FileCache).Set`, a temporary file is created in the OS dedicated area (like /tmp for, usually, Linux/Unix). The file is written and then it is tried to move it to the dedicated `notation` cache directory thanks `os.Rename`. As specified in Go documentation, OS specific restriction may apply. When used with Linux OS, it is relying on rename syscall from the libc and as per the documentation, moving a file to a different mountpoint raises an EXDEV error, interpreted as Cross device link not permitted error. Some Linux distribution, like RedHat use a dedicated filesystem (tmpfs), mounted on a specific mountpoint (usually /tmp) for temporary files. When using such OS, revocation check based on CRL will repeatedly crash notation. As a result the signature verification process is aborted as process crashes. This issue has been addressed in version 1.3.0-rc.2 and all users are advised to upgrade. There are no known workarounds for this vulnerability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch",
"openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-51491",
"url": "https://www.suse.com/security/cve/CVE-2024-51491"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch",
"openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-30T14:03:37Z",
"details": "low"
}
],
"title": "CVE-2024-51491"
},
{
"cve": "CVE-2024-52281",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-52281"
}
],
"notes": [
{
"category": "general",
"text": "A: Improper Neutralization of Input During Web Page Generation vulnerability in SUSE rancher allows a malicious actor to perform a Stored XSS attack through the cluster description field.\nThis issue affects rancher: from 2.9.0 before 2.9.4.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch",
"openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-52281",
"url": "https://www.suse.com/security/cve/CVE-2024-52281"
},
{
"category": "external",
"summary": "SUSE Bug 1233339 for CVE-2024-52281",
"url": "https://bugzilla.suse.com/1233339"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch",
"openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-30T14:03:37Z",
"details": "important"
}
],
"title": "CVE-2024-52281"
},
{
"cve": "CVE-2024-52594",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-52594"
}
],
"notes": [
{
"category": "general",
"text": "Gomatrixserverlib is a Go library for matrix federation. Gomatrixserverlib is vulnerable to server-side request forgery, serving content from a private network it can access, under certain conditions. The commit `c4f1e01` fixes this issue. Users are advised to upgrade. Users unable to upgrade should use a local firewall to limit the network segments and hosts the service using gomatrixserverlib can access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch",
"openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-52594",
"url": "https://www.suse.com/security/cve/CVE-2024-52594"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch",
"openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-30T14:03:37Z",
"details": "moderate"
}
],
"title": "CVE-2024-52594"
},
{
"cve": "CVE-2024-52602",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-52602"
}
],
"notes": [
{
"category": "general",
"text": "Matrix Media Repo (MMR) is a highly configurable multi-homeserver media repository for Matrix. Matrix Media Repo (MMR) is vulnerable to server-side request forgery, serving content from a private network it can access, under certain conditions. This is fixed in MMR v1.3.8. Users are advised to upgrade. Restricting which hosts MMR is allowed to contact via (local) firewall rules or a transparent proxy and may provide a workaround for users unable to upgrade.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch",
"openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-52602",
"url": "https://www.suse.com/security/cve/CVE-2024-52602"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch",
"openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-30T14:03:37Z",
"details": "moderate"
}
],
"title": "CVE-2024-52602"
},
{
"cve": "CVE-2024-52791",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-52791"
}
],
"notes": [
{
"category": "general",
"text": "Matrix Media Repo (MMR) is a highly configurable multi-homeserver media repository for Matrix. MMR makes requests to other servers as part of normal operation, and these resource owners can return large amounts of JSON back to MMR for parsing. In parsing, MMR can consume large amounts of memory and exhaust available memory. This is fixed in MMR v1.3.8. Users are advised to upgrade. For users unable to upgrade; forward proxies can be configured to block requests to unsafe hosts. Alternatively, MMR processes can be configured with memory limits and auto-restart. Running multiple MMR processes concurrently can help ensure a restart does not overly impact users.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch",
"openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-52791",
"url": "https://www.suse.com/security/cve/CVE-2024-52791"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch",
"openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-30T14:03:37Z",
"details": "moderate"
}
],
"title": "CVE-2024-52791"
},
{
"cve": "CVE-2024-53263",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53263"
}
],
"notes": [
{
"category": "general",
"text": "Git LFS is a Git extension for versioning large files. When Git LFS requests credentials from Git for a remote host, it passes portions of the host\u0027s URL to the `git-credential(1)` command without checking for embedded line-ending control characters, and then sends any credentials it receives back from the Git credential helper to the remote host. By inserting URL-encoded control characters such as line feed (LF) or carriage return (CR) characters into the URL, an attacker may be able to retrieve a user\u0027s Git credentials. This problem exists in all previous versions and is patched in v3.6.1. All users should upgrade to v3.6.1. There are no workarounds known at this time.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch",
"openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53263",
"url": "https://www.suse.com/security/cve/CVE-2024-53263"
},
{
"category": "external",
"summary": "SUSE Bug 1235876 for CVE-2024-53263",
"url": "https://bugzilla.suse.com/1235876"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch",
"openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-30T14:03:37Z",
"details": "important"
}
],
"title": "CVE-2024-53263"
},
{
"cve": "CVE-2024-56138",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56138"
}
],
"notes": [
{
"category": "general",
"text": "notion-go is a collection of libraries for supporting sign and verify OCI artifacts. Based on Notary Project specifications. This issue was identified during Quarkslab\u0027s audit of the timestamp feature. During the timestamp signature generation, the revocation status of the certificate(s) used to generate the timestamp signature was not verified. During timestamp signature generation, notation-go did not check the revocation status of the certificate chain used by the TSA. This oversight creates a vulnerability that could be exploited through a Man-in-The-Middle attack. An attacker could potentially use a compromised, intermediate, or revoked leaf certificate to generate a malicious countersignature, which would then be accepted and stored by `notation`. This could lead to denial of service scenarios, particularly in CI/CD environments during signature verification processes because timestamp signature would fail due to the presence of a revoked certificate(s) potentially disrupting operations. This issue has been addressed in release version 1.3.0-rc.2 and all users are advised to upgrade. There are no known workarounds for this vulnerability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch",
"openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56138",
"url": "https://www.suse.com/security/cve/CVE-2024-56138"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch",
"openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-30T14:03:37Z",
"details": "low"
}
],
"title": "CVE-2024-56138"
},
{
"cve": "CVE-2024-56323",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56323"
}
],
"notes": [
{
"category": "general",
"text": "OpenFGA is an authorization/permission engine. IN OpenFGA v1.3.8 to v1.8.2 (Helm chart openfga-0.1.38 to openfga-0.2.19, docker v1.3.8 to v.1.8.2) are vulnerable to authorization bypass under the following conditions: 1. calling Check API or ListObjects with a model that uses [conditions](https://openfga.dev/docs/modeling/conditions), and 2. calling Check API or ListObjects API with [contextual tuples](https://openfga.dev/docs/concepts#what-are-contextual-tuples) that include conditions and 3. OpenFGA is configured with caching enabled (`OPENFGA_CHECK_QUERY_CACHE_ENABLED`). Users are advised to upgrade to v1.8.3. There are no known workarounds for this vulnerability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch",
"openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56323",
"url": "https://www.suse.com/security/cve/CVE-2024-56323"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch",
"openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-30T14:03:37Z",
"details": "moderate"
}
],
"title": "CVE-2024-56323"
},
{
"cve": "CVE-2024-56515",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56515"
}
],
"notes": [
{
"category": "general",
"text": "Matrix Media Repo (MMR) is a highly configurable multi-homeserver media repository for Matrix. If SVG or JPEGXL thumbnailers are enabled (they are disabled by default), a user may upload a file which claims to be either of these types and request a thumbnail to invoke a different decoder in ImageMagick. In some ImageMagick installations, this includes the capability to run Ghostscript to decode the image/file. If MP4 thumbnailers are enabled (also disabled by default), the same issue as above may occur with the ffmpeg installation instead. MMR uses a number of other decoders for all other file types when preparing thumbnails. Theoretical issues are possible with these decoders, however in testing they were not possible to exploit. This is fixed in MMR v1.3.8. MMR now inspects the mimetype of media prior to thumbnailing, and picks a thumbnailer based on those results instead of relying on user-supplied values. This may lead to fewer thumbnails when obscure file shapes are used. This also helps narrow scope of theoretical issues with all decoders MMR uses for thumbnails. Users are advised to upgrade. Users unable to upgrade may disable the SVG, JPEGXL, and MP4 thumbnail types in the MMR config which prevents the decoders from being invoked. Further disabling uncommon file types on the server is recommended to limit risk surface. Containers and other similar technologies may also be used to limit the impact of vulnerabilities in external decoders, like ImageMagick and ffmpeg. Some installations of ImageMagick may disable \"unsafe\" file types, like PDFs, already. This option can be replicated to other environments as needed. ffmpeg may be compiled with limited decoders/codecs. The Docker image for MMR disables PDFs and similar formats by default.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch",
"openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56515",
"url": "https://www.suse.com/security/cve/CVE-2024-56515"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch",
"openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-30T14:03:37Z",
"details": "moderate"
}
],
"title": "CVE-2024-56515"
},
{
"cve": "CVE-2025-0377",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-0377"
}
],
"notes": [
{
"category": "general",
"text": "HashiCorp\u0027s go-slug library is vulnerable to a zip-slip style attack when a non-existing user-provided path is extracted from the tar entry.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch",
"openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-0377",
"url": "https://www.suse.com/security/cve/CVE-2025-0377"
},
{
"category": "external",
"summary": "SUSE Bug 1236209 for CVE-2025-0377",
"url": "https://bugzilla.suse.com/1236209"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch",
"openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-30T14:03:37Z",
"details": "important"
}
],
"title": "CVE-2025-0377"
},
{
"cve": "CVE-2025-20033",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-20033"
}
],
"notes": [
{
"category": "general",
"text": "Mattermost versions 10.2.0, 9.11.x \u003c= 9.11.5, 10.0.x \u003c= 10.0.3, 10.1.x \u003c= 10.1.3 fail to properly validate post types, which allows attackers to deny service to users with the sysconsole_read_plugins permission via creating a post with the custom_pl_notification type and specific props.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch",
"openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-20033",
"url": "https://www.suse.com/security/cve/CVE-2025-20033"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch",
"openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-30T14:03:37Z",
"details": "moderate"
}
],
"title": "CVE-2025-20033"
},
{
"cve": "CVE-2025-20086",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-20086"
}
],
"notes": [
{
"category": "general",
"text": "Mattermost versions 10.2.x \u003c= 10.2.0, 9.11.x \u003c= 9.11.5, 10.0.x \u003c= 10.0.3, 10.1.x \u003c= 10.1.3 fail to properly validate post props which allows a malicious authenticated user to cause a crash via a malicious post.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch",
"openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-20086",
"url": "https://www.suse.com/security/cve/CVE-2025-20086"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch",
"openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-30T14:03:37Z",
"details": "moderate"
}
],
"title": "CVE-2025-20086"
},
{
"cve": "CVE-2025-20088",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-20088"
}
],
"notes": [
{
"category": "general",
"text": "Mattermost versions 10.2.x \u003c= 10.2.0, 9.11.x \u003c= 9.11.5, 10.0.x \u003c= 10.0.3, 10.1.x \u003c= 10.1.3 fail to properly validate post props which allows a malicious authenticated user to cause a crash via a malicious post.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch",
"openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-20088",
"url": "https://www.suse.com/security/cve/CVE-2025-20088"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch",
"openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-30T14:03:37Z",
"details": "moderate"
}
],
"title": "CVE-2025-20088"
},
{
"cve": "CVE-2025-20621",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-20621"
}
],
"notes": [
{
"category": "general",
"text": "Mattermost versions 10.2.x \u003c= 10.2.0, 9.11.x \u003c= 9.11.5, 10.0.x \u003c= 10.0.3, 10.1.x \u003c= 10.1.3 fail to properly handle posts with attachments containing fields that cannot be cast to a String, which allows an attacker to cause the webapp to crash via creating and sending such a post to a channel.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch",
"openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-20621",
"url": "https://www.suse.com/security/cve/CVE-2025-20621"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch",
"openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-30T14:03:37Z",
"details": "moderate"
}
],
"title": "CVE-2025-20621"
},
{
"cve": "CVE-2025-21088",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21088"
}
],
"notes": [
{
"category": "general",
"text": "Mattermost versions 10.2.x \u003c= 10.2.0, 9.11.x \u003c= 9.11.5, 10.0.x \u003c= 10.0.3, 10.1.x \u003c= 10.1.3 fail to properly validate the style of proto supplied to an action\u0027s style in post.props.attachments, which allows an attacker to crash the frontend via crafted malicious input.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch",
"openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21088",
"url": "https://www.suse.com/security/cve/CVE-2025-21088"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch",
"openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-30T14:03:37Z",
"details": "moderate"
}
],
"title": "CVE-2025-21088"
},
{
"cve": "CVE-2025-22149",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22149"
}
],
"notes": [
{
"category": "general",
"text": "JWK Set (JSON Web Key Set) is a JWK and JWK Set Go implementation. Prior to 0.6.0, the project\u0027s provided HTTP client\u0027s local JWK Set cache should do a full replacement when the goroutine refreshes the remote JWK Set. The current behavior is to overwrite or append. This is a security issue for use cases that utilize the provided auto-caching HTTP client and where key removal from a JWK Set is equivalent to revocation. The affected auto-caching HTTP client was added in version v0.5.0 and fixed in v0.6.0. The only workaround would be to remove the provided auto-caching HTTP client and replace it with a custom implementation. This involves setting the HTTPClientStorageOptions.RefreshInterval to zero (or not specifying the value).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch",
"openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22149",
"url": "https://www.suse.com/security/cve/CVE-2025-22149"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch",
"openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-30T14:03:37Z",
"details": "low"
}
],
"title": "CVE-2025-22149"
},
{
"cve": "CVE-2025-22445",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22445"
}
],
"notes": [
{
"category": "general",
"text": "Mattermost versions 10.x \u003c= 10.2 fail to accurately reflect missing settings, which allows confusion for admins regarding a Calls security-sensitive configuration via incorrect UI reporting.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch",
"openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22445",
"url": "https://www.suse.com/security/cve/CVE-2025-22445"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch",
"openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-30T14:03:37Z",
"details": "low"
}
],
"title": "CVE-2025-22445"
},
{
"cve": "CVE-2025-22449",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22449"
}
],
"notes": [
{
"category": "general",
"text": "Mattermost versions 9.11.x \u003c= 9.11.5 fail to enforce invite permissions, which allows team admins, with no permission to invite users to their team, to invite users by updating the \"allow_open_invite\" field via making their team public.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch",
"openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22449",
"url": "https://www.suse.com/security/cve/CVE-2025-22449"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch",
"openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-30T14:03:37Z",
"details": "low"
}
],
"title": "CVE-2025-22449"
},
{
"cve": "CVE-2025-22865",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22865"
}
],
"notes": [
{
"category": "general",
"text": "Using ParsePKCS1PrivateKey to parse a RSA key that is missing the CRT values would panic when verifying that the key is well formed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch",
"openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22865",
"url": "https://www.suse.com/security/cve/CVE-2025-22865"
},
{
"category": "external",
"summary": "SUSE Bug 1236361 for CVE-2025-22865",
"url": "https://bugzilla.suse.com/1236361"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch",
"openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch",
"openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-30T14:03:37Z",
"details": "important"
}
],
"title": "CVE-2025-22865"
},
{
"cve": "CVE-2025-23028",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23028"
}
],
"notes": [
{
"category": "general",
"text": "Cilium is a networking, observability, and security solution with an eBPF-based dataplane. A denial of service vulnerability affects versions 1.14.0 through 1.14.7, 1.15.0 through 1.15.11, and 1.16.0 through 1.16.4. In a Kubernetes cluster where Cilium is configured to proxy DNS traffic, an attacker can crash Cilium agents by sending a crafted DNS response to workloads from outside the cluster. For traffic that is allowed but without using DNS-based policy, the dataplane will continue to pass traffic as configured at the time of the DoS. For workloads that have DNS-based policy configured, existing connections may continue to operate, and new connections made without relying on DNS resolution may continue to be established, but new connections which rely on DNS resolution may be disrupted. Any configuration changes that affect the impacted agent may not be applied until the agent is able to restart. This issue is fixed in Cilium v1.14.18, v1.15.12, and v1.16.5. No known workarounds are available.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch",
"openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23028",
"url": "https://www.suse.com/security/cve/CVE-2025-23028"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch",
"openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-30T14:03:37Z",
"details": "moderate"
}
],
"title": "CVE-2025-23028"
},
{
"cve": "CVE-2025-23047",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23047"
}
],
"notes": [
{
"category": "general",
"text": "Cilium is a networking, observability, and security solution with an eBPF-based dataplane. An insecure default `Access-Control-Allow-Origin` header value could lead to sensitive data exposure for users of Cilium versions 1.14.0 through 1.14.7, 1.15.0 through 1.15.11, and 1.16.0 through 1.16.4 who deploy Hubble UI using either Cilium CLI or via the Cilium Helm chart. A user with access to a Hubble UI instance affected by this issue could leak configuration details about the Kubernetes cluster which Hubble UI is monitoring, including node names, IP addresses, and other metadata about workloads and the cluster networking configuration. In order for this vulnerability to be exploited, a victim would have to first visit a malicious page. This issue is fixed in Cilium v1.14.18, v1.15.12, and v1.16.5. As a workaround, users who deploy Hubble UI using the Cilium Helm chart directly can remove the CORS headers from the Helm template as shown in the patch from commit a3489f190ba6e87b5336ee685fb6c80b1270d06d.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch",
"openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23047",
"url": "https://www.suse.com/security/cve/CVE-2025-23047"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch",
"openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-30T14:03:37Z",
"details": "moderate"
}
],
"title": "CVE-2025-23047"
},
{
"cve": "CVE-2025-23208",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23208"
}
],
"notes": [
{
"category": "general",
"text": "zot is a production-ready vendor-neutral OCI image registry. The group data stored for users in the boltdb database (meta.db) is an append-list so group revocations/removals are ignored in the API. SetUserGroups is alled on login, but instead of replacing the group memberships, they are appended. This may be due to some conflict with the group definitions in the config file, but that wasn\u0027t obvious to me if it were the case. Any Zot configuration that relies on group-based authorization will not respect group remove/revocation by an IdP. This issue has been addressed in version 2.1.2. All users are advised to upgrade. There are no known workarounds for this vulnerability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch",
"openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23208",
"url": "https://www.suse.com/security/cve/CVE-2025-23208"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch",
"openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-30T14:03:37Z",
"details": "important"
}
],
"title": "CVE-2025-23208"
},
{
"cve": "CVE-2025-24030",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-24030"
}
],
"notes": [
{
"category": "general",
"text": "Envoy Gateway is an open source project for managing Envoy Proxy as a standalone or Kubernetes-based application gateway. A user with access to the Kubernetes cluster can use a path traversal attack to execute Envoy Admin interface commands on proxies managed by any version of Envoy Gateway prior to 1.2.6. The admin interface can be used to terminate the Envoy process and extract the Envoy configuration (possibly containing confidential data). Version 1.2.6 fixes the issue. As a workaround, the `EnvoyProxy` API can be used to apply a bootstrap config patch that restricts access strictly to the prometheus stats endpoint. Find below an example of such a bootstrap patch.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch",
"openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-24030",
"url": "https://www.suse.com/security/cve/CVE-2025-24030"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch",
"openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-30T14:03:37Z",
"details": "important"
}
],
"title": "CVE-2025-24030"
},
{
"cve": "CVE-2025-24337",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-24337"
}
],
"notes": [
{
"category": "general",
"text": "WriteFreely through 0.15.1, when MySQL is used, allows local users to discover credentials by reading config.ini.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch",
"openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-24337",
"url": "https://www.suse.com/security/cve/CVE-2025-24337"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch",
"openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-30T14:03:37Z",
"details": "important"
}
],
"title": "CVE-2025-24337"
},
{
"cve": "CVE-2025-24354",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-24354"
}
],
"notes": [
{
"category": "general",
"text": "imgproxy is server for resizing, processing, and converting images. Imgproxy does not block the 0.0.0.0 address, even with IMGPROXY_ALLOW_LOOPBACK_SOURCE_ADDRESSES set to false. This can expose services on the local host. This vulnerability is fixed in 3.27.2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch",
"openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-24354",
"url": "https://www.suse.com/security/cve/CVE-2025-24354"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch",
"openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-30T14:03:37Z",
"details": "moderate"
}
],
"title": "CVE-2025-24354"
},
{
"cve": "CVE-2025-24355",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-24355"
}
],
"notes": [
{
"category": "general",
"text": "Updatecli is a tool used to apply file update strategies. Prior to version 0.93.0, private maven repository credentials may be leaked in application logs in case of unsuccessful retrieval operation. During the execution of an updatecli pipeline which contains a `maven` source configured with basic auth credentials, the credentials are being leaked in the application execution logs in case of failure. Credentials are properly sanitized when the operation is successful but not when for whatever reason there is a failure in the maven repository, e.g. wrong coordinates provided, not existing artifact or version. Version 0.93.0 contains a patch for the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch",
"openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-24355",
"url": "https://www.suse.com/security/cve/CVE-2025-24355"
},
{
"category": "external",
"summary": "SUSE Bug 1236404 for CVE-2025-24355",
"url": "https://bugzilla.suse.com/1236404"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch",
"openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-30T14:03:37Z",
"details": "important"
}
],
"title": "CVE-2025-24355"
}
]
}
SUSE-SU-2025:0301-1
Vulnerability from csaf_suse - Published: 2025-01-30 14:50 - Updated: 2025-01-30 14:50Summary
Security update for buildah
Severity
Important
Notes
Title of the patch: Security update for buildah
Description of the patch: This update for buildah fixes the following issues:
- Update to version 1.35.5
- CVE-2024-11218: Fix TOCTOU error when bind and cache mounts use 'src' values. (bsc#1236272)
Patchnames: SUSE-2025-301,SUSE-SLE-Module-Containers-15-SP6-2025-301,openSUSE-SLE-15.6-2025-301
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.7 (High)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP6:buildah-1.35.5-150500.3.25.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP6:buildah-1.35.5-150500.3.25.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP6:buildah-1.35.5-150500.3.25.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP6:buildah-1.35.5-150500.3.25.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:buildah-1.35.5-150500.3.25.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:buildah-1.35.5-150500.3.25.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:buildah-1.35.5-150500.3.25.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:buildah-1.35.5-150500.3.25.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
8 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for buildah",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for buildah fixes the following issues:\n\n- Update to version 1.35.5 \n- CVE-2024-11218: Fix TOCTOU error when bind and cache mounts use \u0027src\u0027 values. (bsc#1236272)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-301,SUSE-SLE-Module-Containers-15-SP6-2025-301,openSUSE-SLE-15.6-2025-301",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_0301-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:0301-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20250301-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:0301-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-January/020245.html"
},
{
"category": "self",
"summary": "SUSE Bug 1236272",
"url": "https://bugzilla.suse.com/1236272"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-11218 page",
"url": "https://www.suse.com/security/cve/CVE-2024-11218/"
}
],
"title": "Security update for buildah",
"tracking": {
"current_release_date": "2025-01-30T14:50:02Z",
"generator": {
"date": "2025-01-30T14:50:02Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:0301-1",
"initial_release_date": "2025-01-30T14:50:02Z",
"revision_history": [
{
"date": "2025-01-30T14:50:02Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "buildah-1.35.5-150500.3.25.1.aarch64",
"product": {
"name": "buildah-1.35.5-150500.3.25.1.aarch64",
"product_id": "buildah-1.35.5-150500.3.25.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "buildah-1.35.5-150500.3.25.1.i586",
"product": {
"name": "buildah-1.35.5-150500.3.25.1.i586",
"product_id": "buildah-1.35.5-150500.3.25.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "buildah-1.35.5-150500.3.25.1.ppc64le",
"product": {
"name": "buildah-1.35.5-150500.3.25.1.ppc64le",
"product_id": "buildah-1.35.5-150500.3.25.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "buildah-1.35.5-150500.3.25.1.s390x",
"product": {
"name": "buildah-1.35.5-150500.3.25.1.s390x",
"product_id": "buildah-1.35.5-150500.3.25.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "buildah-1.35.5-150500.3.25.1.x86_64",
"product": {
"name": "buildah-1.35.5-150500.3.25.1.x86_64",
"product_id": "buildah-1.35.5-150500.3.25.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Containers 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-containers:15:sp6"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-1.35.5-150500.3.25.1.aarch64 as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:buildah-1.35.5-150500.3.25.1.aarch64"
},
"product_reference": "buildah-1.35.5-150500.3.25.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-1.35.5-150500.3.25.1.ppc64le as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:buildah-1.35.5-150500.3.25.1.ppc64le"
},
"product_reference": "buildah-1.35.5-150500.3.25.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-1.35.5-150500.3.25.1.s390x as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:buildah-1.35.5-150500.3.25.1.s390x"
},
"product_reference": "buildah-1.35.5-150500.3.25.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-1.35.5-150500.3.25.1.x86_64 as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:buildah-1.35.5-150500.3.25.1.x86_64"
},
"product_reference": "buildah-1.35.5-150500.3.25.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-1.35.5-150500.3.25.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:buildah-1.35.5-150500.3.25.1.aarch64"
},
"product_reference": "buildah-1.35.5-150500.3.25.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-1.35.5-150500.3.25.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:buildah-1.35.5-150500.3.25.1.ppc64le"
},
"product_reference": "buildah-1.35.5-150500.3.25.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-1.35.5-150500.3.25.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:buildah-1.35.5-150500.3.25.1.s390x"
},
"product_reference": "buildah-1.35.5-150500.3.25.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-1.35.5-150500.3.25.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:buildah-1.35.5-150500.3.25.1.x86_64"
},
"product_reference": "buildah-1.35.5-150500.3.25.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-11218",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-11218"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability was found in `podman build` and `buildah.` This issue occurs in a container breakout by using --jobs=2 and a race condition when building a malicious Containerfile. SELinux might mitigate it, but even with SELinux on, it still allows the enumeration of files and directories on the host.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Containers 15 SP6:buildah-1.35.5-150500.3.25.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:buildah-1.35.5-150500.3.25.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:buildah-1.35.5-150500.3.25.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:buildah-1.35.5-150500.3.25.1.x86_64",
"openSUSE Leap 15.6:buildah-1.35.5-150500.3.25.1.aarch64",
"openSUSE Leap 15.6:buildah-1.35.5-150500.3.25.1.ppc64le",
"openSUSE Leap 15.6:buildah-1.35.5-150500.3.25.1.s390x",
"openSUSE Leap 15.6:buildah-1.35.5-150500.3.25.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-11218",
"url": "https://www.suse.com/security/cve/CVE-2024-11218"
},
{
"category": "external",
"summary": "SUSE Bug 1236269 for CVE-2024-11218",
"url": "https://bugzilla.suse.com/1236269"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Containers 15 SP6:buildah-1.35.5-150500.3.25.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:buildah-1.35.5-150500.3.25.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:buildah-1.35.5-150500.3.25.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:buildah-1.35.5-150500.3.25.1.x86_64",
"openSUSE Leap 15.6:buildah-1.35.5-150500.3.25.1.aarch64",
"openSUSE Leap 15.6:buildah-1.35.5-150500.3.25.1.ppc64le",
"openSUSE Leap 15.6:buildah-1.35.5-150500.3.25.1.s390x",
"openSUSE Leap 15.6:buildah-1.35.5-150500.3.25.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Containers 15 SP6:buildah-1.35.5-150500.3.25.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:buildah-1.35.5-150500.3.25.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:buildah-1.35.5-150500.3.25.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:buildah-1.35.5-150500.3.25.1.x86_64",
"openSUSE Leap 15.6:buildah-1.35.5-150500.3.25.1.aarch64",
"openSUSE Leap 15.6:buildah-1.35.5-150500.3.25.1.ppc64le",
"openSUSE Leap 15.6:buildah-1.35.5-150500.3.25.1.s390x",
"openSUSE Leap 15.6:buildah-1.35.5-150500.3.25.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-30T14:50:02Z",
"details": "important"
}
],
"title": "CVE-2024-11218"
}
]
}
SUSE-SU-2025:0319-1
Vulnerability from csaf_suse - Published: 2025-02-01 09:53 - Updated: 2025-02-01 09:53Summary
Security update for buildah
Severity
Important
Notes
Title of the patch: Security update for buildah
Description of the patch: This update for buildah fixes the following issues:
- Update to version 1.35.5
- CVE-2024-11218: Fix TOCTOU error when bind and cache mounts use 'src' values. (bsc#1236272)
Patchnames: SUSE-2025-319,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-319,SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-319,SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-319,SUSE-SLE-Product-SLES_SAP-15-SP4-2025-319
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.7 (High)
Affected products
Recommended
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:buildah-1.35.5-150400.3.36.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:buildah-1.35.5-150400.3.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:buildah-1.35.5-150400.3.36.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:buildah-1.35.5-150400.3.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:buildah-1.35.5-150400.3.36.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:buildah-1.35.5-150400.3.36.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:buildah-1.35.5-150400.3.36.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:buildah-1.35.5-150400.3.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:buildah-1.35.5-150400.3.36.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:buildah-1.35.5-150400.3.36.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.3 (Medium)
Affected products
Recommended
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:buildah-1.35.5-150400.3.36.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:buildah-1.35.5-150400.3.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:buildah-1.35.5-150400.3.36.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:buildah-1.35.5-150400.3.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:buildah-1.35.5-150400.3.36.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:buildah-1.35.5-150400.3.36.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:buildah-1.35.5-150400.3.36.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:buildah-1.35.5-150400.3.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:buildah-1.35.5-150400.3.36.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:buildah-1.35.5-150400.3.36.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
11 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for buildah",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for buildah fixes the following issues:\n\n- Update to version 1.35.5 \n- CVE-2024-11218: Fix TOCTOU error when bind and cache mounts use \u0027src\u0027 values. (bsc#1236272)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-319,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-319,SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-319,SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-319,SUSE-SLE-Product-SLES_SAP-15-SP4-2025-319",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_0319-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:0319-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20250319-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:0319-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-February/020254.html"
},
{
"category": "self",
"summary": "SUSE Bug 1236272",
"url": "https://bugzilla.suse.com/1236272"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-11218 page",
"url": "https://www.suse.com/security/cve/CVE-2024-11218/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-9407 page",
"url": "https://www.suse.com/security/cve/CVE-2024-9407/"
}
],
"title": "Security update for buildah",
"tracking": {
"current_release_date": "2025-02-01T09:53:09Z",
"generator": {
"date": "2025-02-01T09:53:09Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:0319-1",
"initial_release_date": "2025-02-01T09:53:09Z",
"revision_history": [
{
"date": "2025-02-01T09:53:09Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "buildah-1.35.5-150400.3.36.1.aarch64",
"product": {
"name": "buildah-1.35.5-150400.3.36.1.aarch64",
"product_id": "buildah-1.35.5-150400.3.36.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "buildah-1.35.5-150400.3.36.1.i586",
"product": {
"name": "buildah-1.35.5-150400.3.36.1.i586",
"product_id": "buildah-1.35.5-150400.3.36.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "buildah-1.35.5-150400.3.36.1.ppc64le",
"product": {
"name": "buildah-1.35.5-150400.3.36.1.ppc64le",
"product_id": "buildah-1.35.5-150400.3.36.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "buildah-1.35.5-150400.3.36.1.s390x",
"product": {
"name": "buildah-1.35.5-150400.3.36.1.s390x",
"product_id": "buildah-1.35.5-150400.3.36.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "buildah-1.35.5-150400.3.36.1.x86_64",
"product": {
"name": "buildah-1.35.5-150400.3.36.1.x86_64",
"product_id": "buildah-1.35.5-150400.3.36.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-1.35.5-150400.3.36.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:buildah-1.35.5-150400.3.36.1.aarch64"
},
"product_reference": "buildah-1.35.5-150400.3.36.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-1.35.5-150400.3.36.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:buildah-1.35.5-150400.3.36.1.x86_64"
},
"product_reference": "buildah-1.35.5-150400.3.36.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-1.35.5-150400.3.36.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:buildah-1.35.5-150400.3.36.1.aarch64"
},
"product_reference": "buildah-1.35.5-150400.3.36.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-1.35.5-150400.3.36.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:buildah-1.35.5-150400.3.36.1.x86_64"
},
"product_reference": "buildah-1.35.5-150400.3.36.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-1.35.5-150400.3.36.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:buildah-1.35.5-150400.3.36.1.aarch64"
},
"product_reference": "buildah-1.35.5-150400.3.36.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-1.35.5-150400.3.36.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:buildah-1.35.5-150400.3.36.1.ppc64le"
},
"product_reference": "buildah-1.35.5-150400.3.36.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-1.35.5-150400.3.36.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:buildah-1.35.5-150400.3.36.1.s390x"
},
"product_reference": "buildah-1.35.5-150400.3.36.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-1.35.5-150400.3.36.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:buildah-1.35.5-150400.3.36.1.x86_64"
},
"product_reference": "buildah-1.35.5-150400.3.36.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-1.35.5-150400.3.36.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:buildah-1.35.5-150400.3.36.1.ppc64le"
},
"product_reference": "buildah-1.35.5-150400.3.36.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-1.35.5-150400.3.36.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:buildah-1.35.5-150400.3.36.1.x86_64"
},
"product_reference": "buildah-1.35.5-150400.3.36.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-11218",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-11218"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability was found in `podman build` and `buildah.` This issue occurs in a container breakout by using --jobs=2 and a race condition when building a malicious Containerfile. SELinux might mitigate it, but even with SELinux on, it still allows the enumeration of files and directories on the host.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:buildah-1.35.5-150400.3.36.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:buildah-1.35.5-150400.3.36.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:buildah-1.35.5-150400.3.36.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:buildah-1.35.5-150400.3.36.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:buildah-1.35.5-150400.3.36.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:buildah-1.35.5-150400.3.36.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:buildah-1.35.5-150400.3.36.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:buildah-1.35.5-150400.3.36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:buildah-1.35.5-150400.3.36.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:buildah-1.35.5-150400.3.36.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-11218",
"url": "https://www.suse.com/security/cve/CVE-2024-11218"
},
{
"category": "external",
"summary": "SUSE Bug 1236269 for CVE-2024-11218",
"url": "https://bugzilla.suse.com/1236269"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:buildah-1.35.5-150400.3.36.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:buildah-1.35.5-150400.3.36.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:buildah-1.35.5-150400.3.36.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:buildah-1.35.5-150400.3.36.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:buildah-1.35.5-150400.3.36.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:buildah-1.35.5-150400.3.36.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:buildah-1.35.5-150400.3.36.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:buildah-1.35.5-150400.3.36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:buildah-1.35.5-150400.3.36.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:buildah-1.35.5-150400.3.36.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:buildah-1.35.5-150400.3.36.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:buildah-1.35.5-150400.3.36.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:buildah-1.35.5-150400.3.36.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:buildah-1.35.5-150400.3.36.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:buildah-1.35.5-150400.3.36.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:buildah-1.35.5-150400.3.36.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:buildah-1.35.5-150400.3.36.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:buildah-1.35.5-150400.3.36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:buildah-1.35.5-150400.3.36.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:buildah-1.35.5-150400.3.36.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-01T09:53:09Z",
"details": "important"
}
],
"title": "CVE-2024-11218"
},
{
"cve": "CVE-2024-9407",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-9407"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability exists in the bind-propagation option of the Dockerfile RUN --mount instruction. The system does not properly validate the input passed to this option, allowing users to pass arbitrary parameters to the mount instruction. This issue can be exploited to mount sensitive directories from the host into a container during the build process and, in some cases, modify the contents of those mounted files. Even if SELinux is used, this vulnerability can bypass its protection by allowing the source directory to be relabeled to give the container access to host files.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:buildah-1.35.5-150400.3.36.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:buildah-1.35.5-150400.3.36.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:buildah-1.35.5-150400.3.36.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:buildah-1.35.5-150400.3.36.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:buildah-1.35.5-150400.3.36.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:buildah-1.35.5-150400.3.36.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:buildah-1.35.5-150400.3.36.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:buildah-1.35.5-150400.3.36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:buildah-1.35.5-150400.3.36.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:buildah-1.35.5-150400.3.36.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-9407",
"url": "https://www.suse.com/security/cve/CVE-2024-9407"
},
{
"category": "external",
"summary": "SUSE Bug 1231208 for CVE-2024-9407",
"url": "https://bugzilla.suse.com/1231208"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:buildah-1.35.5-150400.3.36.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:buildah-1.35.5-150400.3.36.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:buildah-1.35.5-150400.3.36.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:buildah-1.35.5-150400.3.36.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:buildah-1.35.5-150400.3.36.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:buildah-1.35.5-150400.3.36.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:buildah-1.35.5-150400.3.36.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:buildah-1.35.5-150400.3.36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:buildah-1.35.5-150400.3.36.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:buildah-1.35.5-150400.3.36.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:buildah-1.35.5-150400.3.36.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:buildah-1.35.5-150400.3.36.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:buildah-1.35.5-150400.3.36.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:buildah-1.35.5-150400.3.36.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:buildah-1.35.5-150400.3.36.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:buildah-1.35.5-150400.3.36.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:buildah-1.35.5-150400.3.36.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:buildah-1.35.5-150400.3.36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:buildah-1.35.5-150400.3.36.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:buildah-1.35.5-150400.3.36.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-01T09:53:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-9407"
}
]
}
SUSE-SU-2025:0320-1
Vulnerability from csaf_suse - Published: 2025-02-01 09:53 - Updated: 2025-02-01 09:53Summary
Security update for buildah
Severity
Important
Notes
Title of the patch: Security update for buildah
Description of the patch: This update for buildah fixes the following issues:
- Update to version 1.35.5
- CVE-2024-11218: Fix TOCTOU error when bind and cache mounts use 'src' values. (bsc#1236272)
Patchnames: SUSE-2025-320,SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-320,SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-320,SUSE-SLE-Product-SLES_SAP-15-SP3-2025-320,SUSE-Storage-7.1-2025-320
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.7 (High)
Affected products
Recommended
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 7.1:buildah-1.35.5-150300.8.31.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:buildah-1.35.5-150300.8.31.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:buildah-1.35.5-150300.8.31.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:buildah-1.35.5-150300.8.31.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:buildah-1.35.5-150300.8.31.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:buildah-1.35.5-150300.8.31.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:buildah-1.35.5-150300.8.31.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:buildah-1.35.5-150300.8.31.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:buildah-1.35.5-150300.8.31.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:buildah-1.35.5-150300.8.31.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.3 (Medium)
Affected products
Recommended
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 7.1:buildah-1.35.5-150300.8.31.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:buildah-1.35.5-150300.8.31.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:buildah-1.35.5-150300.8.31.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:buildah-1.35.5-150300.8.31.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:buildah-1.35.5-150300.8.31.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:buildah-1.35.5-150300.8.31.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:buildah-1.35.5-150300.8.31.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:buildah-1.35.5-150300.8.31.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:buildah-1.35.5-150300.8.31.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:buildah-1.35.5-150300.8.31.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
11 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for buildah",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for buildah fixes the following issues:\n\n- Update to version 1.35.5 \n- CVE-2024-11218: Fix TOCTOU error when bind and cache mounts use \u0027src\u0027 values. (bsc#1236272)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-320,SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-320,SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-320,SUSE-SLE-Product-SLES_SAP-15-SP3-2025-320,SUSE-Storage-7.1-2025-320",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_0320-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:0320-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20250320-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:0320-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-February/020253.html"
},
{
"category": "self",
"summary": "SUSE Bug 1236272",
"url": "https://bugzilla.suse.com/1236272"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-11218 page",
"url": "https://www.suse.com/security/cve/CVE-2024-11218/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-9407 page",
"url": "https://www.suse.com/security/cve/CVE-2024-9407/"
}
],
"title": "Security update for buildah",
"tracking": {
"current_release_date": "2025-02-01T09:53:55Z",
"generator": {
"date": "2025-02-01T09:53:55Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:0320-1",
"initial_release_date": "2025-02-01T09:53:55Z",
"revision_history": [
{
"date": "2025-02-01T09:53:55Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "buildah-1.35.5-150300.8.31.2.aarch64",
"product": {
"name": "buildah-1.35.5-150300.8.31.2.aarch64",
"product_id": "buildah-1.35.5-150300.8.31.2.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "buildah-1.35.5-150300.8.31.2.i586",
"product": {
"name": "buildah-1.35.5-150300.8.31.2.i586",
"product_id": "buildah-1.35.5-150300.8.31.2.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "buildah-1.35.5-150300.8.31.2.ppc64le",
"product": {
"name": "buildah-1.35.5-150300.8.31.2.ppc64le",
"product_id": "buildah-1.35.5-150300.8.31.2.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "buildah-1.35.5-150300.8.31.2.s390x",
"product": {
"name": "buildah-1.35.5-150300.8.31.2.s390x",
"product_id": "buildah-1.35.5-150300.8.31.2.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "buildah-1.35.5-150300.8.31.2.x86_64",
"product": {
"name": "buildah-1.35.5-150300.8.31.2.x86_64",
"product_id": "buildah-1.35.5-150300.8.31.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Enterprise Storage 7.1",
"product": {
"name": "SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:ses:7.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-1.35.5-150300.8.31.2.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:buildah-1.35.5-150300.8.31.2.aarch64"
},
"product_reference": "buildah-1.35.5-150300.8.31.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-1.35.5-150300.8.31.2.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:buildah-1.35.5-150300.8.31.2.x86_64"
},
"product_reference": "buildah-1.35.5-150300.8.31.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-1.35.5-150300.8.31.2.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:buildah-1.35.5-150300.8.31.2.aarch64"
},
"product_reference": "buildah-1.35.5-150300.8.31.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-1.35.5-150300.8.31.2.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:buildah-1.35.5-150300.8.31.2.ppc64le"
},
"product_reference": "buildah-1.35.5-150300.8.31.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-1.35.5-150300.8.31.2.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:buildah-1.35.5-150300.8.31.2.s390x"
},
"product_reference": "buildah-1.35.5-150300.8.31.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-1.35.5-150300.8.31.2.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:buildah-1.35.5-150300.8.31.2.x86_64"
},
"product_reference": "buildah-1.35.5-150300.8.31.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-1.35.5-150300.8.31.2.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:buildah-1.35.5-150300.8.31.2.ppc64le"
},
"product_reference": "buildah-1.35.5-150300.8.31.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-1.35.5-150300.8.31.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:buildah-1.35.5-150300.8.31.2.x86_64"
},
"product_reference": "buildah-1.35.5-150300.8.31.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-1.35.5-150300.8.31.2.aarch64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:buildah-1.35.5-150300.8.31.2.aarch64"
},
"product_reference": "buildah-1.35.5-150300.8.31.2.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-1.35.5-150300.8.31.2.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:buildah-1.35.5-150300.8.31.2.x86_64"
},
"product_reference": "buildah-1.35.5-150300.8.31.2.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-11218",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-11218"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability was found in `podman build` and `buildah.` This issue occurs in a container breakout by using --jobs=2 and a race condition when building a malicious Containerfile. SELinux might mitigate it, but even with SELinux on, it still allows the enumeration of files and directories on the host.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:buildah-1.35.5-150300.8.31.2.aarch64",
"SUSE Enterprise Storage 7.1:buildah-1.35.5-150300.8.31.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:buildah-1.35.5-150300.8.31.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:buildah-1.35.5-150300.8.31.2.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:buildah-1.35.5-150300.8.31.2.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:buildah-1.35.5-150300.8.31.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:buildah-1.35.5-150300.8.31.2.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:buildah-1.35.5-150300.8.31.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:buildah-1.35.5-150300.8.31.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:buildah-1.35.5-150300.8.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-11218",
"url": "https://www.suse.com/security/cve/CVE-2024-11218"
},
{
"category": "external",
"summary": "SUSE Bug 1236269 for CVE-2024-11218",
"url": "https://bugzilla.suse.com/1236269"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:buildah-1.35.5-150300.8.31.2.aarch64",
"SUSE Enterprise Storage 7.1:buildah-1.35.5-150300.8.31.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:buildah-1.35.5-150300.8.31.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:buildah-1.35.5-150300.8.31.2.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:buildah-1.35.5-150300.8.31.2.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:buildah-1.35.5-150300.8.31.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:buildah-1.35.5-150300.8.31.2.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:buildah-1.35.5-150300.8.31.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:buildah-1.35.5-150300.8.31.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:buildah-1.35.5-150300.8.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:buildah-1.35.5-150300.8.31.2.aarch64",
"SUSE Enterprise Storage 7.1:buildah-1.35.5-150300.8.31.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:buildah-1.35.5-150300.8.31.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:buildah-1.35.5-150300.8.31.2.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:buildah-1.35.5-150300.8.31.2.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:buildah-1.35.5-150300.8.31.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:buildah-1.35.5-150300.8.31.2.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:buildah-1.35.5-150300.8.31.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:buildah-1.35.5-150300.8.31.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:buildah-1.35.5-150300.8.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-01T09:53:55Z",
"details": "important"
}
],
"title": "CVE-2024-11218"
},
{
"cve": "CVE-2024-9407",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-9407"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability exists in the bind-propagation option of the Dockerfile RUN --mount instruction. The system does not properly validate the input passed to this option, allowing users to pass arbitrary parameters to the mount instruction. This issue can be exploited to mount sensitive directories from the host into a container during the build process and, in some cases, modify the contents of those mounted files. Even if SELinux is used, this vulnerability can bypass its protection by allowing the source directory to be relabeled to give the container access to host files.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:buildah-1.35.5-150300.8.31.2.aarch64",
"SUSE Enterprise Storage 7.1:buildah-1.35.5-150300.8.31.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:buildah-1.35.5-150300.8.31.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:buildah-1.35.5-150300.8.31.2.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:buildah-1.35.5-150300.8.31.2.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:buildah-1.35.5-150300.8.31.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:buildah-1.35.5-150300.8.31.2.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:buildah-1.35.5-150300.8.31.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:buildah-1.35.5-150300.8.31.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:buildah-1.35.5-150300.8.31.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-9407",
"url": "https://www.suse.com/security/cve/CVE-2024-9407"
},
{
"category": "external",
"summary": "SUSE Bug 1231208 for CVE-2024-9407",
"url": "https://bugzilla.suse.com/1231208"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:buildah-1.35.5-150300.8.31.2.aarch64",
"SUSE Enterprise Storage 7.1:buildah-1.35.5-150300.8.31.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:buildah-1.35.5-150300.8.31.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:buildah-1.35.5-150300.8.31.2.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:buildah-1.35.5-150300.8.31.2.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:buildah-1.35.5-150300.8.31.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:buildah-1.35.5-150300.8.31.2.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:buildah-1.35.5-150300.8.31.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:buildah-1.35.5-150300.8.31.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:buildah-1.35.5-150300.8.31.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:buildah-1.35.5-150300.8.31.2.aarch64",
"SUSE Enterprise Storage 7.1:buildah-1.35.5-150300.8.31.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:buildah-1.35.5-150300.8.31.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:buildah-1.35.5-150300.8.31.2.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:buildah-1.35.5-150300.8.31.2.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:buildah-1.35.5-150300.8.31.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:buildah-1.35.5-150300.8.31.2.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:buildah-1.35.5-150300.8.31.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:buildah-1.35.5-150300.8.31.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:buildah-1.35.5-150300.8.31.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-01T09:53:55Z",
"details": "moderate"
}
],
"title": "CVE-2024-9407"
}
]
}
SUSE-SU-2025:0382-1
Vulnerability from csaf_suse - Published: 2025-02-07 08:44 - Updated: 2025-02-07 08:44Summary
Security update for podman
Severity
Important
Notes
Title of the patch: Security update for podman
Description of the patch: This update for podman fixes the following issues:
- CVE-2024-11218: Fixed a container breakout by using --jobs=2 and a race condition when building a malicious Containerfile. (bsc#1236270)
Patchnames: SUSE-2025-382,SUSE-SLE-Micro-5.5-2025-382,SUSE-SLE-Module-Containers-15-SP6-2025-382,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-382,SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-382,SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-382,SUSE-SLE-Product-SLES_SAP-15-SP5-2025-382,openSUSE-SLE-15.6-2025-382
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.7 (High)
Affected products
Recommended
73 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:podman-4.9.5-150500.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:podman-4.9.5-150500.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:podman-docker-4.9.5-150500.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:podman-remote-4.9.5-150500.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:podman-remote-4.9.5-150500.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:podmansh-4.9.5-150500.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:podmansh-4.9.5-150500.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:podman-4.9.5-150500.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:podman-4.9.5-150500.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:podman-docker-4.9.5-150500.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:podman-remote-4.9.5-150500.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:podman-remote-4.9.5-150500.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:podmansh-4.9.5-150500.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:podmansh-4.9.5-150500.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:podman-4.9.5-150500.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:podman-4.9.5-150500.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:podman-4.9.5-150500.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:podman-4.9.5-150500.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:podman-docker-4.9.5-150500.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:podman-remote-4.9.5-150500.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:podman-remote-4.9.5-150500.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:podman-remote-4.9.5-150500.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:podman-remote-4.9.5-150500.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:podmansh-4.9.5-150500.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:podmansh-4.9.5-150500.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:podmansh-4.9.5-150500.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:podmansh-4.9.5-150500.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP6:podman-4.9.5-150500.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP6:podman-4.9.5-150500.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP6:podman-4.9.5-150500.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP6:podman-4.9.5-150500.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP6:podman-docker-4.9.5-150500.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP6:podman-remote-4.9.5-150500.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP6:podman-remote-4.9.5-150500.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP6:podman-remote-4.9.5-150500.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP6:podman-remote-4.9.5-150500.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP6:podmansh-4.9.5-150500.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP6:podmansh-4.9.5-150500.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP6:podmansh-4.9.5-150500.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP6:podmansh-4.9.5-150500.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:podman-4.9.5-150500.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:podman-4.9.5-150500.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:podman-4.9.5-150500.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:podman-4.9.5-150500.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:podman-docker-4.9.5-150500.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:podman-remote-4.9.5-150500.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:podman-remote-4.9.5-150500.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:podman-remote-4.9.5-150500.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:podman-remote-4.9.5-150500.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:podmansh-4.9.5-150500.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:podmansh-4.9.5-150500.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:podmansh-4.9.5-150500.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:podmansh-4.9.5-150500.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:podman-4.9.5-150500.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:podman-4.9.5-150500.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:podman-docker-4.9.5-150500.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:podman-remote-4.9.5-150500.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:podman-remote-4.9.5-150500.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:podmansh-4.9.5-150500.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:podmansh-4.9.5-150500.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:podman-4.9.5-150500.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:podman-4.9.5-150500.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:podman-4.9.5-150500.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:podman-4.9.5-150500.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:podman-docker-4.9.5-150500.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:podman-remote-4.9.5-150500.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:podman-remote-4.9.5-150500.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:podman-remote-4.9.5-150500.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:podman-remote-4.9.5-150500.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:podmansh-4.9.5-150500.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:podmansh-4.9.5-150500.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:podmansh-4.9.5-150500.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:podmansh-4.9.5-150500.3.31.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
8 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for podman",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for podman fixes the following issues:\n\n- CVE-2024-11218: Fixed a container breakout by using --jobs=2 and a race condition when building a malicious Containerfile. (bsc#1236270)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-382,SUSE-SLE-Micro-5.5-2025-382,SUSE-SLE-Module-Containers-15-SP6-2025-382,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-382,SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-382,SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-382,SUSE-SLE-Product-SLES_SAP-15-SP5-2025-382,openSUSE-SLE-15.6-2025-382",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_0382-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:0382-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20250382-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:0382-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-February/020287.html"
},
{
"category": "self",
"summary": "SUSE Bug 1236270",
"url": "https://bugzilla.suse.com/1236270"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-11218 page",
"url": "https://www.suse.com/security/cve/CVE-2024-11218/"
}
],
"title": "Security update for podman",
"tracking": {
"current_release_date": "2025-02-07T08:44:01Z",
"generator": {
"date": "2025-02-07T08:44:01Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:0382-1",
"initial_release_date": "2025-02-07T08:44:01Z",
"revision_history": [
{
"date": "2025-02-07T08:44:01Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "podman-4.9.5-150500.3.31.1.aarch64",
"product": {
"name": "podman-4.9.5-150500.3.31.1.aarch64",
"product_id": "podman-4.9.5-150500.3.31.1.aarch64"
}
},
{
"category": "product_version",
"name": "podman-remote-4.9.5-150500.3.31.1.aarch64",
"product": {
"name": "podman-remote-4.9.5-150500.3.31.1.aarch64",
"product_id": "podman-remote-4.9.5-150500.3.31.1.aarch64"
}
},
{
"category": "product_version",
"name": "podmansh-4.9.5-150500.3.31.1.aarch64",
"product": {
"name": "podmansh-4.9.5-150500.3.31.1.aarch64",
"product_id": "podmansh-4.9.5-150500.3.31.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-4.9.5-150500.3.31.1.i586",
"product": {
"name": "podman-4.9.5-150500.3.31.1.i586",
"product_id": "podman-4.9.5-150500.3.31.1.i586"
}
},
{
"category": "product_version",
"name": "podman-remote-4.9.5-150500.3.31.1.i586",
"product": {
"name": "podman-remote-4.9.5-150500.3.31.1.i586",
"product_id": "podman-remote-4.9.5-150500.3.31.1.i586"
}
},
{
"category": "product_version",
"name": "podmansh-4.9.5-150500.3.31.1.i586",
"product": {
"name": "podmansh-4.9.5-150500.3.31.1.i586",
"product_id": "podmansh-4.9.5-150500.3.31.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-docker-4.9.5-150500.3.31.1.noarch",
"product": {
"name": "podman-docker-4.9.5-150500.3.31.1.noarch",
"product_id": "podman-docker-4.9.5-150500.3.31.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-4.9.5-150500.3.31.1.ppc64le",
"product": {
"name": "podman-4.9.5-150500.3.31.1.ppc64le",
"product_id": "podman-4.9.5-150500.3.31.1.ppc64le"
}
},
{
"category": "product_version",
"name": "podman-remote-4.9.5-150500.3.31.1.ppc64le",
"product": {
"name": "podman-remote-4.9.5-150500.3.31.1.ppc64le",
"product_id": "podman-remote-4.9.5-150500.3.31.1.ppc64le"
}
},
{
"category": "product_version",
"name": "podmansh-4.9.5-150500.3.31.1.ppc64le",
"product": {
"name": "podmansh-4.9.5-150500.3.31.1.ppc64le",
"product_id": "podmansh-4.9.5-150500.3.31.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-4.9.5-150500.3.31.1.s390x",
"product": {
"name": "podman-4.9.5-150500.3.31.1.s390x",
"product_id": "podman-4.9.5-150500.3.31.1.s390x"
}
},
{
"category": "product_version",
"name": "podman-remote-4.9.5-150500.3.31.1.s390x",
"product": {
"name": "podman-remote-4.9.5-150500.3.31.1.s390x",
"product_id": "podman-remote-4.9.5-150500.3.31.1.s390x"
}
},
{
"category": "product_version",
"name": "podmansh-4.9.5-150500.3.31.1.s390x",
"product": {
"name": "podmansh-4.9.5-150500.3.31.1.s390x",
"product_id": "podmansh-4.9.5-150500.3.31.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-4.9.5-150500.3.31.1.x86_64",
"product": {
"name": "podman-4.9.5-150500.3.31.1.x86_64",
"product_id": "podman-4.9.5-150500.3.31.1.x86_64"
}
},
{
"category": "product_version",
"name": "podman-remote-4.9.5-150500.3.31.1.x86_64",
"product": {
"name": "podman-remote-4.9.5-150500.3.31.1.x86_64",
"product_id": "podman-remote-4.9.5-150500.3.31.1.x86_64"
}
},
{
"category": "product_version",
"name": "podmansh-4.9.5-150500.3.31.1.x86_64",
"product": {
"name": "podmansh-4.9.5-150500.3.31.1.x86_64",
"product_id": "podmansh-4.9.5-150500.3.31.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.5",
"product": {
"name": "SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-micro:5.5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Containers 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-containers:15:sp6"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp5"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150500.3.31.1.aarch64 as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:podman-4.9.5-150500.3.31.1.aarch64"
},
"product_reference": "podman-4.9.5-150500.3.31.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150500.3.31.1.ppc64le as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:podman-4.9.5-150500.3.31.1.ppc64le"
},
"product_reference": "podman-4.9.5-150500.3.31.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150500.3.31.1.s390x as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:podman-4.9.5-150500.3.31.1.s390x"
},
"product_reference": "podman-4.9.5-150500.3.31.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150500.3.31.1.x86_64 as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:podman-4.9.5-150500.3.31.1.x86_64"
},
"product_reference": "podman-4.9.5-150500.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-docker-4.9.5-150500.3.31.1.noarch as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:podman-docker-4.9.5-150500.3.31.1.noarch"
},
"product_reference": "podman-docker-4.9.5-150500.3.31.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150500.3.31.1.aarch64 as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:podman-remote-4.9.5-150500.3.31.1.aarch64"
},
"product_reference": "podman-remote-4.9.5-150500.3.31.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150500.3.31.1.ppc64le as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:podman-remote-4.9.5-150500.3.31.1.ppc64le"
},
"product_reference": "podman-remote-4.9.5-150500.3.31.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150500.3.31.1.s390x as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:podman-remote-4.9.5-150500.3.31.1.s390x"
},
"product_reference": "podman-remote-4.9.5-150500.3.31.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150500.3.31.1.x86_64 as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:podman-remote-4.9.5-150500.3.31.1.x86_64"
},
"product_reference": "podman-remote-4.9.5-150500.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podmansh-4.9.5-150500.3.31.1.aarch64 as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:podmansh-4.9.5-150500.3.31.1.aarch64"
},
"product_reference": "podmansh-4.9.5-150500.3.31.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podmansh-4.9.5-150500.3.31.1.ppc64le as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:podmansh-4.9.5-150500.3.31.1.ppc64le"
},
"product_reference": "podmansh-4.9.5-150500.3.31.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podmansh-4.9.5-150500.3.31.1.s390x as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:podmansh-4.9.5-150500.3.31.1.s390x"
},
"product_reference": "podmansh-4.9.5-150500.3.31.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podmansh-4.9.5-150500.3.31.1.x86_64 as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:podmansh-4.9.5-150500.3.31.1.x86_64"
},
"product_reference": "podmansh-4.9.5-150500.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150500.3.31.1.aarch64 as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:podman-4.9.5-150500.3.31.1.aarch64"
},
"product_reference": "podman-4.9.5-150500.3.31.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150500.3.31.1.ppc64le as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:podman-4.9.5-150500.3.31.1.ppc64le"
},
"product_reference": "podman-4.9.5-150500.3.31.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150500.3.31.1.s390x as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:podman-4.9.5-150500.3.31.1.s390x"
},
"product_reference": "podman-4.9.5-150500.3.31.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150500.3.31.1.x86_64 as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:podman-4.9.5-150500.3.31.1.x86_64"
},
"product_reference": "podman-4.9.5-150500.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-docker-4.9.5-150500.3.31.1.noarch as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:podman-docker-4.9.5-150500.3.31.1.noarch"
},
"product_reference": "podman-docker-4.9.5-150500.3.31.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150500.3.31.1.aarch64 as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:podman-remote-4.9.5-150500.3.31.1.aarch64"
},
"product_reference": "podman-remote-4.9.5-150500.3.31.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150500.3.31.1.ppc64le as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:podman-remote-4.9.5-150500.3.31.1.ppc64le"
},
"product_reference": "podman-remote-4.9.5-150500.3.31.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150500.3.31.1.s390x as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:podman-remote-4.9.5-150500.3.31.1.s390x"
},
"product_reference": "podman-remote-4.9.5-150500.3.31.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150500.3.31.1.x86_64 as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:podman-remote-4.9.5-150500.3.31.1.x86_64"
},
"product_reference": "podman-remote-4.9.5-150500.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podmansh-4.9.5-150500.3.31.1.aarch64 as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:podmansh-4.9.5-150500.3.31.1.aarch64"
},
"product_reference": "podmansh-4.9.5-150500.3.31.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podmansh-4.9.5-150500.3.31.1.ppc64le as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:podmansh-4.9.5-150500.3.31.1.ppc64le"
},
"product_reference": "podmansh-4.9.5-150500.3.31.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podmansh-4.9.5-150500.3.31.1.s390x as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:podmansh-4.9.5-150500.3.31.1.s390x"
},
"product_reference": "podmansh-4.9.5-150500.3.31.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podmansh-4.9.5-150500.3.31.1.x86_64 as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:podmansh-4.9.5-150500.3.31.1.x86_64"
},
"product_reference": "podmansh-4.9.5-150500.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150500.3.31.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:podman-4.9.5-150500.3.31.1.aarch64"
},
"product_reference": "podman-4.9.5-150500.3.31.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150500.3.31.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:podman-4.9.5-150500.3.31.1.x86_64"
},
"product_reference": "podman-4.9.5-150500.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-docker-4.9.5-150500.3.31.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:podman-docker-4.9.5-150500.3.31.1.noarch"
},
"product_reference": "podman-docker-4.9.5-150500.3.31.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150500.3.31.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:podman-remote-4.9.5-150500.3.31.1.aarch64"
},
"product_reference": "podman-remote-4.9.5-150500.3.31.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150500.3.31.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:podman-remote-4.9.5-150500.3.31.1.x86_64"
},
"product_reference": "podman-remote-4.9.5-150500.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podmansh-4.9.5-150500.3.31.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:podmansh-4.9.5-150500.3.31.1.aarch64"
},
"product_reference": "podmansh-4.9.5-150500.3.31.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podmansh-4.9.5-150500.3.31.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:podmansh-4.9.5-150500.3.31.1.x86_64"
},
"product_reference": "podmansh-4.9.5-150500.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150500.3.31.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:podman-4.9.5-150500.3.31.1.aarch64"
},
"product_reference": "podman-4.9.5-150500.3.31.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150500.3.31.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:podman-4.9.5-150500.3.31.1.x86_64"
},
"product_reference": "podman-4.9.5-150500.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-docker-4.9.5-150500.3.31.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:podman-docker-4.9.5-150500.3.31.1.noarch"
},
"product_reference": "podman-docker-4.9.5-150500.3.31.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150500.3.31.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:podman-remote-4.9.5-150500.3.31.1.aarch64"
},
"product_reference": "podman-remote-4.9.5-150500.3.31.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150500.3.31.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:podman-remote-4.9.5-150500.3.31.1.x86_64"
},
"product_reference": "podman-remote-4.9.5-150500.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podmansh-4.9.5-150500.3.31.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:podmansh-4.9.5-150500.3.31.1.aarch64"
},
"product_reference": "podmansh-4.9.5-150500.3.31.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podmansh-4.9.5-150500.3.31.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:podmansh-4.9.5-150500.3.31.1.x86_64"
},
"product_reference": "podmansh-4.9.5-150500.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150500.3.31.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:podman-4.9.5-150500.3.31.1.aarch64"
},
"product_reference": "podman-4.9.5-150500.3.31.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150500.3.31.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:podman-4.9.5-150500.3.31.1.ppc64le"
},
"product_reference": "podman-4.9.5-150500.3.31.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150500.3.31.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:podman-4.9.5-150500.3.31.1.s390x"
},
"product_reference": "podman-4.9.5-150500.3.31.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150500.3.31.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:podman-4.9.5-150500.3.31.1.x86_64"
},
"product_reference": "podman-4.9.5-150500.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-docker-4.9.5-150500.3.31.1.noarch as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:podman-docker-4.9.5-150500.3.31.1.noarch"
},
"product_reference": "podman-docker-4.9.5-150500.3.31.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150500.3.31.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:podman-remote-4.9.5-150500.3.31.1.aarch64"
},
"product_reference": "podman-remote-4.9.5-150500.3.31.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150500.3.31.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:podman-remote-4.9.5-150500.3.31.1.ppc64le"
},
"product_reference": "podman-remote-4.9.5-150500.3.31.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150500.3.31.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:podman-remote-4.9.5-150500.3.31.1.s390x"
},
"product_reference": "podman-remote-4.9.5-150500.3.31.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150500.3.31.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:podman-remote-4.9.5-150500.3.31.1.x86_64"
},
"product_reference": "podman-remote-4.9.5-150500.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podmansh-4.9.5-150500.3.31.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:podmansh-4.9.5-150500.3.31.1.aarch64"
},
"product_reference": "podmansh-4.9.5-150500.3.31.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podmansh-4.9.5-150500.3.31.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:podmansh-4.9.5-150500.3.31.1.ppc64le"
},
"product_reference": "podmansh-4.9.5-150500.3.31.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podmansh-4.9.5-150500.3.31.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:podmansh-4.9.5-150500.3.31.1.s390x"
},
"product_reference": "podmansh-4.9.5-150500.3.31.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podmansh-4.9.5-150500.3.31.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:podmansh-4.9.5-150500.3.31.1.x86_64"
},
"product_reference": "podmansh-4.9.5-150500.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150500.3.31.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:podman-4.9.5-150500.3.31.1.ppc64le"
},
"product_reference": "podman-4.9.5-150500.3.31.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150500.3.31.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:podman-4.9.5-150500.3.31.1.x86_64"
},
"product_reference": "podman-4.9.5-150500.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-docker-4.9.5-150500.3.31.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:podman-docker-4.9.5-150500.3.31.1.noarch"
},
"product_reference": "podman-docker-4.9.5-150500.3.31.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150500.3.31.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:podman-remote-4.9.5-150500.3.31.1.ppc64le"
},
"product_reference": "podman-remote-4.9.5-150500.3.31.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150500.3.31.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:podman-remote-4.9.5-150500.3.31.1.x86_64"
},
"product_reference": "podman-remote-4.9.5-150500.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podmansh-4.9.5-150500.3.31.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:podmansh-4.9.5-150500.3.31.1.ppc64le"
},
"product_reference": "podmansh-4.9.5-150500.3.31.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podmansh-4.9.5-150500.3.31.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:podmansh-4.9.5-150500.3.31.1.x86_64"
},
"product_reference": "podmansh-4.9.5-150500.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150500.3.31.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:podman-4.9.5-150500.3.31.1.aarch64"
},
"product_reference": "podman-4.9.5-150500.3.31.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150500.3.31.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:podman-4.9.5-150500.3.31.1.ppc64le"
},
"product_reference": "podman-4.9.5-150500.3.31.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150500.3.31.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:podman-4.9.5-150500.3.31.1.s390x"
},
"product_reference": "podman-4.9.5-150500.3.31.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150500.3.31.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:podman-4.9.5-150500.3.31.1.x86_64"
},
"product_reference": "podman-4.9.5-150500.3.31.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-docker-4.9.5-150500.3.31.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:podman-docker-4.9.5-150500.3.31.1.noarch"
},
"product_reference": "podman-docker-4.9.5-150500.3.31.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150500.3.31.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:podman-remote-4.9.5-150500.3.31.1.aarch64"
},
"product_reference": "podman-remote-4.9.5-150500.3.31.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150500.3.31.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:podman-remote-4.9.5-150500.3.31.1.ppc64le"
},
"product_reference": "podman-remote-4.9.5-150500.3.31.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150500.3.31.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:podman-remote-4.9.5-150500.3.31.1.s390x"
},
"product_reference": "podman-remote-4.9.5-150500.3.31.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150500.3.31.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:podman-remote-4.9.5-150500.3.31.1.x86_64"
},
"product_reference": "podman-remote-4.9.5-150500.3.31.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podmansh-4.9.5-150500.3.31.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:podmansh-4.9.5-150500.3.31.1.aarch64"
},
"product_reference": "podmansh-4.9.5-150500.3.31.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podmansh-4.9.5-150500.3.31.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:podmansh-4.9.5-150500.3.31.1.ppc64le"
},
"product_reference": "podmansh-4.9.5-150500.3.31.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podmansh-4.9.5-150500.3.31.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:podmansh-4.9.5-150500.3.31.1.s390x"
},
"product_reference": "podmansh-4.9.5-150500.3.31.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podmansh-4.9.5-150500.3.31.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:podmansh-4.9.5-150500.3.31.1.x86_64"
},
"product_reference": "podmansh-4.9.5-150500.3.31.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-11218",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-11218"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability was found in `podman build` and `buildah.` This issue occurs in a container breakout by using --jobs=2 and a race condition when building a malicious Containerfile. SELinux might mitigate it, but even with SELinux on, it still allows the enumeration of files and directories on the host.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:podman-4.9.5-150500.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:podman-4.9.5-150500.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:podman-docker-4.9.5-150500.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:podman-remote-4.9.5-150500.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:podman-remote-4.9.5-150500.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:podmansh-4.9.5-150500.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:podmansh-4.9.5-150500.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:podman-4.9.5-150500.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:podman-4.9.5-150500.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:podman-docker-4.9.5-150500.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:podman-remote-4.9.5-150500.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:podman-remote-4.9.5-150500.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:podmansh-4.9.5-150500.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:podmansh-4.9.5-150500.3.31.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:podman-4.9.5-150500.3.31.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:podman-4.9.5-150500.3.31.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:podman-4.9.5-150500.3.31.1.s390x",
"SUSE Linux Enterprise Micro 5.5:podman-4.9.5-150500.3.31.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:podman-docker-4.9.5-150500.3.31.1.noarch",
"SUSE Linux Enterprise Micro 5.5:podman-remote-4.9.5-150500.3.31.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:podman-remote-4.9.5-150500.3.31.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:podman-remote-4.9.5-150500.3.31.1.s390x",
"SUSE Linux Enterprise Micro 5.5:podman-remote-4.9.5-150500.3.31.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:podmansh-4.9.5-150500.3.31.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:podmansh-4.9.5-150500.3.31.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:podmansh-4.9.5-150500.3.31.1.s390x",
"SUSE Linux Enterprise Micro 5.5:podmansh-4.9.5-150500.3.31.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:podman-4.9.5-150500.3.31.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:podman-4.9.5-150500.3.31.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:podman-4.9.5-150500.3.31.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:podman-4.9.5-150500.3.31.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:podman-docker-4.9.5-150500.3.31.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP6:podman-remote-4.9.5-150500.3.31.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:podman-remote-4.9.5-150500.3.31.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:podman-remote-4.9.5-150500.3.31.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:podman-remote-4.9.5-150500.3.31.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:podmansh-4.9.5-150500.3.31.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:podmansh-4.9.5-150500.3.31.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:podmansh-4.9.5-150500.3.31.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:podmansh-4.9.5-150500.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:podman-4.9.5-150500.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:podman-4.9.5-150500.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:podman-4.9.5-150500.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:podman-4.9.5-150500.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:podman-docker-4.9.5-150500.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:podman-remote-4.9.5-150500.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:podman-remote-4.9.5-150500.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:podman-remote-4.9.5-150500.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:podman-remote-4.9.5-150500.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:podmansh-4.9.5-150500.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:podmansh-4.9.5-150500.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:podmansh-4.9.5-150500.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:podmansh-4.9.5-150500.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:podman-4.9.5-150500.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:podman-4.9.5-150500.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:podman-docker-4.9.5-150500.3.31.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:podman-remote-4.9.5-150500.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:podman-remote-4.9.5-150500.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:podmansh-4.9.5-150500.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:podmansh-4.9.5-150500.3.31.1.x86_64",
"openSUSE Leap 15.6:podman-4.9.5-150500.3.31.1.aarch64",
"openSUSE Leap 15.6:podman-4.9.5-150500.3.31.1.ppc64le",
"openSUSE Leap 15.6:podman-4.9.5-150500.3.31.1.s390x",
"openSUSE Leap 15.6:podman-4.9.5-150500.3.31.1.x86_64",
"openSUSE Leap 15.6:podman-docker-4.9.5-150500.3.31.1.noarch",
"openSUSE Leap 15.6:podman-remote-4.9.5-150500.3.31.1.aarch64",
"openSUSE Leap 15.6:podman-remote-4.9.5-150500.3.31.1.ppc64le",
"openSUSE Leap 15.6:podman-remote-4.9.5-150500.3.31.1.s390x",
"openSUSE Leap 15.6:podman-remote-4.9.5-150500.3.31.1.x86_64",
"openSUSE Leap 15.6:podmansh-4.9.5-150500.3.31.1.aarch64",
"openSUSE Leap 15.6:podmansh-4.9.5-150500.3.31.1.ppc64le",
"openSUSE Leap 15.6:podmansh-4.9.5-150500.3.31.1.s390x",
"openSUSE Leap 15.6:podmansh-4.9.5-150500.3.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-11218",
"url": "https://www.suse.com/security/cve/CVE-2024-11218"
},
{
"category": "external",
"summary": "SUSE Bug 1236269 for CVE-2024-11218",
"url": "https://bugzilla.suse.com/1236269"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:podman-4.9.5-150500.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:podman-4.9.5-150500.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:podman-docker-4.9.5-150500.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:podman-remote-4.9.5-150500.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:podman-remote-4.9.5-150500.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:podmansh-4.9.5-150500.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:podmansh-4.9.5-150500.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:podman-4.9.5-150500.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:podman-4.9.5-150500.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:podman-docker-4.9.5-150500.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:podman-remote-4.9.5-150500.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:podman-remote-4.9.5-150500.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:podmansh-4.9.5-150500.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:podmansh-4.9.5-150500.3.31.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:podman-4.9.5-150500.3.31.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:podman-4.9.5-150500.3.31.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:podman-4.9.5-150500.3.31.1.s390x",
"SUSE Linux Enterprise Micro 5.5:podman-4.9.5-150500.3.31.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:podman-docker-4.9.5-150500.3.31.1.noarch",
"SUSE Linux Enterprise Micro 5.5:podman-remote-4.9.5-150500.3.31.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:podman-remote-4.9.5-150500.3.31.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:podman-remote-4.9.5-150500.3.31.1.s390x",
"SUSE Linux Enterprise Micro 5.5:podman-remote-4.9.5-150500.3.31.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:podmansh-4.9.5-150500.3.31.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:podmansh-4.9.5-150500.3.31.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:podmansh-4.9.5-150500.3.31.1.s390x",
"SUSE Linux Enterprise Micro 5.5:podmansh-4.9.5-150500.3.31.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:podman-4.9.5-150500.3.31.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:podman-4.9.5-150500.3.31.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:podman-4.9.5-150500.3.31.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:podman-4.9.5-150500.3.31.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:podman-docker-4.9.5-150500.3.31.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP6:podman-remote-4.9.5-150500.3.31.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:podman-remote-4.9.5-150500.3.31.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:podman-remote-4.9.5-150500.3.31.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:podman-remote-4.9.5-150500.3.31.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:podmansh-4.9.5-150500.3.31.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:podmansh-4.9.5-150500.3.31.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:podmansh-4.9.5-150500.3.31.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:podmansh-4.9.5-150500.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:podman-4.9.5-150500.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:podman-4.9.5-150500.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:podman-4.9.5-150500.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:podman-4.9.5-150500.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:podman-docker-4.9.5-150500.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:podman-remote-4.9.5-150500.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:podman-remote-4.9.5-150500.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:podman-remote-4.9.5-150500.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:podman-remote-4.9.5-150500.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:podmansh-4.9.5-150500.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:podmansh-4.9.5-150500.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:podmansh-4.9.5-150500.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:podmansh-4.9.5-150500.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:podman-4.9.5-150500.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:podman-4.9.5-150500.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:podman-docker-4.9.5-150500.3.31.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:podman-remote-4.9.5-150500.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:podman-remote-4.9.5-150500.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:podmansh-4.9.5-150500.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:podmansh-4.9.5-150500.3.31.1.x86_64",
"openSUSE Leap 15.6:podman-4.9.5-150500.3.31.1.aarch64",
"openSUSE Leap 15.6:podman-4.9.5-150500.3.31.1.ppc64le",
"openSUSE Leap 15.6:podman-4.9.5-150500.3.31.1.s390x",
"openSUSE Leap 15.6:podman-4.9.5-150500.3.31.1.x86_64",
"openSUSE Leap 15.6:podman-docker-4.9.5-150500.3.31.1.noarch",
"openSUSE Leap 15.6:podman-remote-4.9.5-150500.3.31.1.aarch64",
"openSUSE Leap 15.6:podman-remote-4.9.5-150500.3.31.1.ppc64le",
"openSUSE Leap 15.6:podman-remote-4.9.5-150500.3.31.1.s390x",
"openSUSE Leap 15.6:podman-remote-4.9.5-150500.3.31.1.x86_64",
"openSUSE Leap 15.6:podmansh-4.9.5-150500.3.31.1.aarch64",
"openSUSE Leap 15.6:podmansh-4.9.5-150500.3.31.1.ppc64le",
"openSUSE Leap 15.6:podmansh-4.9.5-150500.3.31.1.s390x",
"openSUSE Leap 15.6:podmansh-4.9.5-150500.3.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:podman-4.9.5-150500.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:podman-4.9.5-150500.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:podman-docker-4.9.5-150500.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:podman-remote-4.9.5-150500.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:podman-remote-4.9.5-150500.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:podmansh-4.9.5-150500.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:podmansh-4.9.5-150500.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:podman-4.9.5-150500.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:podman-4.9.5-150500.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:podman-docker-4.9.5-150500.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:podman-remote-4.9.5-150500.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:podman-remote-4.9.5-150500.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:podmansh-4.9.5-150500.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:podmansh-4.9.5-150500.3.31.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:podman-4.9.5-150500.3.31.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:podman-4.9.5-150500.3.31.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:podman-4.9.5-150500.3.31.1.s390x",
"SUSE Linux Enterprise Micro 5.5:podman-4.9.5-150500.3.31.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:podman-docker-4.9.5-150500.3.31.1.noarch",
"SUSE Linux Enterprise Micro 5.5:podman-remote-4.9.5-150500.3.31.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:podman-remote-4.9.5-150500.3.31.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:podman-remote-4.9.5-150500.3.31.1.s390x",
"SUSE Linux Enterprise Micro 5.5:podman-remote-4.9.5-150500.3.31.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:podmansh-4.9.5-150500.3.31.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:podmansh-4.9.5-150500.3.31.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:podmansh-4.9.5-150500.3.31.1.s390x",
"SUSE Linux Enterprise Micro 5.5:podmansh-4.9.5-150500.3.31.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:podman-4.9.5-150500.3.31.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:podman-4.9.5-150500.3.31.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:podman-4.9.5-150500.3.31.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:podman-4.9.5-150500.3.31.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:podman-docker-4.9.5-150500.3.31.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP6:podman-remote-4.9.5-150500.3.31.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:podman-remote-4.9.5-150500.3.31.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:podman-remote-4.9.5-150500.3.31.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:podman-remote-4.9.5-150500.3.31.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:podmansh-4.9.5-150500.3.31.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:podmansh-4.9.5-150500.3.31.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:podmansh-4.9.5-150500.3.31.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:podmansh-4.9.5-150500.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:podman-4.9.5-150500.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:podman-4.9.5-150500.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:podman-4.9.5-150500.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:podman-4.9.5-150500.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:podman-docker-4.9.5-150500.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:podman-remote-4.9.5-150500.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:podman-remote-4.9.5-150500.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:podman-remote-4.9.5-150500.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:podman-remote-4.9.5-150500.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:podmansh-4.9.5-150500.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:podmansh-4.9.5-150500.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:podmansh-4.9.5-150500.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:podmansh-4.9.5-150500.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:podman-4.9.5-150500.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:podman-4.9.5-150500.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:podman-docker-4.9.5-150500.3.31.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:podman-remote-4.9.5-150500.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:podman-remote-4.9.5-150500.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:podmansh-4.9.5-150500.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:podmansh-4.9.5-150500.3.31.1.x86_64",
"openSUSE Leap 15.6:podman-4.9.5-150500.3.31.1.aarch64",
"openSUSE Leap 15.6:podman-4.9.5-150500.3.31.1.ppc64le",
"openSUSE Leap 15.6:podman-4.9.5-150500.3.31.1.s390x",
"openSUSE Leap 15.6:podman-4.9.5-150500.3.31.1.x86_64",
"openSUSE Leap 15.6:podman-docker-4.9.5-150500.3.31.1.noarch",
"openSUSE Leap 15.6:podman-remote-4.9.5-150500.3.31.1.aarch64",
"openSUSE Leap 15.6:podman-remote-4.9.5-150500.3.31.1.ppc64le",
"openSUSE Leap 15.6:podman-remote-4.9.5-150500.3.31.1.s390x",
"openSUSE Leap 15.6:podman-remote-4.9.5-150500.3.31.1.x86_64",
"openSUSE Leap 15.6:podmansh-4.9.5-150500.3.31.1.aarch64",
"openSUSE Leap 15.6:podmansh-4.9.5-150500.3.31.1.ppc64le",
"openSUSE Leap 15.6:podmansh-4.9.5-150500.3.31.1.s390x",
"openSUSE Leap 15.6:podmansh-4.9.5-150500.3.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-07T08:44:01Z",
"details": "important"
}
],
"title": "CVE-2024-11218"
}
]
}
SUSE-SU-2025:0775-1
Vulnerability from csaf_suse - Published: 2025-03-04 12:51 - Updated: 2025-03-04 12:51Summary
Security update for podman
Severity
Important
Notes
Title of the patch: Security update for podman
Description of the patch:
This update for podman fixes the following issues:
- CVE-2025-27144: Fixed denial of service in parsing function of embedded library Go JOSE (bsc#1237641)
- CVE-2024-9676: github.com/containers/storage: Fixed symlink traversal vulnerability in the containers/storage library can cause Denial of Service (DoS) (bsc#1231698)
- CVE-2024-9675: Fixed cache arbitrary directory mount in buildah (bsc#1231499)
- CVE-2024-9407: Fixed Improper Input Validation in bind-propagation Option of Dockerfile RUN --mount Instruction in buildah (bsc#1231208)
- CVE-2024-9341: cri-o: FIPS Crypto-Policy Directory Mounting Issue in containers/common Go Library (bsc#1231230)
- CVE-2024-1753: Fixed full container escape at build time in buildah (bsc#1221677)
- CVE-2024-11218: Fixed a container breakout by using --jobs=2 and a race condition when building a malicious Containerfile. (bsc#1236270)
- CVE-2024-6104: Fixed hashicorp/go-retryablehttp writing sensitive information to log files (bsc#1227052)
- CVE-2023-45288: Fixed golang.org/x/net/http2 excessive resource consumption when receiving too many headers (bsc#1236507)
- Load ip_tables and ip6_tables kernel module (bsc#1214612)
* Required for rootless mode as a regular user has no permission
to load kernel modules
- Refactor network backend dependencies:
* podman requires either netavark or cni-plugins. On ALP, require
netavark, otherwise prefer netavark but don't force it.
* This fixes missing cni-plugins in some scenarios
* Default to netavark everywhere where it's available
Patchnames: SUSE-2025-775,SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-775,SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-775,SUSE-SLE-Product-SLES_SAP-15-SP3-2025-775,SUSE-SUSE-MicroOS-5.1-2025-775,SUSE-SUSE-MicroOS-5.2-2025-775,SUSE-Storage-7.1-2025-775
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.3 (Medium)
Affected products
Recommended
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 7.1:podman-4.9.5-150300.9.43.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:podman-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:podman-remote-4.9.5-150300.9.43.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:podman-remote-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-4.9.5-150300.9.43.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-remote-4.9.5-150300.9.43.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-remote-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.7 (High)
Affected products
Recommended
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 7.1:podman-4.9.5-150300.9.43.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:podman-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:podman-remote-4.9.5-150300.9.43.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:podman-remote-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-4.9.5-150300.9.43.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-remote-4.9.5-150300.9.43.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-remote-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.6 (High)
Affected products
Recommended
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 7.1:podman-4.9.5-150300.9.43.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:podman-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:podman-remote-4.9.5-150300.9.43.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:podman-remote-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-4.9.5-150300.9.43.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-remote-4.9.5-150300.9.43.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-remote-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6 (Medium)
Affected products
Recommended
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 7.1:podman-4.9.5-150300.9.43.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:podman-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:podman-remote-4.9.5-150300.9.43.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:podman-remote-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-4.9.5-150300.9.43.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-remote-4.9.5-150300.9.43.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-remote-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.4 (Medium)
Affected products
Recommended
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 7.1:podman-4.9.5-150300.9.43.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:podman-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:podman-remote-4.9.5-150300.9.43.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:podman-remote-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-4.9.5-150300.9.43.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-remote-4.9.5-150300.9.43.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-remote-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.3 (Medium)
Affected products
Recommended
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 7.1:podman-4.9.5-150300.9.43.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:podman-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:podman-remote-4.9.5-150300.9.43.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:podman-remote-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-4.9.5-150300.9.43.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-remote-4.9.5-150300.9.43.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-remote-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.4 (Medium)
Affected products
Recommended
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 7.1:podman-4.9.5-150300.9.43.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:podman-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:podman-remote-4.9.5-150300.9.43.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:podman-remote-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-4.9.5-150300.9.43.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-remote-4.9.5-150300.9.43.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-remote-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.7 (Medium)
Affected products
Recommended
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 7.1:podman-4.9.5-150300.9.43.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:podman-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:podman-remote-4.9.5-150300.9.43.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:podman-remote-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-4.9.5-150300.9.43.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-remote-4.9.5-150300.9.43.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-remote-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 7.1:podman-4.9.5-150300.9.43.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:podman-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:podman-remote-4.9.5-150300.9.43.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:podman-remote-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-4.9.5-150300.9.43.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-remote-4.9.5-150300.9.43.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-remote-4.9.5-150300.9.43.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
46 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for podman",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis update for podman fixes the following issues:\n\n- CVE-2025-27144: Fixed denial of service in parsing function of embedded library Go JOSE (bsc#1237641)\n- CVE-2024-9676: github.com/containers/storage: Fixed symlink traversal vulnerability in the containers/storage library can cause Denial of Service (DoS) (bsc#1231698) \n- CVE-2024-9675: Fixed cache arbitrary directory mount in buildah (bsc#1231499)\n- CVE-2024-9407: Fixed Improper Input Validation in bind-propagation Option of Dockerfile RUN --mount Instruction in buildah (bsc#1231208)\n- CVE-2024-9341: cri-o: FIPS Crypto-Policy Directory Mounting Issue in containers/common Go Library (bsc#1231230)\n- CVE-2024-1753: Fixed full container escape at build time in buildah (bsc#1221677)\n- CVE-2024-11218: Fixed a container breakout by using --jobs=2 and a race condition when building a malicious Containerfile. (bsc#1236270)\n- CVE-2024-6104: Fixed hashicorp/go-retryablehttp writing sensitive information to log files (bsc#1227052)\n- CVE-2023-45288: Fixed golang.org/x/net/http2 excessive resource consumption when receiving too many headers (bsc#1236507)\n \n\n- Load ip_tables and ip6_tables kernel module (bsc#1214612)\n * Required for rootless mode as a regular user has no permission\n to load kernel modules\n\n\n- Refactor network backend dependencies:\n * podman requires either netavark or cni-plugins. On ALP, require\n netavark, otherwise prefer netavark but don\u0027t force it.\n * This fixes missing cni-plugins in some scenarios\n * Default to netavark everywhere where it\u0027s available\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-775,SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-775,SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-775,SUSE-SLE-Product-SLES_SAP-15-SP3-2025-775,SUSE-SUSE-MicroOS-5.1-2025-775,SUSE-SUSE-MicroOS-5.2-2025-775,SUSE-Storage-7.1-2025-775",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_0775-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:0775-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20250775-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:0775-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-March/020479.html"
},
{
"category": "self",
"summary": "SUSE Bug 1214612",
"url": "https://bugzilla.suse.com/1214612"
},
{
"category": "self",
"summary": "SUSE Bug 1215807",
"url": "https://bugzilla.suse.com/1215807"
},
{
"category": "self",
"summary": "SUSE Bug 1215926",
"url": "https://bugzilla.suse.com/1215926"
},
{
"category": "self",
"summary": "SUSE Bug 1217828",
"url": "https://bugzilla.suse.com/1217828"
},
{
"category": "self",
"summary": "SUSE Bug 1221677",
"url": "https://bugzilla.suse.com/1221677"
},
{
"category": "self",
"summary": "SUSE Bug 1227052",
"url": "https://bugzilla.suse.com/1227052"
},
{
"category": "self",
"summary": "SUSE Bug 1231208",
"url": "https://bugzilla.suse.com/1231208"
},
{
"category": "self",
"summary": "SUSE Bug 1231230",
"url": "https://bugzilla.suse.com/1231230"
},
{
"category": "self",
"summary": "SUSE Bug 1231499",
"url": "https://bugzilla.suse.com/1231499"
},
{
"category": "self",
"summary": "SUSE Bug 1231698",
"url": "https://bugzilla.suse.com/1231698"
},
{
"category": "self",
"summary": "SUSE Bug 1236270",
"url": "https://bugzilla.suse.com/1236270"
},
{
"category": "self",
"summary": "SUSE Bug 1236507",
"url": "https://bugzilla.suse.com/1236507"
},
{
"category": "self",
"summary": "SUSE Bug 1237641",
"url": "https://bugzilla.suse.com/1237641"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-45288 page",
"url": "https://www.suse.com/security/cve/CVE-2023-45288/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-11218 page",
"url": "https://www.suse.com/security/cve/CVE-2024-11218/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-1753 page",
"url": "https://www.suse.com/security/cve/CVE-2024-1753/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-6104 page",
"url": "https://www.suse.com/security/cve/CVE-2024-6104/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-9341 page",
"url": "https://www.suse.com/security/cve/CVE-2024-9341/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-9407 page",
"url": "https://www.suse.com/security/cve/CVE-2024-9407/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-9675 page",
"url": "https://www.suse.com/security/cve/CVE-2024-9675/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-9676 page",
"url": "https://www.suse.com/security/cve/CVE-2024-9676/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-27144 page",
"url": "https://www.suse.com/security/cve/CVE-2025-27144/"
}
],
"title": "Security update for podman",
"tracking": {
"current_release_date": "2025-03-04T12:51:39Z",
"generator": {
"date": "2025-03-04T12:51:39Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:0775-1",
"initial_release_date": "2025-03-04T12:51:39Z",
"revision_history": [
{
"date": "2025-03-04T12:51:39Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "podman-4.9.5-150300.9.43.1.aarch64",
"product": {
"name": "podman-4.9.5-150300.9.43.1.aarch64",
"product_id": "podman-4.9.5-150300.9.43.1.aarch64"
}
},
{
"category": "product_version",
"name": "podman-remote-4.9.5-150300.9.43.1.aarch64",
"product": {
"name": "podman-remote-4.9.5-150300.9.43.1.aarch64",
"product_id": "podman-remote-4.9.5-150300.9.43.1.aarch64"
}
},
{
"category": "product_version",
"name": "podmansh-4.9.5-150300.9.43.1.aarch64",
"product": {
"name": "podmansh-4.9.5-150300.9.43.1.aarch64",
"product_id": "podmansh-4.9.5-150300.9.43.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-4.9.5-150300.9.43.1.i586",
"product": {
"name": "podman-4.9.5-150300.9.43.1.i586",
"product_id": "podman-4.9.5-150300.9.43.1.i586"
}
},
{
"category": "product_version",
"name": "podman-remote-4.9.5-150300.9.43.1.i586",
"product": {
"name": "podman-remote-4.9.5-150300.9.43.1.i586",
"product_id": "podman-remote-4.9.5-150300.9.43.1.i586"
}
},
{
"category": "product_version",
"name": "podmansh-4.9.5-150300.9.43.1.i586",
"product": {
"name": "podmansh-4.9.5-150300.9.43.1.i586",
"product_id": "podmansh-4.9.5-150300.9.43.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-docker-4.9.5-150300.9.43.1.noarch",
"product": {
"name": "podman-docker-4.9.5-150300.9.43.1.noarch",
"product_id": "podman-docker-4.9.5-150300.9.43.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-4.9.5-150300.9.43.1.ppc64le",
"product": {
"name": "podman-4.9.5-150300.9.43.1.ppc64le",
"product_id": "podman-4.9.5-150300.9.43.1.ppc64le"
}
},
{
"category": "product_version",
"name": "podman-remote-4.9.5-150300.9.43.1.ppc64le",
"product": {
"name": "podman-remote-4.9.5-150300.9.43.1.ppc64le",
"product_id": "podman-remote-4.9.5-150300.9.43.1.ppc64le"
}
},
{
"category": "product_version",
"name": "podmansh-4.9.5-150300.9.43.1.ppc64le",
"product": {
"name": "podmansh-4.9.5-150300.9.43.1.ppc64le",
"product_id": "podmansh-4.9.5-150300.9.43.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-4.9.5-150300.9.43.1.s390x",
"product": {
"name": "podman-4.9.5-150300.9.43.1.s390x",
"product_id": "podman-4.9.5-150300.9.43.1.s390x"
}
},
{
"category": "product_version",
"name": "podman-remote-4.9.5-150300.9.43.1.s390x",
"product": {
"name": "podman-remote-4.9.5-150300.9.43.1.s390x",
"product_id": "podman-remote-4.9.5-150300.9.43.1.s390x"
}
},
{
"category": "product_version",
"name": "podmansh-4.9.5-150300.9.43.1.s390x",
"product": {
"name": "podmansh-4.9.5-150300.9.43.1.s390x",
"product_id": "podmansh-4.9.5-150300.9.43.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-4.9.5-150300.9.43.1.x86_64",
"product": {
"name": "podman-4.9.5-150300.9.43.1.x86_64",
"product_id": "podman-4.9.5-150300.9.43.1.x86_64"
}
},
{
"category": "product_version",
"name": "podman-remote-4.9.5-150300.9.43.1.x86_64",
"product": {
"name": "podman-remote-4.9.5-150300.9.43.1.x86_64",
"product_id": "podman-remote-4.9.5-150300.9.43.1.x86_64"
}
},
{
"category": "product_version",
"name": "podmansh-4.9.5-150300.9.43.1.x86_64",
"product": {
"name": "podmansh-4.9.5-150300.9.43.1.x86_64",
"product_id": "podmansh-4.9.5-150300.9.43.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.1",
"product": {
"name": "SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-microos:5.1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.2",
"product": {
"name": "SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-microos:5.2"
}
}
},
{
"category": "product_name",
"name": "SUSE Enterprise Storage 7.1",
"product": {
"name": "SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:ses:7.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150300.9.43.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.aarch64"
},
"product_reference": "podman-4.9.5-150300.9.43.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150300.9.43.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.x86_64"
},
"product_reference": "podman-4.9.5-150300.9.43.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150300.9.43.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.aarch64"
},
"product_reference": "podman-remote-4.9.5-150300.9.43.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150300.9.43.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.x86_64"
},
"product_reference": "podman-remote-4.9.5-150300.9.43.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150300.9.43.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.aarch64"
},
"product_reference": "podman-4.9.5-150300.9.43.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150300.9.43.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.ppc64le"
},
"product_reference": "podman-4.9.5-150300.9.43.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150300.9.43.1.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.s390x"
},
"product_reference": "podman-4.9.5-150300.9.43.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150300.9.43.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.x86_64"
},
"product_reference": "podman-4.9.5-150300.9.43.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150300.9.43.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.aarch64"
},
"product_reference": "podman-remote-4.9.5-150300.9.43.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150300.9.43.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.ppc64le"
},
"product_reference": "podman-remote-4.9.5-150300.9.43.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150300.9.43.1.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.s390x"
},
"product_reference": "podman-remote-4.9.5-150300.9.43.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150300.9.43.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.x86_64"
},
"product_reference": "podman-remote-4.9.5-150300.9.43.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150300.9.43.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-4.9.5-150300.9.43.1.ppc64le"
},
"product_reference": "podman-4.9.5-150300.9.43.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150300.9.43.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-4.9.5-150300.9.43.1.x86_64"
},
"product_reference": "podman-4.9.5-150300.9.43.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150300.9.43.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-remote-4.9.5-150300.9.43.1.ppc64le"
},
"product_reference": "podman-remote-4.9.5-150300.9.43.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150300.9.43.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-remote-4.9.5-150300.9.43.1.x86_64"
},
"product_reference": "podman-remote-4.9.5-150300.9.43.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150300.9.43.1.aarch64 as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.aarch64"
},
"product_reference": "podman-4.9.5-150300.9.43.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150300.9.43.1.s390x as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.s390x"
},
"product_reference": "podman-4.9.5-150300.9.43.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150300.9.43.1.x86_64 as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.x86_64"
},
"product_reference": "podman-4.9.5-150300.9.43.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150300.9.43.1.aarch64 as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.aarch64"
},
"product_reference": "podman-remote-4.9.5-150300.9.43.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150300.9.43.1.s390x as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.s390x"
},
"product_reference": "podman-remote-4.9.5-150300.9.43.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150300.9.43.1.x86_64 as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.x86_64"
},
"product_reference": "podman-remote-4.9.5-150300.9.43.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150300.9.43.1.aarch64 as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.aarch64"
},
"product_reference": "podman-4.9.5-150300.9.43.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150300.9.43.1.s390x as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.s390x"
},
"product_reference": "podman-4.9.5-150300.9.43.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150300.9.43.1.x86_64 as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.x86_64"
},
"product_reference": "podman-4.9.5-150300.9.43.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150300.9.43.1.aarch64 as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.aarch64"
},
"product_reference": "podman-remote-4.9.5-150300.9.43.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150300.9.43.1.s390x as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.s390x"
},
"product_reference": "podman-remote-4.9.5-150300.9.43.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150300.9.43.1.x86_64 as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.x86_64"
},
"product_reference": "podman-remote-4.9.5-150300.9.43.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150300.9.43.1.aarch64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:podman-4.9.5-150300.9.43.1.aarch64"
},
"product_reference": "podman-4.9.5-150300.9.43.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150300.9.43.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:podman-4.9.5-150300.9.43.1.x86_64"
},
"product_reference": "podman-4.9.5-150300.9.43.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150300.9.43.1.aarch64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:podman-remote-4.9.5-150300.9.43.1.aarch64"
},
"product_reference": "podman-remote-4.9.5-150300.9.43.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150300.9.43.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:podman-remote-4.9.5-150300.9.43.1.x86_64"
},
"product_reference": "podman-remote-4.9.5-150300.9.43.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-45288",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-45288"
}
],
"notes": [
{
"category": "general",
"text": "An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request\u0027s headers exceed MaxHeaderBytes, no memory is allocated to store the excess headers, but they are still parsed. This permits an attacker to cause an HTTP/2 endpoint to read arbitrary amounts of header data, all associated with a request which is going to be rejected. These headers can include Huffman-encoded data which is significantly more expensive for the receiver to decode than for an attacker to send. The fix sets a limit on the amount of excess header frames we will process before closing a connection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Enterprise Storage 7.1:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Enterprise Storage 7.1:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Enterprise Storage 7.1:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-remote-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-remote-4.9.5-150300.9.43.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-45288",
"url": "https://www.suse.com/security/cve/CVE-2023-45288"
},
{
"category": "external",
"summary": "SUSE Bug 1221400 for CVE-2023-45288",
"url": "https://bugzilla.suse.com/1221400"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Enterprise Storage 7.1:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Enterprise Storage 7.1:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Enterprise Storage 7.1:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-remote-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-remote-4.9.5-150300.9.43.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Enterprise Storage 7.1:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Enterprise Storage 7.1:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Enterprise Storage 7.1:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-remote-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-remote-4.9.5-150300.9.43.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-04T12:51:39Z",
"details": "moderate"
}
],
"title": "CVE-2023-45288"
},
{
"cve": "CVE-2024-11218",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-11218"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability was found in `podman build` and `buildah.` This issue occurs in a container breakout by using --jobs=2 and a race condition when building a malicious Containerfile. SELinux might mitigate it, but even with SELinux on, it still allows the enumeration of files and directories on the host.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Enterprise Storage 7.1:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Enterprise Storage 7.1:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Enterprise Storage 7.1:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-remote-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-remote-4.9.5-150300.9.43.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-11218",
"url": "https://www.suse.com/security/cve/CVE-2024-11218"
},
{
"category": "external",
"summary": "SUSE Bug 1236269 for CVE-2024-11218",
"url": "https://bugzilla.suse.com/1236269"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Enterprise Storage 7.1:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Enterprise Storage 7.1:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Enterprise Storage 7.1:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-remote-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-remote-4.9.5-150300.9.43.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Enterprise Storage 7.1:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Enterprise Storage 7.1:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Enterprise Storage 7.1:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-remote-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-remote-4.9.5-150300.9.43.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-04T12:51:39Z",
"details": "important"
}
],
"title": "CVE-2024-11218"
},
{
"cve": "CVE-2024-1753",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-1753"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in Buildah (and subsequently Podman Build) which allows containers to mount arbitrary locations on the host filesystem into build containers. A malicious Containerfile can use a dummy image with a symbolic link to the root filesystem as a mount source and cause the mount operation to mount the host root filesystem inside the RUN step. The commands inside the RUN step will then have read-write access to the host filesystem, allowing for full container escape at build time.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Enterprise Storage 7.1:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Enterprise Storage 7.1:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Enterprise Storage 7.1:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-remote-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-remote-4.9.5-150300.9.43.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-1753",
"url": "https://www.suse.com/security/cve/CVE-2024-1753"
},
{
"category": "external",
"summary": "SUSE Bug 1221677 for CVE-2024-1753",
"url": "https://bugzilla.suse.com/1221677"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Enterprise Storage 7.1:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Enterprise Storage 7.1:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Enterprise Storage 7.1:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-remote-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-remote-4.9.5-150300.9.43.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Enterprise Storage 7.1:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Enterprise Storage 7.1:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Enterprise Storage 7.1:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-remote-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-remote-4.9.5-150300.9.43.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-04T12:51:39Z",
"details": "important"
}
],
"title": "CVE-2024-1753"
},
{
"cve": "CVE-2024-6104",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-6104"
}
],
"notes": [
{
"category": "general",
"text": "go-retryablehttp prior to 0.7.7 did not sanitize urls when writing them to its log file. This could lead to go-retryablehttp writing sensitive HTTP basic auth credentials to its log file. This vulnerability, CVE-2024-6104, was fixed in go-retryablehttp 0.7.7.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Enterprise Storage 7.1:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Enterprise Storage 7.1:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Enterprise Storage 7.1:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-remote-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-remote-4.9.5-150300.9.43.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-6104",
"url": "https://www.suse.com/security/cve/CVE-2024-6104"
},
{
"category": "external",
"summary": "SUSE Bug 1227024 for CVE-2024-6104",
"url": "https://bugzilla.suse.com/1227024"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Enterprise Storage 7.1:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Enterprise Storage 7.1:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Enterprise Storage 7.1:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-remote-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-remote-4.9.5-150300.9.43.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Enterprise Storage 7.1:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Enterprise Storage 7.1:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Enterprise Storage 7.1:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-remote-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-remote-4.9.5-150300.9.43.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-04T12:51:39Z",
"details": "moderate"
}
],
"title": "CVE-2024-6104"
},
{
"cve": "CVE-2024-9341",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-9341"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in Go. When FIPS mode is enabled on a system, container runtimes may incorrectly handle certain file paths due to improper validation in the containers/common Go library. This flaw allows an attacker to exploit symbolic links and trick the system into mounting sensitive host directories inside a container. This issue also allows attackers to access critical host files, bypassing the intended isolation between containers and the host system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Enterprise Storage 7.1:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Enterprise Storage 7.1:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Enterprise Storage 7.1:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-remote-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-remote-4.9.5-150300.9.43.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-9341",
"url": "https://www.suse.com/security/cve/CVE-2024-9341"
},
{
"category": "external",
"summary": "SUSE Bug 1231230 for CVE-2024-9341",
"url": "https://bugzilla.suse.com/1231230"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Enterprise Storage 7.1:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Enterprise Storage 7.1:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Enterprise Storage 7.1:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-remote-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-remote-4.9.5-150300.9.43.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Enterprise Storage 7.1:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Enterprise Storage 7.1:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Enterprise Storage 7.1:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-remote-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-remote-4.9.5-150300.9.43.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-04T12:51:39Z",
"details": "moderate"
}
],
"title": "CVE-2024-9341"
},
{
"cve": "CVE-2024-9407",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-9407"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability exists in the bind-propagation option of the Dockerfile RUN --mount instruction. The system does not properly validate the input passed to this option, allowing users to pass arbitrary parameters to the mount instruction. This issue can be exploited to mount sensitive directories from the host into a container during the build process and, in some cases, modify the contents of those mounted files. Even if SELinux is used, this vulnerability can bypass its protection by allowing the source directory to be relabeled to give the container access to host files.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Enterprise Storage 7.1:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Enterprise Storage 7.1:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Enterprise Storage 7.1:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-remote-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-remote-4.9.5-150300.9.43.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-9407",
"url": "https://www.suse.com/security/cve/CVE-2024-9407"
},
{
"category": "external",
"summary": "SUSE Bug 1231208 for CVE-2024-9407",
"url": "https://bugzilla.suse.com/1231208"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Enterprise Storage 7.1:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Enterprise Storage 7.1:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Enterprise Storage 7.1:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-remote-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-remote-4.9.5-150300.9.43.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Enterprise Storage 7.1:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Enterprise Storage 7.1:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Enterprise Storage 7.1:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-remote-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-remote-4.9.5-150300.9.43.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-04T12:51:39Z",
"details": "moderate"
}
],
"title": "CVE-2024-9407"
},
{
"cve": "CVE-2024-9675",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-9675"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability was found in Buildah. Cache mounts do not properly validate that user-specified paths for the cache are within our cache directory, allowing a `RUN` instruction in a Container file to mount an arbitrary directory from the host (read/write) into the container as long as those files can be accessed by the user running Buildah.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Enterprise Storage 7.1:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Enterprise Storage 7.1:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Enterprise Storage 7.1:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-remote-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-remote-4.9.5-150300.9.43.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-9675",
"url": "https://www.suse.com/security/cve/CVE-2024-9675"
},
{
"category": "external",
"summary": "SUSE Bug 1231499 for CVE-2024-9675",
"url": "https://bugzilla.suse.com/1231499"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Enterprise Storage 7.1:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Enterprise Storage 7.1:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Enterprise Storage 7.1:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-remote-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-remote-4.9.5-150300.9.43.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Enterprise Storage 7.1:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Enterprise Storage 7.1:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Enterprise Storage 7.1:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-remote-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-remote-4.9.5-150300.9.43.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-04T12:51:39Z",
"details": "moderate"
}
],
"title": "CVE-2024-9675"
},
{
"cve": "CVE-2024-9676",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-9676"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability was found in Podman, Buildah, and CRI-O. A symlink traversal vulnerability in the containers/storage library can cause Podman, Buildah, and CRI-O to hang and result in a denial of service via OOM kill when running a malicious image using an automatically assigned user namespace (`--userns=auto` in Podman and Buildah). The containers/storage library will read /etc/passwd inside the container, but does not properly validate if that file is a symlink, which can be used to cause the library to read an arbitrary file on the host.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Enterprise Storage 7.1:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Enterprise Storage 7.1:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Enterprise Storage 7.1:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-remote-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-remote-4.9.5-150300.9.43.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-9676",
"url": "https://www.suse.com/security/cve/CVE-2024-9676"
},
{
"category": "external",
"summary": "SUSE Bug 1231698 for CVE-2024-9676",
"url": "https://bugzilla.suse.com/1231698"
},
{
"category": "external",
"summary": "SUSE Bug 1231785 for CVE-2024-9676",
"url": "https://bugzilla.suse.com/1231785"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Enterprise Storage 7.1:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Enterprise Storage 7.1:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Enterprise Storage 7.1:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-remote-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-remote-4.9.5-150300.9.43.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Enterprise Storage 7.1:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Enterprise Storage 7.1:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Enterprise Storage 7.1:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-remote-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-remote-4.9.5-150300.9.43.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-04T12:51:39Z",
"details": "moderate"
}
],
"title": "CVE-2024-9676"
},
{
"cve": "CVE-2025-27144",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-27144"
}
],
"notes": [
{
"category": "general",
"text": "Go JOSE provides an implementation of the Javascript Object Signing and Encryption set of standards in Go, including support for JSON Web Encryption (JWE), JSON Web Signature (JWS), and JSON Web Token (JWT) standards. In versions on the 4.x branch prior to version 4.0.5, when parsing compact JWS or JWE input, Go JOSE could use excessive memory. The code used strings.Split(token, \".\") to split JWT tokens, which is vulnerable to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters. An attacker could exploit this by sending numerous malformed tokens, leading to memory exhaustion and a Denial of Service. Version 4.0.5 fixes this issue. As a workaround, applications could pre-validate that payloads passed to Go JOSE do not contain an excessive number of `.` characters.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Enterprise Storage 7.1:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Enterprise Storage 7.1:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Enterprise Storage 7.1:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-remote-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-remote-4.9.5-150300.9.43.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-27144",
"url": "https://www.suse.com/security/cve/CVE-2025-27144"
},
{
"category": "external",
"summary": "SUSE Bug 1237608 for CVE-2025-27144",
"url": "https://bugzilla.suse.com/1237608"
},
{
"category": "external",
"summary": "SUSE Bug 1237609 for CVE-2025-27144",
"url": "https://bugzilla.suse.com/1237609"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Enterprise Storage 7.1:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Enterprise Storage 7.1:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Enterprise Storage 7.1:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-remote-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-remote-4.9.5-150300.9.43.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Enterprise Storage 7.1:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Enterprise Storage 7.1:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Enterprise Storage 7.1:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.1:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.1:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-4.9.5-150300.9.43.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-remote-4.9.5-150300.9.43.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-remote-4.9.5-150300.9.43.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-04T12:51:39Z",
"details": "important"
}
],
"title": "CVE-2025-27144"
}
]
}
SUSE-SU-2025:20143-1
Vulnerability from csaf_suse - Published: 2025-03-12 10:31 - Updated: 2025-03-12 10:31Summary
Security update for podman
Severity
Important
Notes
Title of the patch: Security update for podman
Description of the patch: This update for podman fixes the following issues:
- CVE-2025-27144: Fixed gopkg.in/square/go-jose.v2,gopkg.in/go-jose/go-jose.v2,github.com/go-jose/go-jose/v4,github.com/go-jose/go-jose/v3: Go JOSE's Parsing Vulnerable to Denial of Service (bsc#1237641):
- CVE-2024-11218: Fixed github.com/containers/buildah: Container breakout by using --jobs=2 and a race condition when building a malicious Containerfile (bsc#1236270):
- CVE-2023-45288: Fixed golang.org/x/net/http2: close connections when receiving too many headers (bsc#1236507):
- CVE-2024-6104: Fixed hashicorp/go-retryablehttp: url might write sensitive information to log file (bsc#1227052):
Patchnames: SUSE-SLE-Micro-6.0-238
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.3 (Medium)
Affected products
Recommended
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:podman-4.9.5-3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:podman-4.9.5-3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:podman-4.9.5-3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:podman-docker-4.9.5-3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:podman-remote-4.9.5-3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:podman-remote-4.9.5-3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:podman-remote-4.9.5-3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:podmansh-4.9.5-3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:podmansh-4.9.5-3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:podmansh-4.9.5-3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.7 (High)
Affected products
Recommended
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:podman-4.9.5-3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:podman-4.9.5-3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:podman-4.9.5-3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:podman-docker-4.9.5-3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:podman-remote-4.9.5-3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:podman-remote-4.9.5-3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:podman-remote-4.9.5-3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:podmansh-4.9.5-3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:podmansh-4.9.5-3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:podmansh-4.9.5-3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6 (Medium)
Affected products
Recommended
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:podman-4.9.5-3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:podman-4.9.5-3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:podman-4.9.5-3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:podman-docker-4.9.5-3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:podman-remote-4.9.5-3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:podman-remote-4.9.5-3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:podman-remote-4.9.5-3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:podmansh-4.9.5-3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:podmansh-4.9.5-3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:podmansh-4.9.5-3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.3 (Medium)
Affected products
Recommended
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:podman-4.9.5-3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:podman-4.9.5-3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:podman-4.9.5-3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:podman-docker-4.9.5-3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:podman-remote-4.9.5-3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:podman-remote-4.9.5-3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:podman-remote-4.9.5-3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:podmansh-4.9.5-3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:podmansh-4.9.5-3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:podmansh-4.9.5-3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:podman-4.9.5-3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:podman-4.9.5-3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:podman-4.9.5-3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:podman-docker-4.9.5-3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:podman-remote-4.9.5-3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:podman-remote-4.9.5-3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:podman-remote-4.9.5-3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:podmansh-4.9.5-3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:podmansh-4.9.5-3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:podmansh-4.9.5-3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
24 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for podman",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for podman fixes the following issues:\n\n- CVE-2025-27144: Fixed gopkg.in/square/go-jose.v2,gopkg.in/go-jose/go-jose.v2,github.com/go-jose/go-jose/v4,github.com/go-jose/go-jose/v3: Go JOSE\u0027s Parsing Vulnerable to Denial of Service (bsc#1237641):\n- CVE-2024-11218: Fixed github.com/containers/buildah: Container breakout by using --jobs=2 and a race condition when building a malicious Containerfile (bsc#1236270):\n- CVE-2023-45288: Fixed golang.org/x/net/http2: close connections when receiving too many headers (bsc#1236507):\n- CVE-2024-6104: Fixed hashicorp/go-retryablehttp: url might write sensitive information to log file (bsc#1227052):\n\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.0-238",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_20143-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:20143-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202520143-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:20143-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021194.html"
},
{
"category": "self",
"summary": "SUSE Bug 1227052",
"url": "https://bugzilla.suse.com/1227052"
},
{
"category": "self",
"summary": "SUSE Bug 1236270",
"url": "https://bugzilla.suse.com/1236270"
},
{
"category": "self",
"summary": "SUSE Bug 1236507",
"url": "https://bugzilla.suse.com/1236507"
},
{
"category": "self",
"summary": "SUSE Bug 1237641",
"url": "https://bugzilla.suse.com/1237641"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-45288 page",
"url": "https://www.suse.com/security/cve/CVE-2023-45288/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-11218 page",
"url": "https://www.suse.com/security/cve/CVE-2024-11218/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-6104 page",
"url": "https://www.suse.com/security/cve/CVE-2024-6104/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-9407 page",
"url": "https://www.suse.com/security/cve/CVE-2024-9407/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-27144 page",
"url": "https://www.suse.com/security/cve/CVE-2025-27144/"
}
],
"title": "Security update for podman",
"tracking": {
"current_release_date": "2025-03-12T10:31:01Z",
"generator": {
"date": "2025-03-12T10:31:01Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:20143-1",
"initial_release_date": "2025-03-12T10:31:01Z",
"revision_history": [
{
"date": "2025-03-12T10:31:01Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "podman-4.9.5-3.1.aarch64",
"product": {
"name": "podman-4.9.5-3.1.aarch64",
"product_id": "podman-4.9.5-3.1.aarch64"
}
},
{
"category": "product_version",
"name": "podman-remote-4.9.5-3.1.aarch64",
"product": {
"name": "podman-remote-4.9.5-3.1.aarch64",
"product_id": "podman-remote-4.9.5-3.1.aarch64"
}
},
{
"category": "product_version",
"name": "podmansh-4.9.5-3.1.aarch64",
"product": {
"name": "podmansh-4.9.5-3.1.aarch64",
"product_id": "podmansh-4.9.5-3.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-docker-4.9.5-3.1.noarch",
"product": {
"name": "podman-docker-4.9.5-3.1.noarch",
"product_id": "podman-docker-4.9.5-3.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-4.9.5-3.1.s390x",
"product": {
"name": "podman-4.9.5-3.1.s390x",
"product_id": "podman-4.9.5-3.1.s390x"
}
},
{
"category": "product_version",
"name": "podman-remote-4.9.5-3.1.s390x",
"product": {
"name": "podman-remote-4.9.5-3.1.s390x",
"product_id": "podman-remote-4.9.5-3.1.s390x"
}
},
{
"category": "product_version",
"name": "podmansh-4.9.5-3.1.s390x",
"product": {
"name": "podmansh-4.9.5-3.1.s390x",
"product_id": "podmansh-4.9.5-3.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-4.9.5-3.1.x86_64",
"product": {
"name": "podman-4.9.5-3.1.x86_64",
"product_id": "podman-4.9.5-3.1.x86_64"
}
},
{
"category": "product_version",
"name": "podman-remote-4.9.5-3.1.x86_64",
"product": {
"name": "podman-remote-4.9.5-3.1.x86_64",
"product_id": "podman-remote-4.9.5-3.1.x86_64"
}
},
{
"category": "product_version",
"name": "podmansh-4.9.5-3.1.x86_64",
"product": {
"name": "podmansh-4.9.5-3.1.x86_64",
"product_id": "podmansh-4.9.5-3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.0",
"product": {
"name": "SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.0"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-3.1.aarch64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:podman-4.9.5-3.1.aarch64"
},
"product_reference": "podman-4.9.5-3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-3.1.s390x as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:podman-4.9.5-3.1.s390x"
},
"product_reference": "podman-4.9.5-3.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-3.1.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:podman-4.9.5-3.1.x86_64"
},
"product_reference": "podman-4.9.5-3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-docker-4.9.5-3.1.noarch as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:podman-docker-4.9.5-3.1.noarch"
},
"product_reference": "podman-docker-4.9.5-3.1.noarch",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-3.1.aarch64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:podman-remote-4.9.5-3.1.aarch64"
},
"product_reference": "podman-remote-4.9.5-3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-3.1.s390x as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:podman-remote-4.9.5-3.1.s390x"
},
"product_reference": "podman-remote-4.9.5-3.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-3.1.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:podman-remote-4.9.5-3.1.x86_64"
},
"product_reference": "podman-remote-4.9.5-3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podmansh-4.9.5-3.1.aarch64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:podmansh-4.9.5-3.1.aarch64"
},
"product_reference": "podmansh-4.9.5-3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podmansh-4.9.5-3.1.s390x as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:podmansh-4.9.5-3.1.s390x"
},
"product_reference": "podmansh-4.9.5-3.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podmansh-4.9.5-3.1.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:podmansh-4.9.5-3.1.x86_64"
},
"product_reference": "podmansh-4.9.5-3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-45288",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-45288"
}
],
"notes": [
{
"category": "general",
"text": "An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request\u0027s headers exceed MaxHeaderBytes, no memory is allocated to store the excess headers, but they are still parsed. This permits an attacker to cause an HTTP/2 endpoint to read arbitrary amounts of header data, all associated with a request which is going to be rejected. These headers can include Huffman-encoded data which is significantly more expensive for the receiver to decode than for an attacker to send. The fix sets a limit on the amount of excess header frames we will process before closing a connection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:podman-4.9.5-3.1.aarch64",
"SUSE Linux Micro 6.0:podman-4.9.5-3.1.s390x",
"SUSE Linux Micro 6.0:podman-4.9.5-3.1.x86_64",
"SUSE Linux Micro 6.0:podman-docker-4.9.5-3.1.noarch",
"SUSE Linux Micro 6.0:podman-remote-4.9.5-3.1.aarch64",
"SUSE Linux Micro 6.0:podman-remote-4.9.5-3.1.s390x",
"SUSE Linux Micro 6.0:podman-remote-4.9.5-3.1.x86_64",
"SUSE Linux Micro 6.0:podmansh-4.9.5-3.1.aarch64",
"SUSE Linux Micro 6.0:podmansh-4.9.5-3.1.s390x",
"SUSE Linux Micro 6.0:podmansh-4.9.5-3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-45288",
"url": "https://www.suse.com/security/cve/CVE-2023-45288"
},
{
"category": "external",
"summary": "SUSE Bug 1221400 for CVE-2023-45288",
"url": "https://bugzilla.suse.com/1221400"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:podman-4.9.5-3.1.aarch64",
"SUSE Linux Micro 6.0:podman-4.9.5-3.1.s390x",
"SUSE Linux Micro 6.0:podman-4.9.5-3.1.x86_64",
"SUSE Linux Micro 6.0:podman-docker-4.9.5-3.1.noarch",
"SUSE Linux Micro 6.0:podman-remote-4.9.5-3.1.aarch64",
"SUSE Linux Micro 6.0:podman-remote-4.9.5-3.1.s390x",
"SUSE Linux Micro 6.0:podman-remote-4.9.5-3.1.x86_64",
"SUSE Linux Micro 6.0:podmansh-4.9.5-3.1.aarch64",
"SUSE Linux Micro 6.0:podmansh-4.9.5-3.1.s390x",
"SUSE Linux Micro 6.0:podmansh-4.9.5-3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:podman-4.9.5-3.1.aarch64",
"SUSE Linux Micro 6.0:podman-4.9.5-3.1.s390x",
"SUSE Linux Micro 6.0:podman-4.9.5-3.1.x86_64",
"SUSE Linux Micro 6.0:podman-docker-4.9.5-3.1.noarch",
"SUSE Linux Micro 6.0:podman-remote-4.9.5-3.1.aarch64",
"SUSE Linux Micro 6.0:podman-remote-4.9.5-3.1.s390x",
"SUSE Linux Micro 6.0:podman-remote-4.9.5-3.1.x86_64",
"SUSE Linux Micro 6.0:podmansh-4.9.5-3.1.aarch64",
"SUSE Linux Micro 6.0:podmansh-4.9.5-3.1.s390x",
"SUSE Linux Micro 6.0:podmansh-4.9.5-3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-12T10:31:01Z",
"details": "moderate"
}
],
"title": "CVE-2023-45288"
},
{
"cve": "CVE-2024-11218",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-11218"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability was found in `podman build` and `buildah.` This issue occurs in a container breakout by using --jobs=2 and a race condition when building a malicious Containerfile. SELinux might mitigate it, but even with SELinux on, it still allows the enumeration of files and directories on the host.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:podman-4.9.5-3.1.aarch64",
"SUSE Linux Micro 6.0:podman-4.9.5-3.1.s390x",
"SUSE Linux Micro 6.0:podman-4.9.5-3.1.x86_64",
"SUSE Linux Micro 6.0:podman-docker-4.9.5-3.1.noarch",
"SUSE Linux Micro 6.0:podman-remote-4.9.5-3.1.aarch64",
"SUSE Linux Micro 6.0:podman-remote-4.9.5-3.1.s390x",
"SUSE Linux Micro 6.0:podman-remote-4.9.5-3.1.x86_64",
"SUSE Linux Micro 6.0:podmansh-4.9.5-3.1.aarch64",
"SUSE Linux Micro 6.0:podmansh-4.9.5-3.1.s390x",
"SUSE Linux Micro 6.0:podmansh-4.9.5-3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-11218",
"url": "https://www.suse.com/security/cve/CVE-2024-11218"
},
{
"category": "external",
"summary": "SUSE Bug 1236269 for CVE-2024-11218",
"url": "https://bugzilla.suse.com/1236269"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:podman-4.9.5-3.1.aarch64",
"SUSE Linux Micro 6.0:podman-4.9.5-3.1.s390x",
"SUSE Linux Micro 6.0:podman-4.9.5-3.1.x86_64",
"SUSE Linux Micro 6.0:podman-docker-4.9.5-3.1.noarch",
"SUSE Linux Micro 6.0:podman-remote-4.9.5-3.1.aarch64",
"SUSE Linux Micro 6.0:podman-remote-4.9.5-3.1.s390x",
"SUSE Linux Micro 6.0:podman-remote-4.9.5-3.1.x86_64",
"SUSE Linux Micro 6.0:podmansh-4.9.5-3.1.aarch64",
"SUSE Linux Micro 6.0:podmansh-4.9.5-3.1.s390x",
"SUSE Linux Micro 6.0:podmansh-4.9.5-3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:podman-4.9.5-3.1.aarch64",
"SUSE Linux Micro 6.0:podman-4.9.5-3.1.s390x",
"SUSE Linux Micro 6.0:podman-4.9.5-3.1.x86_64",
"SUSE Linux Micro 6.0:podman-docker-4.9.5-3.1.noarch",
"SUSE Linux Micro 6.0:podman-remote-4.9.5-3.1.aarch64",
"SUSE Linux Micro 6.0:podman-remote-4.9.5-3.1.s390x",
"SUSE Linux Micro 6.0:podman-remote-4.9.5-3.1.x86_64",
"SUSE Linux Micro 6.0:podmansh-4.9.5-3.1.aarch64",
"SUSE Linux Micro 6.0:podmansh-4.9.5-3.1.s390x",
"SUSE Linux Micro 6.0:podmansh-4.9.5-3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-12T10:31:01Z",
"details": "important"
}
],
"title": "CVE-2024-11218"
},
{
"cve": "CVE-2024-6104",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-6104"
}
],
"notes": [
{
"category": "general",
"text": "go-retryablehttp prior to 0.7.7 did not sanitize urls when writing them to its log file. This could lead to go-retryablehttp writing sensitive HTTP basic auth credentials to its log file. This vulnerability, CVE-2024-6104, was fixed in go-retryablehttp 0.7.7.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:podman-4.9.5-3.1.aarch64",
"SUSE Linux Micro 6.0:podman-4.9.5-3.1.s390x",
"SUSE Linux Micro 6.0:podman-4.9.5-3.1.x86_64",
"SUSE Linux Micro 6.0:podman-docker-4.9.5-3.1.noarch",
"SUSE Linux Micro 6.0:podman-remote-4.9.5-3.1.aarch64",
"SUSE Linux Micro 6.0:podman-remote-4.9.5-3.1.s390x",
"SUSE Linux Micro 6.0:podman-remote-4.9.5-3.1.x86_64",
"SUSE Linux Micro 6.0:podmansh-4.9.5-3.1.aarch64",
"SUSE Linux Micro 6.0:podmansh-4.9.5-3.1.s390x",
"SUSE Linux Micro 6.0:podmansh-4.9.5-3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-6104",
"url": "https://www.suse.com/security/cve/CVE-2024-6104"
},
{
"category": "external",
"summary": "SUSE Bug 1227024 for CVE-2024-6104",
"url": "https://bugzilla.suse.com/1227024"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:podman-4.9.5-3.1.aarch64",
"SUSE Linux Micro 6.0:podman-4.9.5-3.1.s390x",
"SUSE Linux Micro 6.0:podman-4.9.5-3.1.x86_64",
"SUSE Linux Micro 6.0:podman-docker-4.9.5-3.1.noarch",
"SUSE Linux Micro 6.0:podman-remote-4.9.5-3.1.aarch64",
"SUSE Linux Micro 6.0:podman-remote-4.9.5-3.1.s390x",
"SUSE Linux Micro 6.0:podman-remote-4.9.5-3.1.x86_64",
"SUSE Linux Micro 6.0:podmansh-4.9.5-3.1.aarch64",
"SUSE Linux Micro 6.0:podmansh-4.9.5-3.1.s390x",
"SUSE Linux Micro 6.0:podmansh-4.9.5-3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:podman-4.9.5-3.1.aarch64",
"SUSE Linux Micro 6.0:podman-4.9.5-3.1.s390x",
"SUSE Linux Micro 6.0:podman-4.9.5-3.1.x86_64",
"SUSE Linux Micro 6.0:podman-docker-4.9.5-3.1.noarch",
"SUSE Linux Micro 6.0:podman-remote-4.9.5-3.1.aarch64",
"SUSE Linux Micro 6.0:podman-remote-4.9.5-3.1.s390x",
"SUSE Linux Micro 6.0:podman-remote-4.9.5-3.1.x86_64",
"SUSE Linux Micro 6.0:podmansh-4.9.5-3.1.aarch64",
"SUSE Linux Micro 6.0:podmansh-4.9.5-3.1.s390x",
"SUSE Linux Micro 6.0:podmansh-4.9.5-3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-12T10:31:01Z",
"details": "moderate"
}
],
"title": "CVE-2024-6104"
},
{
"cve": "CVE-2024-9407",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-9407"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability exists in the bind-propagation option of the Dockerfile RUN --mount instruction. The system does not properly validate the input passed to this option, allowing users to pass arbitrary parameters to the mount instruction. This issue can be exploited to mount sensitive directories from the host into a container during the build process and, in some cases, modify the contents of those mounted files. Even if SELinux is used, this vulnerability can bypass its protection by allowing the source directory to be relabeled to give the container access to host files.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:podman-4.9.5-3.1.aarch64",
"SUSE Linux Micro 6.0:podman-4.9.5-3.1.s390x",
"SUSE Linux Micro 6.0:podman-4.9.5-3.1.x86_64",
"SUSE Linux Micro 6.0:podman-docker-4.9.5-3.1.noarch",
"SUSE Linux Micro 6.0:podman-remote-4.9.5-3.1.aarch64",
"SUSE Linux Micro 6.0:podman-remote-4.9.5-3.1.s390x",
"SUSE Linux Micro 6.0:podman-remote-4.9.5-3.1.x86_64",
"SUSE Linux Micro 6.0:podmansh-4.9.5-3.1.aarch64",
"SUSE Linux Micro 6.0:podmansh-4.9.5-3.1.s390x",
"SUSE Linux Micro 6.0:podmansh-4.9.5-3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-9407",
"url": "https://www.suse.com/security/cve/CVE-2024-9407"
},
{
"category": "external",
"summary": "SUSE Bug 1231208 for CVE-2024-9407",
"url": "https://bugzilla.suse.com/1231208"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:podman-4.9.5-3.1.aarch64",
"SUSE Linux Micro 6.0:podman-4.9.5-3.1.s390x",
"SUSE Linux Micro 6.0:podman-4.9.5-3.1.x86_64",
"SUSE Linux Micro 6.0:podman-docker-4.9.5-3.1.noarch",
"SUSE Linux Micro 6.0:podman-remote-4.9.5-3.1.aarch64",
"SUSE Linux Micro 6.0:podman-remote-4.9.5-3.1.s390x",
"SUSE Linux Micro 6.0:podman-remote-4.9.5-3.1.x86_64",
"SUSE Linux Micro 6.0:podmansh-4.9.5-3.1.aarch64",
"SUSE Linux Micro 6.0:podmansh-4.9.5-3.1.s390x",
"SUSE Linux Micro 6.0:podmansh-4.9.5-3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:podman-4.9.5-3.1.aarch64",
"SUSE Linux Micro 6.0:podman-4.9.5-3.1.s390x",
"SUSE Linux Micro 6.0:podman-4.9.5-3.1.x86_64",
"SUSE Linux Micro 6.0:podman-docker-4.9.5-3.1.noarch",
"SUSE Linux Micro 6.0:podman-remote-4.9.5-3.1.aarch64",
"SUSE Linux Micro 6.0:podman-remote-4.9.5-3.1.s390x",
"SUSE Linux Micro 6.0:podman-remote-4.9.5-3.1.x86_64",
"SUSE Linux Micro 6.0:podmansh-4.9.5-3.1.aarch64",
"SUSE Linux Micro 6.0:podmansh-4.9.5-3.1.s390x",
"SUSE Linux Micro 6.0:podmansh-4.9.5-3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-12T10:31:01Z",
"details": "moderate"
}
],
"title": "CVE-2024-9407"
},
{
"cve": "CVE-2025-27144",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-27144"
}
],
"notes": [
{
"category": "general",
"text": "Go JOSE provides an implementation of the Javascript Object Signing and Encryption set of standards in Go, including support for JSON Web Encryption (JWE), JSON Web Signature (JWS), and JSON Web Token (JWT) standards. In versions on the 4.x branch prior to version 4.0.5, when parsing compact JWS or JWE input, Go JOSE could use excessive memory. The code used strings.Split(token, \".\") to split JWT tokens, which is vulnerable to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters. An attacker could exploit this by sending numerous malformed tokens, leading to memory exhaustion and a Denial of Service. Version 4.0.5 fixes this issue. As a workaround, applications could pre-validate that payloads passed to Go JOSE do not contain an excessive number of `.` characters.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:podman-4.9.5-3.1.aarch64",
"SUSE Linux Micro 6.0:podman-4.9.5-3.1.s390x",
"SUSE Linux Micro 6.0:podman-4.9.5-3.1.x86_64",
"SUSE Linux Micro 6.0:podman-docker-4.9.5-3.1.noarch",
"SUSE Linux Micro 6.0:podman-remote-4.9.5-3.1.aarch64",
"SUSE Linux Micro 6.0:podman-remote-4.9.5-3.1.s390x",
"SUSE Linux Micro 6.0:podman-remote-4.9.5-3.1.x86_64",
"SUSE Linux Micro 6.0:podmansh-4.9.5-3.1.aarch64",
"SUSE Linux Micro 6.0:podmansh-4.9.5-3.1.s390x",
"SUSE Linux Micro 6.0:podmansh-4.9.5-3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-27144",
"url": "https://www.suse.com/security/cve/CVE-2025-27144"
},
{
"category": "external",
"summary": "SUSE Bug 1237608 for CVE-2025-27144",
"url": "https://bugzilla.suse.com/1237608"
},
{
"category": "external",
"summary": "SUSE Bug 1237609 for CVE-2025-27144",
"url": "https://bugzilla.suse.com/1237609"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:podman-4.9.5-3.1.aarch64",
"SUSE Linux Micro 6.0:podman-4.9.5-3.1.s390x",
"SUSE Linux Micro 6.0:podman-4.9.5-3.1.x86_64",
"SUSE Linux Micro 6.0:podman-docker-4.9.5-3.1.noarch",
"SUSE Linux Micro 6.0:podman-remote-4.9.5-3.1.aarch64",
"SUSE Linux Micro 6.0:podman-remote-4.9.5-3.1.s390x",
"SUSE Linux Micro 6.0:podman-remote-4.9.5-3.1.x86_64",
"SUSE Linux Micro 6.0:podmansh-4.9.5-3.1.aarch64",
"SUSE Linux Micro 6.0:podmansh-4.9.5-3.1.s390x",
"SUSE Linux Micro 6.0:podmansh-4.9.5-3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:podman-4.9.5-3.1.aarch64",
"SUSE Linux Micro 6.0:podman-4.9.5-3.1.s390x",
"SUSE Linux Micro 6.0:podman-4.9.5-3.1.x86_64",
"SUSE Linux Micro 6.0:podman-docker-4.9.5-3.1.noarch",
"SUSE Linux Micro 6.0:podman-remote-4.9.5-3.1.aarch64",
"SUSE Linux Micro 6.0:podman-remote-4.9.5-3.1.s390x",
"SUSE Linux Micro 6.0:podman-remote-4.9.5-3.1.x86_64",
"SUSE Linux Micro 6.0:podmansh-4.9.5-3.1.aarch64",
"SUSE Linux Micro 6.0:podmansh-4.9.5-3.1.s390x",
"SUSE Linux Micro 6.0:podmansh-4.9.5-3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-12T10:31:01Z",
"details": "important"
}
],
"title": "CVE-2025-27144"
}
]
}
SUSE-SU-2025:20279-1
Vulnerability from csaf_suse - Published: 2025-04-22 13:50 - Updated: 2025-04-22 13:50Summary
Security update for podman
Severity
Important
Notes
Title of the patch: Security update for podman
Description of the patch: This update for podman fixes the following issues:
- CVE-2023-45288: Fixed closing connection when receiving too many headers (bsc#1236507).
- CVE-2024-11218: Fixed container breakout by using --jobs=2 and a race condition when building a malicious Containerfile (bsc#1236270).
- CVE-2025-22869: Fixed Denial of Service in the Key Exchange of golang.org/x/crypto/ssh (bsc#1239330).
- CVE-2025-27144: Fixed Go JOSE's Parsing Vulnerable to Denial of Service (bsc#1237641).
- CVE-2024-9407: Fixed Improper Input Validation in bind-propagation Option of Dockerfile RUN --mount Instruction (bsc#1231208).
- CVE-2024-3727: Fixed digest type (bsc#1224112).
- CVE-2024-1753: Fixed full container escape at build time (bsc#1221677).
Other fixes:
- Updated to version 5.2.5:
* RPM: remove dup Provides
* Packit: constrain koji and bodhi jobs to fedora package to avoid dupes
* Validate the bind-propagation option to `--mount`
* Updated Buildah to v1.37.4
* vendor: updated c/common to v0.60.4
* pkg/specgen: allow pasta when running inside userns
* libpod: convert owner IDs only with :idmap
* allow exposed sctp ports
* libpod: setupNetNS() correctly mount netns
* vendor: updated c/common to v0.60.3
* [skip-ci] Packit: split out ELN jobs and reuse fedora downstream targets
* [skip-ci] Packit: Enable sidetags for bodhi updates
* Updated gvisor-tap-vsock to 0.7.5
* CI: podman-machine: do not use cache registry
* [CI:DOCS] Add v5.2.2 lib updates to RELEASE_NOTES.md
* Update RELEASE_NOTES for v5.2.2
* [v5.2] Bump Buildah to v1.37.2, c/common v0.60.2, c/image v5.32.2
* [v5.2] golangci-lint: make darwin linting happy
* [v5.2] golangci-lint: make windows linting happy
* [v5.2] test/e2e: remove kernel version check
* [v5.2] golangci-lint: remove most skip dirs
* [v5.2] set !remote build tags where needed
* [v5.2] update golangci-lint to 1.60.1
* Packit: update targets for propose-downstream
* Create volume path before state initialization
* Update Cirrus DEST_BRANCH
* Bump to v5.2.2-dev
* Bump to v5.2.1
* Update release notes for v5.2.1
* [v5.2] Add zstd:chunked test fix
* [v5.2] Bump Buildah to v1.37.1, c/common v0.60.1, c/image v5.32.1
* libpod: reset state error on init
* libpod: do not save expected stop errors in ctr state
* libpod: fix broken saveContainerError()
* Bump to v5.2.1-dev
* Bump to v5.2.0
* Never skip checkout step in release workflow
* Bump to v5.2.0-dev
* Bump to v5.2.0-rc3
* Update release notes for v5.2.0-rc3
* Tweak versions in register_images.go
* fix network cleanup flake in play kube
* WIP: Fixes for vendoring Buildah
* Add --compat-volumes option to build and farm build
* Bump Buildah, c/storage, c/image, c/common
* libpod: bind ports before network setup
* pkg/api: do not leak config pointers into specgen
* build: Update gvisor-tap-vsock to 0.7.4
* test/system: fix borken pasta interface name checks
* test/system: fix bridge host.containers.internal test
* CI: system tests: instrument to allow failure analysis
* Use uploaded .zip for Windows action
* RPM: podman-iptables.conf only on Fedora
* Bump to v5.2.0-dev
* Bump to v5.2.0-rc2
* Update release notes for v5.2.0-rc2
* test/e2e: fix ncat tests
* libpod: add hidden env to set sqlite timeout
* Add support for StopSignal in quadlet .container files
* podman pod stats: fix race when ctr process exits
* Update module github.com/vbauerster/mpb/v8 to v8.7.4
* libpod: correctly capture healthcheck output
* Bump bundled krunkit to 0.1.2
* podman stats: fix race when ctr process exists
* nc -p considered harmful
* podman pod stats: fix pod rm race
* podman ps: fix racy pod name query
* system connection remove: use Args function to validate
* pkg/machine/compression: skip decompress bar for empty file
* nc -p considered harmful
* podman system df: fix fix ErrNoSuchCtr/Volume race
* podman auto-update: fix ErrNoSuchCtr race
* Fix name for builder in farm connection
* 700-play.bats: use unique pod/container/image/volume names
* safename: consistent within same test, and, dashes
* 700-kube.bats: refactor $PODMAN_TMPDIR/test.yaml
* 700-play.bats: eliminate $testYaml
* 700-play.bats: refactor clumsy yamlfile creation
* 700-play.bats: move _write_test_yaml up near top
* chore(deps): update dependency setuptools to v71
* Expand drop-in search paths * top-level (pod.d) * truncated (unit-.container.d)
* Remove references and checks for --gpus
* Do not crash on invalid filters
* fix(deps): update module github.com/rootless-containers/rootlesskit/v2 to v2.2.0
* Bump to v5.2.0-dev
* Bump to v5.2.0-rc1
* Keep the volume-driver flag deprecated
* Vendor in latest containers(common, storage,image, buildah)
* System tests: safe container/image/volume/etc names
* Implement disable default mounts via command line
* test: drop unmount for overlay
* test: gracefully terminate server
* libpod: shutdown Stop waits for handlers completion
* libpod: cleanup store at shutdown
* Add NetworkAlias= support to quadlet
* cmd: call shutdown handler stop function
* fix race conditions in start/attach logic
* swagger: exlude new docker network types
* vendor: bump c/storage
* update to docker 27
* contrib: use a distinct --pull-option= for each flag
* Update warning message when using external compose provider
* Update module github.com/cyphar/filepath-securejoin to v0.3.0
* Ignore result of EvalSymlinks on ENOENT
* test/upgrade: fix tests when netavark uses nftables
* test/system: fix network reload test with nftables
* test/e2e: rework some --expose tests
* test: remove publish tests from e2e
* CI: test nftables driver on fedora
* CI: use local registry, part 3 of 3: for developers
* CI: use local registry, part 2 of 3: fix tests
* CI: use local registry, part 1 of 3: setup
* CI: test composefs on rawhide
* chore(deps): update module google.golang.org/grpc to v1.64.1 [security]
* chore(deps): update dependency setuptools to ~=70.3.0
* Improve container filenname ambiguity.
* containers/attach: Note bug around goroutine leak
* Drop minikube CI test
* add libkrun test docs
* fix(deps): update module tags.cncf.io/container-device-interface to v0.8.0
* cirrus: check for header files in source code check
* pkg/machine/e2e: run debug command only for macos
* create runtime's worker queue before queuing any job
* test/system: fix pasta host.containers.internal test
* Visual Studio BuildTools as a MinGW alternative
* SetupRootless(): only reexec when needed
* pkg/rootless: simplify reexec for container code
* cirrus: add missing test/tools to danger files
* fix(deps): update module golang.org/x/tools to v0.23.0
* Windows Installer: switch to wix5
* fix(deps): update module golang.org/x/net to v0.27.0
* pkg/machine/e2e: print tests timings at the end
* pkg/machine/e2e: run debug commands after init
* pkg/machine/e2e: improve timeout handling
* libpod: first delete container then cidfile
* fix(deps): update module golang.org/x/term to v0.22.0
* System test fixes
* cirrus.yml: automatic skips based on source
* fix(deps): update module github.com/containers/ocicrypt to v1.2.0
* podman events: fix error race
* chore(deps): update dependency setuptools to ~=70.2.0
* fix(deps): update module github.com/gorilla/schema to v1.4.1 [security]
* Update CI VM images
* pkg/machine/e2e: fix broken cleanup
* pkg/machine/e2e: use tmp file for connections
* test/system: fix podman --image-volume to allow tmpfs storage
* CI: mount tmpfs for container storage
* docs: --network remove missing leading sentence
* specgen: parse devices even with privileged set
* vendor: update c/storage
* Remove the unused machine volume-driver
* feat(quadlet): log option handling
* Error when machine memory exceeds system memory
* machine: Always use --log-file with gvproxy
* CI: Build-Each-Commit test: run only on PRs
* Small fixes for testing libkrun
* Podman machine resets all providers
* Clearly indicate names w/ URLencoded duplicates
* [skip-ci] Packit: split rhel and centos-stream jobs
* apple virtiofs: fix racy mount setup
* cirrus: fix broken macos artifacts URL
* libpod/container_top_linux.c: fix missing header
* refactor(build): improve err when file specified by -f does not exist
* Minor: Remove unhelpful comment
* Update module github.com/openshift/imagebuilder to v1.2.11
* Minor: Rename the OSX Cross task
* [skip-ci] Remove conditionals from changelog
* podman top: join the container userns
* Run linting in parallel with building
* Fix missing Makefile target dependency
* build API: accept platform comma separated
* [skip-ci] RPM: create podman-machine subpackage
* ExitWithError() - more upgrades from Exit()
* test/e2e: remove podman system service tests
* cirrus: reduce int tests timeout
* cirrus: remove redundant skip logic
* pkg/machine/apple: machine stop timeout
* CI: logformatter: link to correct PR base
* Update module github.com/crc-org/crc/v2 to v2.38.0
* ExitWithError(): continued
* test/system: Add test steps for journald log check in quadlet
* restore: fix missing network setup
* podman run use pod userns even with --pod-id-file
* macos-installer: bundle krunkit
* remote API: fix pod top error reporting
* libpod API: return proper error status code for pod start
* fix #22233
* added check for `registry.IsRemote()`. and correct error message.
* fix #20686
* pkg/machine/e2e: Remove unnecessary copy of machine image.
* libpod: intermediate mount if UID not mapped into the userns
* libpod: avoid chowning the rundir to root in the userns
* libpod: do not chmod bind mounts
* libpod: unlock the thread if possible
* CI Cleanup: Remove cgroups v1 support
* ExitWithError() - more upgrades from Exit()
* remote: fix incorrect CONTAINER_CONNECTION parsing
* container: pass KillSignal and StopTimeout to the systemd scope
* libpod: fix comment
* e2e: test container restore in pod by name
* docs: Adds all PushImage supported paramters to openapi docs.
* systests: kube: bump up a timeout
* cirrus.yml: add CI:ALL mode to force all tests
* cirrus.yml: implement skips based on source changes
* CI VMs: bump
* restore: fix container restore into pod
* sqlite_state: Fix RewriteVolumeConfig
* chore(deps): update dependency setuptools to ~=70.1.0
* Quadlet - use specifier for unescaped values for templated container name
* cirrus: check for system test leaks in nightly
* test/system: check for leaks in teardown suite
* test/system: speed up basic_{setup,teardown}()
* test/system: fix up many tests that do not cleanup
* test/system: fix podman --authfile=nonexistent-path
* Update module github.com/containernetworking/plugins to v1.5.1
* Update module github.com/checkpoint-restore/checkpointctl to v1.2.1
* Update module github.com/spf13/cobra to v1.8.1
* Update module github.com/gorilla/schema to v1.4.0
* pkg/machine/wsl: force terminate wsl instance
* pkg/machine/wsl: wrap command errors
* [CI:DOCS] Quadlet - add note about relative path resolution
* CI: do not install python packages at runtime
* Release workflow: Include candidate descriptor
* Minor: Fix indentation in GHA release workflow
* GHA: Send release notification mail
* GHA: Validate release version number
* Remove references to --pull=true and --pull=false
* ExitWithError, continued
* podman: add new hidden flag --pull-option
* [CI:DOCS] Fix typos in podman-build
* infra: mark storageSet when imagestore is changed
* [CI:DOCS] Add jnovy as reviewer and approver
* fix(deps): update module google.golang.org/protobuf to v1.34.2
* refactor(machine,wsl): improve operations of Windows API
* --squash --layers=false should be allowed
* fix(deps): update module github.com/checkpoint-restore/checkpointctl to v1.2.0
* update golangci-lint to v1.59.1
* Rename master to main in CONTRIBUTING.md
* podman 5, pasta and inter-container networking
* libpod: do not resuse networking on start
* machine/linux: Switch to virtiofs by default
* machine/linux: Support virtiofs mounts (retain 9p default)
* machine/linux: Use memory-backend-memfd by default
* ExitWithError() - continued
* Enable libkrun provider to open a debug console
* Add new targets on Windows makefile (winmake.ps1)
* fix(deps): update module github.com/docker/docker to v26.1.4+incompatible
* fix(deps): update module github.com/crc-org/crc/v2 to v2.37.1
* fix(deps): update module golang.org/x/tools to v0.22.0
* fix(deps): update module golang.org/x/net to v0.26.0
* libpod: fix 'podman kube generate' on FreeBSD
* fix(deps): update module golang.org/x/sys to v0.21.0
* libpod: do not leak systemd hc startup unit timer
* vendor latest c/common
* pkg/rootless: set _CONTAINERS_USERNS_CONFIGURED correctly
* run bats -T, to profile timing hogs
* test/system: speed up podman ps --external
* test/system: speed up podman network connect/disconnect
* test/system: speed up podman network reload
* test/system: speed up quadlet - pod simple
* test/system: speed up podman parallel build should not race
* test/system: speed up podman cp dir from host to container
* test/system: speed up podman build - workdir, cmd, env, label
* test/system: speed up podman --log-level recognizes log levels
* test/system: remove obsolete debug in net connect/disconnect test
* test/system: speed up quadlet - basic
* test/system: speed up user namespace preserved root ownership
* System tests: add `podman system check` tests
* Add `podman system check` for checking storage consistency
* fix(deps): update module github.com/crc-org/crc/v2 to v2.37.0
* fix(libpod): add newline character to the end of container's hostname file
* fix(deps): update module github.com/openshift/imagebuilder to v1.2.10
* fix(deps): update github.com/containers/image/v5 digest to aa93504
* Fix 5.1 release note re: runlabel
* test/e2e: use local skopeo not image
* fix(deps): update golang.org/x/exp digest to fd00a4e
* [CI:DOCS] Add contrib/podmanimage/stable path back in repo
* chore(deps): update dependency requests to ~=2.32.3
* fix(deps): update github.com/containers/image/v5 digest to 2343e81
* libpod: do not move podman with --cgroups=disabled
* Update release notes on Main to v5.1.0
* test: look at the file base name
* tests: simplify expected output
* Sigh, new VMs again
* Fail earlier when no containers exist in stats
* Add Hyper-V option in windows installer
* libpod: cleanup default cache on system reset
* vendor: update c/image
* test/system: speed up kube generate tmpfs on /tmp
* test/system: speed up podman kube play tests
* test/system: speed up podman shell completion test
* test/system: simplify test signal handling in containers
* test/system: speed up podman container rm ...
* test/system: speed up podman ps - basic tests
* test/system: speed up read-only from containers.conf
* test/system: speed up podman logs - multi ...
* test/system: speed up podman run --name
* Debian: switch to crun
* test/system: speed up podman generate systemd - envar
* test/system: speed up podman-kube@.service template
* test/system: speed up kube play healthcheck initialDelaySeconds
* test/system: speed up exit-code propagation test
* test/system: speed up "podman run --timeout"
* test/system: fix slow kube play --wait with siginterrupt
* undo auto-formatting
* test/system: speed up podman events tests
* Quadlet: Add support for .build files
* test/system: speed up "podman auto-update using systemd"
* test/system: remove podman wait test
* tests: disable tests affected by a race condition
* update golangci-lint to v1.59.0
* kubernetes_support.md: Mark volumeMounts.subPath as supported
* working name of pod on start and stop
* fix(deps): update module github.com/onsi/ginkgo/v2 to v2.19.0
* Bump Buildah to v1.36.0
* fix(deps): update module github.com/burntsushi/toml to v1.4.0
* fix typo in Tutorials.rst
* Mac PM test: Require pre-installed rosetta
* test/e2e: fix new error message
* Add configuration for podmansh
* Update containers/common to latest main
* Only stop chowning volumes once they're not empty
* podman: fix --sdnotify=healthy with --rm
* libpod: wait another interval for healthcheck
* quadlet: Add a network requirement on .image units
* test, pasta: Ignore deprecated addresses in tests
* [CI:DOCS] performance: update network docs
* fix(deps): update module github.com/onsi/ginkgo/v2 to v2.18.0
* CI: disable minikube task
* [CI:DOCS] Fix windows action trigger
* chore(deps): update dependency setuptools to v70
* Check AppleHypervisor before accessing it
* fix(deps): update module github.com/containernetworking/plugins to v1.5.0
* [CI:DOCS] Update dependency golangci/golangci-lint to v1.58.2
* add podman-clean-transient.service service to rootless
* [CI:DOCS] Update podman network docs
* fix incorrect host.containers.internal entry for rootless bridge mode
* vendor latest c/common main
* Add Rosetta support for Apple Silicon mac
* bump main to 5.2.0-dev
* Use a defined constant instead of a hard-coded magic value
* cirrus: use faster VM's for integration tests
* fix(deps): update github.com/containers/gvisor-tap-vsock digest to 01a1a0c
* [CI:DOCS] Fix Mac pkg link
* test: remove test_podman* scripts
* test/system: fix documentation
* Return StatusNotFound when multiple volumes matching occurs
* container_api: do not wait for healtchecks if stopped
* libpod: wait for healthy on main thread
* `podman events`: check for an error after we finish reading events
* remote API: restore v4 payload in container inspect
* Fix updating connection when SSH port conflict happens
* rootless: fix reexec to use /proc/self/exe
* ExitWithError() - enforce required exit status & stderr
* ExitWithError() - a few that I missed
* [skip-ci] Packit: use only one value for `packages` key for `trigger: commit` copr builds
* Revert "Temporarily disable rootless debian e2e testing"
* CI tests: enforce TMPDIR on tmpfs
* use new CI images with tmpfs /tmp
* run e2e test on tmpfs
* Update module github.com/crc-org/crc/v2 to v2.36.0
* [CI:DOCS] Use checkout@v4 in GH Actions
* ExitWithError() - rmi_test
* ExitWithError() - more r files
* ExitWithError() - s files
* ExitWithError() - more run_xxx tests
* Fix podman-remote support for `podman farm build`
* [CI:DOCS] Trigger windows installer action properly
* Revert "container stop: kill conmon"
* Ensure that containers do not get stuck in stopping
* [CI:DOCS] Improvements to make validatepr
* ExitWithError() - rest of the p files
* [CI:DOCS] Update dependency golangci/golangci-lint to v1.58.1
* Graceful shutdown during podman kube down
* Remove duplicate call
* test/system: fix broken "podman volume globs" test
* Quadlet/Container: Add GroupAdd option
* Don't panic if a runtime was configured without paths
* update c/{buildah,common,image,storage} to latest main
* update golangci-lint to 1.58
* machine: Add LibKrun provider detection
* ExitWithError() - continue tightening
* fix(deps): update module google.golang.org/protobuf to v1.34.1
* test: improve test for powercap presence
* fix(deps): update module github.com/onsi/ginkgo/v2 to v2.17.3
* fix(deps): update module go.etcd.io/bbolt to v1.3.10
* fix(deps): update module golang.org/x/tools to v0.21.0
* [skip-ci] RPM: `bats` required only on Fedora
* fix(deps): update module golang.org/x/exp to v0.0.0-20240506185415-9bf2ced13842
* gpdate and remove parameter settings in `.golangci.yml`
* ExitWithError() - play_kube_test.go
* Temporarily disable rootless debian e2e testing
* fix(deps): update module golang.org/x/crypto to v0.23.0
* CI Docs: Clarify passthrough_envars() comments
* Skip machine tests if they don't need to be run
* Update CI VMs to F40, F39, D13
* ExitWithError() - v files
* Update module golang.org/x/term to v0.20.0
* machine: Add provider detection API
* util: specify a not empty pause dir for root too
* Add missing option 'healthy' to output of `podman run --help`
* [CI:DOCS] Add info on the quay.io images to the README.md
* Add a random suffix to healthcheck unit names
* test/e2e: remove toolbox image
* Also substitute $HOME in runlabel with user's homedir
* Update module github.com/cyphar/filepath-securejoin to v0.2.5
* Change tmpDir for macOS
* ExitWithError() - pod_xxx tests
* ExitWithError() -- run_test.go
* Update module golang.org/x/exp to v0.0.0-20240416160154-fe59bbe5cc7f
* Update module github.com/shirou/gopsutil/v3 to v3.24.4
* Update module github.com/docker/docker to v26.1.1+incompatible
* GHA: Attempt fix exceeded a secondary rate limit
* vendor ginkgo 2.17.2 into test/tools
* Fix machine volumes with long path and paths with dashes
* Update module google.golang.org/protobuf to v1.34.0
* Update module github.com/crc-org/crc/v2 to v2.35.0
* Update module github.com/onsi/gomega to v1.33.1
* test/e2e: podman unshare image mount fix tmpdir leak
* test/e2e: do not leak /tmp/private_file
* test/e2e: "persistentVolumeClaim with source" do not leak file
* e2e tests: use /var/tmp, not $TMPDIR, as workdirs
* Update dependency pytest to v8.1.2
* Remove unncessary lines at the end of specfile summary
* Clean machine pull cache
* Add krun support to podman machine
* Use custom image for make validatepr
* test/e2e: force systemd cgroup manager
* e2e and bindings tests: fix $PATH setup
* Makefile: remove useless HACK variable in e2e test
* test/e2e: fix volumes and suid/dev/exec options
* test/e2e: volumes and suid/dev/exec options works remote
* test/e2e: fix limits test
* Update module github.com/rootless-containers/rootlesskit/v2 to v2.1.0
* Correct option name `ip` -> `ip6`
* Add the ability to automount images as volumes via play
* Add support for image volume subpaths
* Bump Buildah to latest main
* Update Makefile to Go 1.22 for in-container
* ExitWithError() - yet more low-hanging fruit
* ExitWithError() - more low-hanging fruit
* ExitWithError() - low-hanging fruit
* chore: fix function names in comment
* Remove redundant Prerequisite before build section
* Remove PKG_CONFIG_PATH
* Add installation instructions for openSUSE
* Replace golang.org/x/exp/slices with slices from std
* Update to go 1.21
* fix(deps): update module github.com/docker/docker to v26.1.0+incompatible
* [CI:DOCS] Fix artifact action
* [skip-ci] Packit/rpm: remove el8 jobs and spec conditionals
* e2e tests: stop littering
* [CI:DOCS] format podman-pull example as code
* [CI:DOCS] Build & upload release artifacts with GitHub Actions
* libpod: getHealthCheckLog() remove unessesary check
* add containers.conf healthcheck_events support
* vendor latest c/common
* libpod: make healthcheck events more efficient
* libpod: wrap store setup error message
* [skip-ci] Packit: enable CentOS 10 Stream build jobs
* pkg/systemd: use fileutils.(Le|E)xists
* pkg/bindings: use fileutils.(Le|E)xists
* pkg/util: use fileutils.(Le|E)xists
* pkg/trust: use fileutils.(Le|E)xists
* pkg/specgen: use fileutils.(Le|E)xists
* pkg/rootless: use fileutils.(Le|E)xists
* pkg/machine: use fileutils.(Le|E)xists
* pkg/domain: use fileutils.(Le|E)xists
* pkg/api: use fileutils.(Le|E)xists
* libpod: use fileutils.(Le|E)xists
* cmd: use fileutils.(Le|E)xists
* vendor: update containers/{buildah,common,image,storage}
* fix(deps): update module github.com/docker/docker to v26.0.2+incompatible [security]
* fix podman-pod-restart.1.md typo
* [skip-ci] Packit: switch to EPEL instead of centos-stream+epel-next
* fix(deps): update module github.com/onsi/gomega to v1.33.0
* Add more annnotation information to podman kupe play man page
* test/compose: remove compose v1 code
* CI: remove compose v1 tests
* fix: close resource file
* [CI:DOCS] Fix windows installer action
* fix(deps): update module tags.cncf.io/container-device-interface to v0.7.2
* add `list` as an alias to list networks
* Add support for updating restart policy
* Add Compat API for Update
* Make `podman update` changes persistent
* Emergency fix (well, skip) for failing bud tests
* fix swagger doc for manifest create
* [CI:DOCS] options/network: fix markdown lists
* Makefile: do not hardcode `GOOS` in `podman-remote-static` target
* chore(deps): update module golang.org/x/crypto to v0.17.0 [security]
* chore(deps): update dependency setuptools to ~=69.5.0
* Fix some comments
* swagger fix infinitive recursion on some types
* install swagger from source
* Revert "Swap out javascript engine"
* podman exec CID without command should exit 125
* (minor) prefetch systemd image before use
* Update go-swagger version
* Swap out javascript engine
* fix(deps): update module github.com/docker/docker to v26.0.1+incompatible
* Add os, arch, and ismanifest to libpod image list
* [CI:DOCS]Initial PR validation
* fix(deps): update github.com/containers/gvisor-tap-vsock digest to d744d71
* vendor ginkgo 2.17.1 into test/tools
* fix "concurrent map writes" in network ls compat endpoint
* chore(deps): update dependency pytest to v8
* e2e: redefine ExitWithError() to require exit code
* docs: fix missleading run/create --expose description
* podman ps: show exposed ports under PORTS as well
* rootless: drop function ReadMappingsProc
* fix(deps): update module github.com/vbauerster/mpb/v8 to v8.7.3
* New CI VMs, to give us pasta 2024-04-05
* Add big warning to GHA workflow
* GHA: Fix intermittent workflow error
* fix(deps): update module golang.org/x/tools to v0.20.0
* e2e tests: remove requirement for fuse-overlayfs
* docs: update Quadlet volume Options desc
* fix(deps): update module golang.org/x/sync to v0.7.0
* Fix relabeling failures with Z/z volumes on Mac
* fix(deps): update module golang.org/x/net to v0.24.0
* Makefile: fix annoying errors in docs generation
* chore: fix function names in comment
* Bump tags.cncf.io/container-device-interface to v0.7.1
* fix(deps): update module golang.org/x/crypto to v0.22.0
* Detect unhandled reboots and require user intervention
* podman --runroot: remove 50 char length restriction
* update github.com/rootless-containers/rootlesskit to v2
* Update module github.com/gorilla/schema to v1.3.0
* Update dependency requests-mock to ~=1.12.1
* Update module github.com/crc-org/crc/v2 to v2.34.1
* rm --force work for more than one arg
* [CI:DOCS] Update kube docs
* fix(deps): update module github.com/shirou/gopsutil/v3 to v3.24.3
* [CI:DOCS] Add GitHub action to update version on Podman.io
* [CI:DOCS] Update dependency golangci/golangci-lint to v1.57.2
* Windows: clean up temporary perl install
* pkg/util: FindDeviceNodes() ignore ENOENT errors
* [CI:DOCS] build deps: make-validate needs docs
* test/system: add rootless-netns test for setup errors
* vendor latest c/common main
* container: do not chown to dest target with U
* [CI:DOCS] golangci-lint: update deprecated flags
* systests: conditionalize slirp4netns tests
* CI: systests: instrument flaky tests
* s3fs docs
* test: do not skip tests under rootless
* Add note about host networking to Kube PublishPort option
* Inject additional build tags from the environment
* libpod: use original IDs if idmap is provided
* Switch back to checking out the same branch the action script runs in
* docs/podman-login: Give an example of writing the persistent path
* CI: Bump VMs to 2024-03-28
* [skip-ci] Update dawidd6/action-send-mail action to v3.12.0
* fix(deps): update module github.com/openshift/imagebuilder to v1.2.7
* Fix reference to deprecated types.Info
* Use logformatter for podman_machine_windows_task
* applehv: Print vfkit logs in --log-level debug
* [CI:DOCS]Add Mario to reviewers list
* [CI:DOCS] Document CI-maintenance job addition
* Add golang 1.21 update warning
* Add rootless network command to `podman info`
* libpod: don't warn about cgroupsv1 on FreeBSD
* hyperv: error if not admin
* Properly parse stderr when updating container status
* [skip-ci] Packit: specify fedora-latest in propose-downstream
* Use built-in ssh impl for all non-pty operations
* Add support for annotations
* hyperv: fix machine rm -r
* [skip-ci] Packit: Enable CentOS Stream 10 update job
* 5.0 release note fix typo in cgroupv1 env var
* fix remote build isolation on client side
* chore: remove repetitive words
* Dont save remote context in temp file but stream and extract
* fix remote build isolation when server runs as root
* util: use private propagation with bind
* util: add some tests for ProcessOptions
* util: refactor ProcessOptions into an internal function
* util: rename files to snake case
* Add LoongArch support for libpod
* fix(deps): update github.com/containers/common digest to bc5f97c
* [CI:DOCS] Update dependency golangci/golangci-lint to v1.57.1
* fix(deps): update module github.com/docker/docker to v25.0.5+incompatible [security]
* fix(deps): update module github.com/onsi/gomega to v1.32.0
* [CI:DOCS] Update dependency golangci/golangci-lint to v1.57.0
* Update module github.com/cpuguy83/go-md2man/v2 to v2.0.4
* Fix type-o
* Use correct extension in suite
* minikube: instrument tests, to allow debugging failures
* libpod: restart always reconfigure the netns
* use new c/common pasta2 setup logic to fix dns
* utils: drop conversion float->string->float
* utils: do not generate duplicate range
* logformatter: handle Windows logs
* utils: add test for the new function
* utils: move rootless code to a new function
* xref-helpmsgs-manpages: cross-check Commands.rst
* test/system: Add support for multipath routes in pasta networking tests
* [skip-ci] rpm: use macro supported vendoring
* Adjust to the standard location of gvforwarder used in new images
* Makefile: add target `podman-remote-static`
* Switch to 5.x WSL machine os stream using new automation
* Cleanup build scratch dir if remote end disconnects while passing the context
* bump main to 5.1.0-dev
* Use faster gzip for compression for 3x speedup for sending large contexts to remote
* pkg/machine: make checkExclusiveActiveVM race free
* pkg/machine/wsl: remove unused CheckExclusiveActiveVM()
* pkg/machine: CheckExclusiveActiveVM should also check for starting
* pkg/machine: refresh config after we hold lock
* Update dependency setuptools to ~=69.2.0
* [skip-ci] rpm: update containers-common dep on f40+
* fix invalid HTTP header values when hijacking a connection
* Add doc to build podman on windows without MSYS
* Removing CRI-O related annotations
* fix(deps): update module github.com/containers/ocicrypt to v1.1.10
* Pass the restart policy to the individual containers
* kube play: always pull when both imagePullPolicy and tag are missing
Patchnames: SUSE-SLE-Micro-6.1-76
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.3 (Medium)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-docker-5.2.5-slfo.1.1_1.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.7 (High)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-docker-5.2.5-slfo.1.1_1.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.6 (High)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-docker-5.2.5-slfo.1.1_1.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.3 (High)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-docker-5.2.5-slfo.1.1_1.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.3 (Medium)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-docker-5.2.5-slfo.1.1_1.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-docker-5.2.5-slfo.1.1_1.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-docker-5.2.5-slfo.1.1_1.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
33 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for podman",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for podman fixes the following issues:\n\n- CVE-2023-45288: Fixed closing connection when receiving too many headers (bsc#1236507).\n- CVE-2024-11218: Fixed container breakout by using --jobs=2 and a race condition when building a malicious Containerfile (bsc#1236270).\n- CVE-2025-22869: Fixed Denial of Service in the Key Exchange of golang.org/x/crypto/ssh (bsc#1239330).\n- CVE-2025-27144: Fixed Go JOSE\u0027s Parsing Vulnerable to Denial of Service (bsc#1237641).\n- CVE-2024-9407: Fixed Improper Input Validation in bind-propagation Option of Dockerfile RUN --mount Instruction (bsc#1231208).\n- CVE-2024-3727: Fixed digest type (bsc#1224112).\n- CVE-2024-1753: Fixed full container escape at build time (bsc#1221677). \n\nOther fixes:\n- Updated to version 5.2.5:\n * RPM: remove dup Provides\n * Packit: constrain koji and bodhi jobs to fedora package to avoid dupes\n * Validate the bind-propagation option to `--mount`\n * Updated Buildah to v1.37.4\n * vendor: updated c/common to v0.60.4\n * pkg/specgen: allow pasta when running inside userns\n * libpod: convert owner IDs only with :idmap\n * allow exposed sctp ports\n * libpod: setupNetNS() correctly mount netns\n * vendor: updated c/common to v0.60.3\n * [skip-ci] Packit: split out ELN jobs and reuse fedora downstream targets\n * [skip-ci] Packit: Enable sidetags for bodhi updates\n * Updated gvisor-tap-vsock to 0.7.5\n * CI: podman-machine: do not use cache registry\n * [CI:DOCS] Add v5.2.2 lib updates to RELEASE_NOTES.md\n * Update RELEASE_NOTES for v5.2.2\n * [v5.2] Bump Buildah to v1.37.2, c/common v0.60.2, c/image v5.32.2\n * [v5.2] golangci-lint: make darwin linting happy\n * [v5.2] golangci-lint: make windows linting happy\n * [v5.2] test/e2e: remove kernel version check\n * [v5.2] golangci-lint: remove most skip dirs\n * [v5.2] set !remote build tags where needed\n * [v5.2] update golangci-lint to 1.60.1\n * Packit: update targets for propose-downstream\n * Create volume path before state initialization\n * Update Cirrus DEST_BRANCH\n * Bump to v5.2.2-dev\n * Bump to v5.2.1\n * Update release notes for v5.2.1\n * [v5.2] Add zstd:chunked test fix\n * [v5.2] Bump Buildah to v1.37.1, c/common v0.60.1, c/image v5.32.1\n * libpod: reset state error on init\n * libpod: do not save expected stop errors in ctr state\n * libpod: fix broken saveContainerError()\n * Bump to v5.2.1-dev\n * Bump to v5.2.0\n * Never skip checkout step in release workflow\n * Bump to v5.2.0-dev\n * Bump to v5.2.0-rc3\n * Update release notes for v5.2.0-rc3\n * Tweak versions in register_images.go\n * fix network cleanup flake in play kube\n * WIP: Fixes for vendoring Buildah\n * Add --compat-volumes option to build and farm build\n * Bump Buildah, c/storage, c/image, c/common\n * libpod: bind ports before network setup\n * pkg/api: do not leak config pointers into specgen\n * build: Update gvisor-tap-vsock to 0.7.4\n * test/system: fix borken pasta interface name checks\n * test/system: fix bridge host.containers.internal test\n * CI: system tests: instrument to allow failure analysis\n * Use uploaded .zip for Windows action\n * RPM: podman-iptables.conf only on Fedora\n * Bump to v5.2.0-dev\n * Bump to v5.2.0-rc2\n * Update release notes for v5.2.0-rc2\n * test/e2e: fix ncat tests\n * libpod: add hidden env to set sqlite timeout\n * Add support for StopSignal in quadlet .container files\n * podman pod stats: fix race when ctr process exits\n * Update module github.com/vbauerster/mpb/v8 to v8.7.4\n * libpod: correctly capture healthcheck output\n * Bump bundled krunkit to 0.1.2\n * podman stats: fix race when ctr process exists\n * nc -p considered harmful\n * podman pod stats: fix pod rm race\n * podman ps: fix racy pod name query\n * system connection remove: use Args function to validate\n * pkg/machine/compression: skip decompress bar for empty file\n * nc -p considered harmful\n * podman system df: fix fix ErrNoSuchCtr/Volume race\n * podman auto-update: fix ErrNoSuchCtr race\n * Fix name for builder in farm connection\n * 700-play.bats: use unique pod/container/image/volume names\n * safename: consistent within same test, and, dashes\n * 700-kube.bats: refactor $PODMAN_TMPDIR/test.yaml\n * 700-play.bats: eliminate $testYaml\n * 700-play.bats: refactor clumsy yamlfile creation\n * 700-play.bats: move _write_test_yaml up near top\n * chore(deps): update dependency setuptools to v71\n * Expand drop-in search paths * top-level (pod.d) * truncated (unit-.container.d)\n * Remove references and checks for --gpus\n * Do not crash on invalid filters\n * fix(deps): update module github.com/rootless-containers/rootlesskit/v2 to v2.2.0\n * Bump to v5.2.0-dev\n * Bump to v5.2.0-rc1\n * Keep the volume-driver flag deprecated\n * Vendor in latest containers(common, storage,image, buildah)\n * System tests: safe container/image/volume/etc names\n * Implement disable default mounts via command line\n * test: drop unmount for overlay\n * test: gracefully terminate server\n * libpod: shutdown Stop waits for handlers completion\n * libpod: cleanup store at shutdown\n * Add NetworkAlias= support to quadlet\n * cmd: call shutdown handler stop function\n * fix race conditions in start/attach logic\n * swagger: exlude new docker network types\n * vendor: bump c/storage\n * update to docker 27\n * contrib: use a distinct --pull-option= for each flag\n * Update warning message when using external compose provider\n * Update module github.com/cyphar/filepath-securejoin to v0.3.0\n * Ignore result of EvalSymlinks on ENOENT\n * test/upgrade: fix tests when netavark uses nftables\n * test/system: fix network reload test with nftables\n * test/e2e: rework some --expose tests\n * test: remove publish tests from e2e\n * CI: test nftables driver on fedora\n * CI: use local registry, part 3 of 3: for developers\n * CI: use local registry, part 2 of 3: fix tests\n * CI: use local registry, part 1 of 3: setup\n * CI: test composefs on rawhide\n * chore(deps): update module google.golang.org/grpc to v1.64.1 [security]\n * chore(deps): update dependency setuptools to ~=70.3.0\n * Improve container filenname ambiguity.\n * containers/attach: Note bug around goroutine leak\n * Drop minikube CI test\n * add libkrun test docs\n * fix(deps): update module tags.cncf.io/container-device-interface to v0.8.0\n * cirrus: check for header files in source code check\n * pkg/machine/e2e: run debug command only for macos\n * create runtime\u0027s worker queue before queuing any job\n * test/system: fix pasta host.containers.internal test\n * Visual Studio BuildTools as a MinGW alternative\n * SetupRootless(): only reexec when needed\n * pkg/rootless: simplify reexec for container code\n * cirrus: add missing test/tools to danger files\n * fix(deps): update module golang.org/x/tools to v0.23.0\n * Windows Installer: switch to wix5\n * fix(deps): update module golang.org/x/net to v0.27.0\n * pkg/machine/e2e: print tests timings at the end\n * pkg/machine/e2e: run debug commands after init\n * pkg/machine/e2e: improve timeout handling\n * libpod: first delete container then cidfile\n * fix(deps): update module golang.org/x/term to v0.22.0\n * System test fixes\n * cirrus.yml: automatic skips based on source\n * fix(deps): update module github.com/containers/ocicrypt to v1.2.0\n * podman events: fix error race\n * chore(deps): update dependency setuptools to ~=70.2.0\n * fix(deps): update module github.com/gorilla/schema to v1.4.1 [security]\n * Update CI VM images\n * pkg/machine/e2e: fix broken cleanup\n * pkg/machine/e2e: use tmp file for connections\n * test/system: fix podman --image-volume to allow tmpfs storage\n * CI: mount tmpfs for container storage\n * docs: --network remove missing leading sentence\n * specgen: parse devices even with privileged set\n * vendor: update c/storage\n * Remove the unused machine volume-driver\n * feat(quadlet): log option handling\n * Error when machine memory exceeds system memory\n * machine: Always use --log-file with gvproxy\n * CI: Build-Each-Commit test: run only on PRs\n * Small fixes for testing libkrun\n * Podman machine resets all providers\n * Clearly indicate names w/ URLencoded duplicates\n * [skip-ci] Packit: split rhel and centos-stream jobs\n * apple virtiofs: fix racy mount setup\n * cirrus: fix broken macos artifacts URL\n * libpod/container_top_linux.c: fix missing header\n * refactor(build): improve err when file specified by -f does not exist\n * Minor: Remove unhelpful comment\n * Update module github.com/openshift/imagebuilder to v1.2.11\n * Minor: Rename the OSX Cross task\n * [skip-ci] Remove conditionals from changelog\n * podman top: join the container userns\n * Run linting in parallel with building\n * Fix missing Makefile target dependency\n * build API: accept platform comma separated\n * [skip-ci] RPM: create podman-machine subpackage\n * ExitWithError() - more upgrades from Exit()\n * test/e2e: remove podman system service tests\n * cirrus: reduce int tests timeout\n * cirrus: remove redundant skip logic\n * pkg/machine/apple: machine stop timeout\n * CI: logformatter: link to correct PR base\n * Update module github.com/crc-org/crc/v2 to v2.38.0\n * ExitWithError(): continued\n * test/system: Add test steps for journald log check in quadlet\n * restore: fix missing network setup\n * podman run use pod userns even with --pod-id-file\n * macos-installer: bundle krunkit\n * remote API: fix pod top error reporting\n * libpod API: return proper error status code for pod start\n * fix #22233\n * added check for `registry.IsRemote()`. and correct error message.\n * fix #20686\n * pkg/machine/e2e: Remove unnecessary copy of machine image.\n * libpod: intermediate mount if UID not mapped into the userns\n * libpod: avoid chowning the rundir to root in the userns\n * libpod: do not chmod bind mounts\n * libpod: unlock the thread if possible\n * CI Cleanup: Remove cgroups v1 support\n * ExitWithError() - more upgrades from Exit()\n * remote: fix incorrect CONTAINER_CONNECTION parsing\n * container: pass KillSignal and StopTimeout to the systemd scope\n * libpod: fix comment\n * e2e: test container restore in pod by name\n * docs: Adds all PushImage supported paramters to openapi docs.\n * systests: kube: bump up a timeout\n * cirrus.yml: add CI:ALL mode to force all tests\n * cirrus.yml: implement skips based on source changes\n * CI VMs: bump\n * restore: fix container restore into pod\n * sqlite_state: Fix RewriteVolumeConfig\n * chore(deps): update dependency setuptools to ~=70.1.0\n * Quadlet - use specifier for unescaped values for templated container name\n * cirrus: check for system test leaks in nightly\n * test/system: check for leaks in teardown suite\n * test/system: speed up basic_{setup,teardown}()\n * test/system: fix up many tests that do not cleanup\n * test/system: fix podman --authfile=nonexistent-path\n * Update module github.com/containernetworking/plugins to v1.5.1\n * Update module github.com/checkpoint-restore/checkpointctl to v1.2.1\n * Update module github.com/spf13/cobra to v1.8.1\n * Update module github.com/gorilla/schema to v1.4.0\n * pkg/machine/wsl: force terminate wsl instance\n * pkg/machine/wsl: wrap command errors\n * [CI:DOCS] Quadlet - add note about relative path resolution\n * CI: do not install python packages at runtime\n * Release workflow: Include candidate descriptor\n * Minor: Fix indentation in GHA release workflow\n * GHA: Send release notification mail\n * GHA: Validate release version number\n * Remove references to --pull=true and --pull=false\n * ExitWithError, continued\n * podman: add new hidden flag --pull-option\n * [CI:DOCS] Fix typos in podman-build\n * infra: mark storageSet when imagestore is changed\n * [CI:DOCS] Add jnovy as reviewer and approver\n * fix(deps): update module google.golang.org/protobuf to v1.34.2\n * refactor(machine,wsl): improve operations of Windows API\n * --squash --layers=false should be allowed\n * fix(deps): update module github.com/checkpoint-restore/checkpointctl to v1.2.0\n * update golangci-lint to v1.59.1\n * Rename master to main in CONTRIBUTING.md\n * podman 5, pasta and inter-container networking\n * libpod: do not resuse networking on start\n * machine/linux: Switch to virtiofs by default\n * machine/linux: Support virtiofs mounts (retain 9p default)\n * machine/linux: Use memory-backend-memfd by default\n * ExitWithError() - continued\n * Enable libkrun provider to open a debug console\n * Add new targets on Windows makefile (winmake.ps1)\n * fix(deps): update module github.com/docker/docker to v26.1.4+incompatible\n * fix(deps): update module github.com/crc-org/crc/v2 to v2.37.1\n * fix(deps): update module golang.org/x/tools to v0.22.0\n * fix(deps): update module golang.org/x/net to v0.26.0\n * libpod: fix \u0027podman kube generate\u0027 on FreeBSD\n * fix(deps): update module golang.org/x/sys to v0.21.0\n * libpod: do not leak systemd hc startup unit timer\n * vendor latest c/common\n * pkg/rootless: set _CONTAINERS_USERNS_CONFIGURED correctly\n * run bats -T, to profile timing hogs\n * test/system: speed up podman ps --external\n * test/system: speed up podman network connect/disconnect\n * test/system: speed up podman network reload\n * test/system: speed up quadlet - pod simple\n * test/system: speed up podman parallel build should not race\n * test/system: speed up podman cp dir from host to container\n * test/system: speed up podman build - workdir, cmd, env, label\n * test/system: speed up podman --log-level recognizes log levels\n * test/system: remove obsolete debug in net connect/disconnect test\n * test/system: speed up quadlet - basic\n * test/system: speed up user namespace preserved root ownership\n * System tests: add `podman system check` tests\n * Add `podman system check` for checking storage consistency\n * fix(deps): update module github.com/crc-org/crc/v2 to v2.37.0\n * fix(libpod): add newline character to the end of container\u0027s hostname file\n * fix(deps): update module github.com/openshift/imagebuilder to v1.2.10\n * fix(deps): update github.com/containers/image/v5 digest to aa93504\n * Fix 5.1 release note re: runlabel\n * test/e2e: use local skopeo not image\n * fix(deps): update golang.org/x/exp digest to fd00a4e\n * [CI:DOCS] Add contrib/podmanimage/stable path back in repo\n * chore(deps): update dependency requests to ~=2.32.3\n * fix(deps): update github.com/containers/image/v5 digest to 2343e81\n * libpod: do not move podman with --cgroups=disabled\n * Update release notes on Main to v5.1.0\n * test: look at the file base name\n * tests: simplify expected output\n * Sigh, new VMs again\n * Fail earlier when no containers exist in stats\n * Add Hyper-V option in windows installer\n * libpod: cleanup default cache on system reset\n * vendor: update c/image\n * test/system: speed up kube generate tmpfs on /tmp\n * test/system: speed up podman kube play tests\n * test/system: speed up podman shell completion test\n * test/system: simplify test signal handling in containers\n * test/system: speed up podman container rm ...\n * test/system: speed up podman ps - basic tests\n * test/system: speed up read-only from containers.conf\n * test/system: speed up podman logs - multi ...\n * test/system: speed up podman run --name\n * Debian: switch to crun\n * test/system: speed up podman generate systemd - envar\n * test/system: speed up podman-kube@.service template\n * test/system: speed up kube play healthcheck initialDelaySeconds\n * test/system: speed up exit-code propagation test\n * test/system: speed up \"podman run --timeout\"\n * test/system: fix slow kube play --wait with siginterrupt\n * undo auto-formatting\n * test/system: speed up podman events tests\n * Quadlet: Add support for .build files\n * test/system: speed up \"podman auto-update using systemd\"\n * test/system: remove podman wait test\n * tests: disable tests affected by a race condition\n * update golangci-lint to v1.59.0\n * kubernetes_support.md: Mark volumeMounts.subPath as supported\n * working name of pod on start and stop\n * fix(deps): update module github.com/onsi/ginkgo/v2 to v2.19.0\n * Bump Buildah to v1.36.0\n * fix(deps): update module github.com/burntsushi/toml to v1.4.0\n * fix typo in Tutorials.rst\n * Mac PM test: Require pre-installed rosetta\n * test/e2e: fix new error message\n * Add configuration for podmansh\n * Update containers/common to latest main\n * Only stop chowning volumes once they\u0027re not empty\n * podman: fix --sdnotify=healthy with --rm\n * libpod: wait another interval for healthcheck\n * quadlet: Add a network requirement on .image units\n * test, pasta: Ignore deprecated addresses in tests\n * [CI:DOCS] performance: update network docs\n * fix(deps): update module github.com/onsi/ginkgo/v2 to v2.18.0\n * CI: disable minikube task\n * [CI:DOCS] Fix windows action trigger\n * chore(deps): update dependency setuptools to v70\n * Check AppleHypervisor before accessing it\n * fix(deps): update module github.com/containernetworking/plugins to v1.5.0\n * [CI:DOCS] Update dependency golangci/golangci-lint to v1.58.2\n * add podman-clean-transient.service service to rootless\n * [CI:DOCS] Update podman network docs\n * fix incorrect host.containers.internal entry for rootless bridge mode\n * vendor latest c/common main\n * Add Rosetta support for Apple Silicon mac\n * bump main to 5.2.0-dev\n * Use a defined constant instead of a hard-coded magic value\n * cirrus: use faster VM\u0027s for integration tests\n * fix(deps): update github.com/containers/gvisor-tap-vsock digest to 01a1a0c\n * [CI:DOCS] Fix Mac pkg link\n * test: remove test_podman* scripts\n * test/system: fix documentation\n * Return StatusNotFound when multiple volumes matching occurs\n * container_api: do not wait for healtchecks if stopped\n * libpod: wait for healthy on main thread\n * `podman events`: check for an error after we finish reading events\n * remote API: restore v4 payload in container inspect\n * Fix updating connection when SSH port conflict happens\n * rootless: fix reexec to use /proc/self/exe\n * ExitWithError() - enforce required exit status \u0026 stderr\n * ExitWithError() - a few that I missed\n * [skip-ci] Packit: use only one value for `packages` key for `trigger: commit` copr builds\n * Revert \"Temporarily disable rootless debian e2e testing\"\n * CI tests: enforce TMPDIR on tmpfs\n * use new CI images with tmpfs /tmp\n * run e2e test on tmpfs\n * Update module github.com/crc-org/crc/v2 to v2.36.0\n * [CI:DOCS] Use checkout@v4 in GH Actions\n * ExitWithError() - rmi_test\n * ExitWithError() - more r files\n * ExitWithError() - s files\n * ExitWithError() - more run_xxx tests\n * Fix podman-remote support for `podman farm build`\n * [CI:DOCS] Trigger windows installer action properly\n * Revert \"container stop: kill conmon\"\n * Ensure that containers do not get stuck in stopping\n * [CI:DOCS] Improvements to make validatepr\n * ExitWithError() - rest of the p files\n * [CI:DOCS] Update dependency golangci/golangci-lint to v1.58.1\n * Graceful shutdown during podman kube down\n * Remove duplicate call\n * test/system: fix broken \"podman volume globs\" test\n * Quadlet/Container: Add GroupAdd option\n * Don\u0027t panic if a runtime was configured without paths\n * update c/{buildah,common,image,storage} to latest main\n * update golangci-lint to 1.58\n * machine: Add LibKrun provider detection\n * ExitWithError() - continue tightening\n * fix(deps): update module google.golang.org/protobuf to v1.34.1\n * test: improve test for powercap presence\n * fix(deps): update module github.com/onsi/ginkgo/v2 to v2.17.3\n * fix(deps): update module go.etcd.io/bbolt to v1.3.10\n * fix(deps): update module golang.org/x/tools to v0.21.0\n * [skip-ci] RPM: `bats` required only on Fedora\n * fix(deps): update module golang.org/x/exp to v0.0.0-20240506185415-9bf2ced13842\n * gpdate and remove parameter settings in `.golangci.yml`\n * ExitWithError() - play_kube_test.go\n * Temporarily disable rootless debian e2e testing\n * fix(deps): update module golang.org/x/crypto to v0.23.0\n * CI Docs: Clarify passthrough_envars() comments\n * Skip machine tests if they don\u0027t need to be run\n * Update CI VMs to F40, F39, D13\n * ExitWithError() - v files\n * Update module golang.org/x/term to v0.20.0\n * machine: Add provider detection API\n * util: specify a not empty pause dir for root too\n * Add missing option \u0027healthy\u0027 to output of `podman run --help`\n * [CI:DOCS] Add info on the quay.io images to the README.md\n * Add a random suffix to healthcheck unit names\n * test/e2e: remove toolbox image\n * Also substitute $HOME in runlabel with user\u0027s homedir\n * Update module github.com/cyphar/filepath-securejoin to v0.2.5\n * Change tmpDir for macOS\n * ExitWithError() - pod_xxx tests\n * ExitWithError() -- run_test.go\n * Update module golang.org/x/exp to v0.0.0-20240416160154-fe59bbe5cc7f\n * Update module github.com/shirou/gopsutil/v3 to v3.24.4\n * Update module github.com/docker/docker to v26.1.1+incompatible\n * GHA: Attempt fix exceeded a secondary rate limit\n * vendor ginkgo 2.17.2 into test/tools\n * Fix machine volumes with long path and paths with dashes\n * Update module google.golang.org/protobuf to v1.34.0\n * Update module github.com/crc-org/crc/v2 to v2.35.0\n * Update module github.com/onsi/gomega to v1.33.1\n * test/e2e: podman unshare image mount fix tmpdir leak\n * test/e2e: do not leak /tmp/private_file\n * test/e2e: \"persistentVolumeClaim with source\" do not leak file\n * e2e tests: use /var/tmp, not $TMPDIR, as workdirs\n * Update dependency pytest to v8.1.2\n * Remove unncessary lines at the end of specfile summary\n * Clean machine pull cache\n * Add krun support to podman machine\n * Use custom image for make validatepr\n * test/e2e: force systemd cgroup manager\n * e2e and bindings tests: fix $PATH setup\n * Makefile: remove useless HACK variable in e2e test\n * test/e2e: fix volumes and suid/dev/exec options\n * test/e2e: volumes and suid/dev/exec options works remote\n * test/e2e: fix limits test\n * Update module github.com/rootless-containers/rootlesskit/v2 to v2.1.0\n * Correct option name `ip` -\u003e `ip6`\n * Add the ability to automount images as volumes via play\n * Add support for image volume subpaths\n * Bump Buildah to latest main\n * Update Makefile to Go 1.22 for in-container\n * ExitWithError() - yet more low-hanging fruit\n * ExitWithError() - more low-hanging fruit\n * ExitWithError() - low-hanging fruit\n * chore: fix function names in comment\n * Remove redundant Prerequisite before build section\n * Remove PKG_CONFIG_PATH\n * Add installation instructions for openSUSE\n * Replace golang.org/x/exp/slices with slices from std\n * Update to go 1.21\n * fix(deps): update module github.com/docker/docker to v26.1.0+incompatible\n * [CI:DOCS] Fix artifact action\n * [skip-ci] Packit/rpm: remove el8 jobs and spec conditionals\n * e2e tests: stop littering\n * [CI:DOCS] format podman-pull example as code\n * [CI:DOCS] Build \u0026 upload release artifacts with GitHub Actions\n * libpod: getHealthCheckLog() remove unessesary check\n * add containers.conf healthcheck_events support\n * vendor latest c/common\n * libpod: make healthcheck events more efficient\n * libpod: wrap store setup error message\n * [skip-ci] Packit: enable CentOS 10 Stream build jobs\n * pkg/systemd: use fileutils.(Le|E)xists\n * pkg/bindings: use fileutils.(Le|E)xists\n * pkg/util: use fileutils.(Le|E)xists\n * pkg/trust: use fileutils.(Le|E)xists\n * pkg/specgen: use fileutils.(Le|E)xists\n * pkg/rootless: use fileutils.(Le|E)xists\n * pkg/machine: use fileutils.(Le|E)xists\n * pkg/domain: use fileutils.(Le|E)xists\n * pkg/api: use fileutils.(Le|E)xists\n * libpod: use fileutils.(Le|E)xists\n * cmd: use fileutils.(Le|E)xists\n * vendor: update containers/{buildah,common,image,storage}\n * fix(deps): update module github.com/docker/docker to v26.0.2+incompatible [security]\n * fix podman-pod-restart.1.md typo\n * [skip-ci] Packit: switch to EPEL instead of centos-stream+epel-next\n * fix(deps): update module github.com/onsi/gomega to v1.33.0\n * Add more annnotation information to podman kupe play man page\n * test/compose: remove compose v1 code\n * CI: remove compose v1 tests\n * fix: close resource file\n * [CI:DOCS] Fix windows installer action\n * fix(deps): update module tags.cncf.io/container-device-interface to v0.7.2\n * add `list` as an alias to list networks\n * Add support for updating restart policy\n * Add Compat API for Update\n * Make `podman update` changes persistent\n * Emergency fix (well, skip) for failing bud tests\n * fix swagger doc for manifest create\n * [CI:DOCS] options/network: fix markdown lists\n * Makefile: do not hardcode `GOOS` in `podman-remote-static` target\n * chore(deps): update module golang.org/x/crypto to v0.17.0 [security]\n * chore(deps): update dependency setuptools to ~=69.5.0\n * Fix some comments\n * swagger fix infinitive recursion on some types\n * install swagger from source\n * Revert \"Swap out javascript engine\"\n * podman exec CID without command should exit 125\n * (minor) prefetch systemd image before use\n * Update go-swagger version\n * Swap out javascript engine\n * fix(deps): update module github.com/docker/docker to v26.0.1+incompatible\n * Add os, arch, and ismanifest to libpod image list\n * [CI:DOCS]Initial PR validation\n * fix(deps): update github.com/containers/gvisor-tap-vsock digest to d744d71\n * vendor ginkgo 2.17.1 into test/tools\n * fix \"concurrent map writes\" in network ls compat endpoint\n * chore(deps): update dependency pytest to v8\n * e2e: redefine ExitWithError() to require exit code\n * docs: fix missleading run/create --expose description\n * podman ps: show exposed ports under PORTS as well\n * rootless: drop function ReadMappingsProc\n * fix(deps): update module github.com/vbauerster/mpb/v8 to v8.7.3\n * New CI VMs, to give us pasta 2024-04-05\n * Add big warning to GHA workflow\n * GHA: Fix intermittent workflow error\n * fix(deps): update module golang.org/x/tools to v0.20.0\n * e2e tests: remove requirement for fuse-overlayfs\n * docs: update Quadlet volume Options desc\n * fix(deps): update module golang.org/x/sync to v0.7.0\n * Fix relabeling failures with Z/z volumes on Mac\n * fix(deps): update module golang.org/x/net to v0.24.0\n * Makefile: fix annoying errors in docs generation\n * chore: fix function names in comment\n * Bump tags.cncf.io/container-device-interface to v0.7.1\n * fix(deps): update module golang.org/x/crypto to v0.22.0\n * Detect unhandled reboots and require user intervention\n * podman --runroot: remove 50 char length restriction\n * update github.com/rootless-containers/rootlesskit to v2\n * Update module github.com/gorilla/schema to v1.3.0\n * Update dependency requests-mock to ~=1.12.1\n * Update module github.com/crc-org/crc/v2 to v2.34.1\n * rm --force work for more than one arg\n * [CI:DOCS] Update kube docs\n * fix(deps): update module github.com/shirou/gopsutil/v3 to v3.24.3\n * [CI:DOCS] Add GitHub action to update version on Podman.io\n * [CI:DOCS] Update dependency golangci/golangci-lint to v1.57.2\n * Windows: clean up temporary perl install\n * pkg/util: FindDeviceNodes() ignore ENOENT errors\n * [CI:DOCS] build deps: make-validate needs docs\n * test/system: add rootless-netns test for setup errors\n * vendor latest c/common main\n * container: do not chown to dest target with U\n * [CI:DOCS] golangci-lint: update deprecated flags\n * systests: conditionalize slirp4netns tests\n * CI: systests: instrument flaky tests\n * s3fs docs\n * test: do not skip tests under rootless\n * Add note about host networking to Kube PublishPort option\n * Inject additional build tags from the environment\n * libpod: use original IDs if idmap is provided\n * Switch back to checking out the same branch the action script runs in\n * docs/podman-login: Give an example of writing the persistent path\n * CI: Bump VMs to 2024-03-28\n * [skip-ci] Update dawidd6/action-send-mail action to v3.12.0\n * fix(deps): update module github.com/openshift/imagebuilder to v1.2.7\n * Fix reference to deprecated types.Info\n * Use logformatter for podman_machine_windows_task\n * applehv: Print vfkit logs in --log-level debug\n * [CI:DOCS]Add Mario to reviewers list\n * [CI:DOCS] Document CI-maintenance job addition\n * Add golang 1.21 update warning\n * Add rootless network command to `podman info`\n * libpod: don\u0027t warn about cgroupsv1 on FreeBSD\n * hyperv: error if not admin\n * Properly parse stderr when updating container status\n * [skip-ci] Packit: specify fedora-latest in propose-downstream\n * Use built-in ssh impl for all non-pty operations\n * Add support for annotations\n * hyperv: fix machine rm -r\n * [skip-ci] Packit: Enable CentOS Stream 10 update job\n * 5.0 release note fix typo in cgroupv1 env var\n * fix remote build isolation on client side\n * chore: remove repetitive words\n * Dont save remote context in temp file but stream and extract\n * fix remote build isolation when server runs as root\n * util: use private propagation with bind\n * util: add some tests for ProcessOptions\n * util: refactor ProcessOptions into an internal function\n * util: rename files to snake case\n * Add LoongArch support for libpod\n * fix(deps): update github.com/containers/common digest to bc5f97c\n * [CI:DOCS] Update dependency golangci/golangci-lint to v1.57.1\n * fix(deps): update module github.com/docker/docker to v25.0.5+incompatible [security]\n * fix(deps): update module github.com/onsi/gomega to v1.32.0\n * [CI:DOCS] Update dependency golangci/golangci-lint to v1.57.0\n * Update module github.com/cpuguy83/go-md2man/v2 to v2.0.4\n * Fix type-o\n * Use correct extension in suite\n * minikube: instrument tests, to allow debugging failures\n * libpod: restart always reconfigure the netns\n * use new c/common pasta2 setup logic to fix dns\n * utils: drop conversion float-\u003estring-\u003efloat\n * utils: do not generate duplicate range\n * logformatter: handle Windows logs\n * utils: add test for the new function\n * utils: move rootless code to a new function\n * xref-helpmsgs-manpages: cross-check Commands.rst\n * test/system: Add support for multipath routes in pasta networking tests\n * [skip-ci] rpm: use macro supported vendoring\n * Adjust to the standard location of gvforwarder used in new images\n * Makefile: add target `podman-remote-static`\n * Switch to 5.x WSL machine os stream using new automation\n * Cleanup build scratch dir if remote end disconnects while passing the context\n * bump main to 5.1.0-dev\n * Use faster gzip for compression for 3x speedup for sending large contexts to remote\n * pkg/machine: make checkExclusiveActiveVM race free\n * pkg/machine/wsl: remove unused CheckExclusiveActiveVM()\n * pkg/machine: CheckExclusiveActiveVM should also check for starting\n * pkg/machine: refresh config after we hold lock\n * Update dependency setuptools to ~=69.2.0\n * [skip-ci] rpm: update containers-common dep on f40+\n * fix invalid HTTP header values when hijacking a connection\n * Add doc to build podman on windows without MSYS\n * Removing CRI-O related annotations\n * fix(deps): update module github.com/containers/ocicrypt to v1.1.10\n * Pass the restart policy to the individual containers\n * kube play: always pull when both imagePullPolicy and tag are missing\n\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.1-76",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_20279-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:20279-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202520279-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:20279-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021043.html"
},
{
"category": "self",
"summary": "SUSE Bug 1221677",
"url": "https://bugzilla.suse.com/1221677"
},
{
"category": "self",
"summary": "SUSE Bug 1224112",
"url": "https://bugzilla.suse.com/1224112"
},
{
"category": "self",
"summary": "SUSE Bug 1231208",
"url": "https://bugzilla.suse.com/1231208"
},
{
"category": "self",
"summary": "SUSE Bug 1236270",
"url": "https://bugzilla.suse.com/1236270"
},
{
"category": "self",
"summary": "SUSE Bug 1236507",
"url": "https://bugzilla.suse.com/1236507"
},
{
"category": "self",
"summary": "SUSE Bug 1237641",
"url": "https://bugzilla.suse.com/1237641"
},
{
"category": "self",
"summary": "SUSE Bug 1239330",
"url": "https://bugzilla.suse.com/1239330"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-45288 page",
"url": "https://www.suse.com/security/cve/CVE-2023-45288/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-11218 page",
"url": "https://www.suse.com/security/cve/CVE-2024-11218/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-1753 page",
"url": "https://www.suse.com/security/cve/CVE-2024-1753/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-3727 page",
"url": "https://www.suse.com/security/cve/CVE-2024-3727/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-9407 page",
"url": "https://www.suse.com/security/cve/CVE-2024-9407/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22869 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22869/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-27144 page",
"url": "https://www.suse.com/security/cve/CVE-2025-27144/"
}
],
"title": "Security update for podman",
"tracking": {
"current_release_date": "2025-04-22T13:50:31Z",
"generator": {
"date": "2025-04-22T13:50:31Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:20279-1",
"initial_release_date": "2025-04-22T13:50:31Z",
"revision_history": [
{
"date": "2025-04-22T13:50:31Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "podman-5.2.5-slfo.1.1_1.1.aarch64",
"product": {
"name": "podman-5.2.5-slfo.1.1_1.1.aarch64",
"product_id": "podman-5.2.5-slfo.1.1_1.1.aarch64"
}
},
{
"category": "product_version",
"name": "podman-remote-5.2.5-slfo.1.1_1.1.aarch64",
"product": {
"name": "podman-remote-5.2.5-slfo.1.1_1.1.aarch64",
"product_id": "podman-remote-5.2.5-slfo.1.1_1.1.aarch64"
}
},
{
"category": "product_version",
"name": "podmansh-5.2.5-slfo.1.1_1.1.aarch64",
"product": {
"name": "podmansh-5.2.5-slfo.1.1_1.1.aarch64",
"product_id": "podmansh-5.2.5-slfo.1.1_1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-docker-5.2.5-slfo.1.1_1.1.noarch",
"product": {
"name": "podman-docker-5.2.5-slfo.1.1_1.1.noarch",
"product_id": "podman-docker-5.2.5-slfo.1.1_1.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-5.2.5-slfo.1.1_1.1.ppc64le",
"product": {
"name": "podman-5.2.5-slfo.1.1_1.1.ppc64le",
"product_id": "podman-5.2.5-slfo.1.1_1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "podman-remote-5.2.5-slfo.1.1_1.1.ppc64le",
"product": {
"name": "podman-remote-5.2.5-slfo.1.1_1.1.ppc64le",
"product_id": "podman-remote-5.2.5-slfo.1.1_1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "podmansh-5.2.5-slfo.1.1_1.1.ppc64le",
"product": {
"name": "podmansh-5.2.5-slfo.1.1_1.1.ppc64le",
"product_id": "podmansh-5.2.5-slfo.1.1_1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-5.2.5-slfo.1.1_1.1.s390x",
"product": {
"name": "podman-5.2.5-slfo.1.1_1.1.s390x",
"product_id": "podman-5.2.5-slfo.1.1_1.1.s390x"
}
},
{
"category": "product_version",
"name": "podman-remote-5.2.5-slfo.1.1_1.1.s390x",
"product": {
"name": "podman-remote-5.2.5-slfo.1.1_1.1.s390x",
"product_id": "podman-remote-5.2.5-slfo.1.1_1.1.s390x"
}
},
{
"category": "product_version",
"name": "podmansh-5.2.5-slfo.1.1_1.1.s390x",
"product": {
"name": "podmansh-5.2.5-slfo.1.1_1.1.s390x",
"product_id": "podmansh-5.2.5-slfo.1.1_1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-5.2.5-slfo.1.1_1.1.x86_64",
"product": {
"name": "podman-5.2.5-slfo.1.1_1.1.x86_64",
"product_id": "podman-5.2.5-slfo.1.1_1.1.x86_64"
}
},
{
"category": "product_version",
"name": "podman-remote-5.2.5-slfo.1.1_1.1.x86_64",
"product": {
"name": "podman-remote-5.2.5-slfo.1.1_1.1.x86_64",
"product_id": "podman-remote-5.2.5-slfo.1.1_1.1.x86_64"
}
},
{
"category": "product_version",
"name": "podmansh-5.2.5-slfo.1.1_1.1.x86_64",
"product": {
"name": "podmansh-5.2.5-slfo.1.1_1.1.x86_64",
"product_id": "podmansh-5.2.5-slfo.1.1_1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.1",
"product": {
"name": "SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-5.2.5-slfo.1.1_1.1.aarch64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.aarch64"
},
"product_reference": "podman-5.2.5-slfo.1.1_1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-5.2.5-slfo.1.1_1.1.ppc64le as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.ppc64le"
},
"product_reference": "podman-5.2.5-slfo.1.1_1.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-5.2.5-slfo.1.1_1.1.s390x as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.s390x"
},
"product_reference": "podman-5.2.5-slfo.1.1_1.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-5.2.5-slfo.1.1_1.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.x86_64"
},
"product_reference": "podman-5.2.5-slfo.1.1_1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-docker-5.2.5-slfo.1.1_1.1.noarch as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:podman-docker-5.2.5-slfo.1.1_1.1.noarch"
},
"product_reference": "podman-docker-5.2.5-slfo.1.1_1.1.noarch",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-5.2.5-slfo.1.1_1.1.aarch64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.aarch64"
},
"product_reference": "podman-remote-5.2.5-slfo.1.1_1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-5.2.5-slfo.1.1_1.1.ppc64le as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.ppc64le"
},
"product_reference": "podman-remote-5.2.5-slfo.1.1_1.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-5.2.5-slfo.1.1_1.1.s390x as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.s390x"
},
"product_reference": "podman-remote-5.2.5-slfo.1.1_1.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-5.2.5-slfo.1.1_1.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.x86_64"
},
"product_reference": "podman-remote-5.2.5-slfo.1.1_1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podmansh-5.2.5-slfo.1.1_1.1.aarch64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.aarch64"
},
"product_reference": "podmansh-5.2.5-slfo.1.1_1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podmansh-5.2.5-slfo.1.1_1.1.ppc64le as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.ppc64le"
},
"product_reference": "podmansh-5.2.5-slfo.1.1_1.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podmansh-5.2.5-slfo.1.1_1.1.s390x as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.s390x"
},
"product_reference": "podmansh-5.2.5-slfo.1.1_1.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podmansh-5.2.5-slfo.1.1_1.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.x86_64"
},
"product_reference": "podmansh-5.2.5-slfo.1.1_1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-45288",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-45288"
}
],
"notes": [
{
"category": "general",
"text": "An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request\u0027s headers exceed MaxHeaderBytes, no memory is allocated to store the excess headers, but they are still parsed. This permits an attacker to cause an HTTP/2 endpoint to read arbitrary amounts of header data, all associated with a request which is going to be rejected. These headers can include Huffman-encoded data which is significantly more expensive for the receiver to decode than for an attacker to send. The fix sets a limit on the amount of excess header frames we will process before closing a connection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.2.5-slfo.1.1_1.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-45288",
"url": "https://www.suse.com/security/cve/CVE-2023-45288"
},
{
"category": "external",
"summary": "SUSE Bug 1221400 for CVE-2023-45288",
"url": "https://bugzilla.suse.com/1221400"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.2.5-slfo.1.1_1.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.2.5-slfo.1.1_1.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-22T13:50:31Z",
"details": "moderate"
}
],
"title": "CVE-2023-45288"
},
{
"cve": "CVE-2024-11218",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-11218"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability was found in `podman build` and `buildah.` This issue occurs in a container breakout by using --jobs=2 and a race condition when building a malicious Containerfile. SELinux might mitigate it, but even with SELinux on, it still allows the enumeration of files and directories on the host.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.2.5-slfo.1.1_1.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-11218",
"url": "https://www.suse.com/security/cve/CVE-2024-11218"
},
{
"category": "external",
"summary": "SUSE Bug 1236269 for CVE-2024-11218",
"url": "https://bugzilla.suse.com/1236269"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.2.5-slfo.1.1_1.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.2.5-slfo.1.1_1.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-22T13:50:31Z",
"details": "important"
}
],
"title": "CVE-2024-11218"
},
{
"cve": "CVE-2024-1753",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-1753"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in Buildah (and subsequently Podman Build) which allows containers to mount arbitrary locations on the host filesystem into build containers. A malicious Containerfile can use a dummy image with a symbolic link to the root filesystem as a mount source and cause the mount operation to mount the host root filesystem inside the RUN step. The commands inside the RUN step will then have read-write access to the host filesystem, allowing for full container escape at build time.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.2.5-slfo.1.1_1.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-1753",
"url": "https://www.suse.com/security/cve/CVE-2024-1753"
},
{
"category": "external",
"summary": "SUSE Bug 1221677 for CVE-2024-1753",
"url": "https://bugzilla.suse.com/1221677"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.2.5-slfo.1.1_1.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.2.5-slfo.1.1_1.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-22T13:50:31Z",
"details": "important"
}
],
"title": "CVE-2024-1753"
},
{
"cve": "CVE-2024-3727",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-3727"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.2.5-slfo.1.1_1.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-3727",
"url": "https://www.suse.com/security/cve/CVE-2024-3727"
},
{
"category": "external",
"summary": "SUSE Bug 1224112 for CVE-2024-3727",
"url": "https://bugzilla.suse.com/1224112"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.2.5-slfo.1.1_1.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.2.5-slfo.1.1_1.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-22T13:50:31Z",
"details": "important"
}
],
"title": "CVE-2024-3727"
},
{
"cve": "CVE-2024-9407",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-9407"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability exists in the bind-propagation option of the Dockerfile RUN --mount instruction. The system does not properly validate the input passed to this option, allowing users to pass arbitrary parameters to the mount instruction. This issue can be exploited to mount sensitive directories from the host into a container during the build process and, in some cases, modify the contents of those mounted files. Even if SELinux is used, this vulnerability can bypass its protection by allowing the source directory to be relabeled to give the container access to host files.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.2.5-slfo.1.1_1.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-9407",
"url": "https://www.suse.com/security/cve/CVE-2024-9407"
},
{
"category": "external",
"summary": "SUSE Bug 1231208 for CVE-2024-9407",
"url": "https://bugzilla.suse.com/1231208"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.2.5-slfo.1.1_1.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.2.5-slfo.1.1_1.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-22T13:50:31Z",
"details": "moderate"
}
],
"title": "CVE-2024-9407"
},
{
"cve": "CVE-2025-22869",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22869"
}
],
"notes": [
{
"category": "general",
"text": "SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to be read into memory, but never transmitted.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.2.5-slfo.1.1_1.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22869",
"url": "https://www.suse.com/security/cve/CVE-2025-22869"
},
{
"category": "external",
"summary": "SUSE Bug 1239322 for CVE-2025-22869",
"url": "https://bugzilla.suse.com/1239322"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.2.5-slfo.1.1_1.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.2.5-slfo.1.1_1.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-22T13:50:31Z",
"details": "important"
}
],
"title": "CVE-2025-22869"
},
{
"cve": "CVE-2025-27144",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-27144"
}
],
"notes": [
{
"category": "general",
"text": "Go JOSE provides an implementation of the Javascript Object Signing and Encryption set of standards in Go, including support for JSON Web Encryption (JWE), JSON Web Signature (JWS), and JSON Web Token (JWT) standards. In versions on the 4.x branch prior to version 4.0.5, when parsing compact JWS or JWE input, Go JOSE could use excessive memory. The code used strings.Split(token, \".\") to split JWT tokens, which is vulnerable to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters. An attacker could exploit this by sending numerous malformed tokens, leading to memory exhaustion and a Denial of Service. Version 4.0.5 fixes this issue. As a workaround, applications could pre-validate that payloads passed to Go JOSE do not contain an excessive number of `.` characters.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.2.5-slfo.1.1_1.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-27144",
"url": "https://www.suse.com/security/cve/CVE-2025-27144"
},
{
"category": "external",
"summary": "SUSE Bug 1237608 for CVE-2025-27144",
"url": "https://bugzilla.suse.com/1237608"
},
{
"category": "external",
"summary": "SUSE Bug 1237609 for CVE-2025-27144",
"url": "https://bugzilla.suse.com/1237609"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.2.5-slfo.1.1_1.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:podman-5.2.5-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.2.5-slfo.1.1_1.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.2.5-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.2.5-slfo.1.1_1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-22T13:50:31Z",
"details": "important"
}
],
"title": "CVE-2025-27144"
}
]
}
WID-SEC-W-2025-0253
Vulnerability from csaf_certbund - Published: 2025-02-03 23:00 - Updated: 2025-06-03 22:00Summary
Red Hat Enterprise Linux (Podman und Buildah): Schwachstelle ermöglicht Manipulation von Dateien
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Red Hat Enterprise Linux (RHEL) ist eine populäre Linux-Distribution.
Angriff: Ein lokaler Angreifer kann eine Schwachstelle in Red Hat Enterprise Linux ausnutzen, um Dateien zu manipulieren.
Betroffene Betriebssysteme: - UNIX
Affected products
Known affected
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM QRadar SIEM <7.5.0 UP11 IF04
IBM / QRadar SIEM
|
<7.5.0 UP11 IF04 | ||
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Red Hat OpenShift Container Platform <4.18.8
Red Hat / OpenShift
|
Container Platform <4.18.8 | ||
|
Red Hat OpenShift Container Platform <4.13.56
Red Hat / OpenShift
|
Container Platform <4.13.56 | ||
|
Red Hat OpenShift OpenShift Container Platform <4.13.56
Red Hat / OpenShift
|
OpenShift Container Platform <4.13.56 | ||
|
Red Hat OpenShift Container Platform <4.14.48
Red Hat / OpenShift
|
Container Platform <4.14.48 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Red Hat Enterprise Linux 9
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:9
|
9 | |
|
Red Hat OpenShift Container Platform <4.14.49
Red Hat / OpenShift
|
Container Platform <4.14.49 | ||
|
Red Hat OpenShift Container Platform <4.17.15
Red Hat / OpenShift
|
Container Platform <4.17.15 |
References
39 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Red Hat Enterprise Linux (RHEL) ist eine popul\u00e4re Linux-Distribution.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein lokaler Angreifer kann eine Schwachstelle in Red Hat Enterprise Linux ausnutzen, um Dateien zu manipulieren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- UNIX",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-0253 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0253.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-0253 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0253"
},
{
"category": "external",
"summary": "RedHat Security Advisory vom 2025-02-03",
"url": "https://access.redhat.com/errata/RHSA-2025:0923"
},
{
"category": "external",
"summary": "RedHat Security Advisory vom 2025-02-03",
"url": "https://access.redhat.com/errata/RHSA-2025:0922"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-0922 vom 2025-02-04",
"url": "https://linux.oracle.com/errata/ELSA-2025-0922.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-0923 vom 2025-02-04",
"url": "https://linux.oracle.com/errata/ELSA-2025-0923.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:0878 vom 2025-02-05",
"url": "https://access.redhat.com/errata/RHSA-2025:0878"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:0382-1 vom 2025-02-07",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-February/020287.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:1186 vom 2025-02-10",
"url": "https://access.redhat.com/errata/RHSA-2025:1186"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:1187 vom 2025-02-10",
"url": "https://access.redhat.com/errata/RHSA-2025:1187"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:1188 vom 2025-02-10",
"url": "https://access.redhat.com/errata/RHSA-2025:1188"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:1189 vom 2025-02-10",
"url": "https://access.redhat.com/errata/RHSA-2025:1189"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:1207 vom 2025-02-10",
"url": "https://access.redhat.com/errata/RHSA-2025:1207"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:0830 vom 2025-02-10",
"url": "https://access.redhat.com/errata/RHSA-2025:0830"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:1275 vom 2025-02-11",
"url": "https://access.redhat.com/errata/RHSA-2025:1275"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:1295 vom 2025-02-11",
"url": "https://access.redhat.com/errata/RHSA-2025:1295"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:1296 vom 2025-02-11",
"url": "https://access.redhat.com/errata/RHSA-2025:1296"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:1372 vom 2025-02-13",
"url": "https://access.redhat.com/errata/RHSA-2025:1372"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-1372 vom 2025-02-13",
"url": "https://linux.oracle.com/errata/ELSA-2025-1372.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:1453 vom 2025-02-19",
"url": "https://access.redhat.com/errata/RHSA-2025:1453"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:1713 vom 2025-02-27",
"url": "https://access.redhat.com/errata/RHSA-2025:1713"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:1707 vom 2025-02-27",
"url": "https://access.redhat.com/errata/RHSA-2025:1707"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:0775-1 vom 2025-03-04",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/53Q2PYLB4BSUFBRQID4W35MJNATOYBL5/"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:1908 vom 2025-03-04",
"url": "https://access.redhat.com/errata/RHSA-2025:1908"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:1910 vom 2025-03-05",
"url": "https://access.redhat.com/errata/RHSA-2025:1910"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:1912 vom 2025-03-05",
"url": "https://access.redhat.com/errata/RHSA-2025:1912"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:1914 vom 2025-03-05",
"url": "https://access.redhat.com/errata/RHSA-2025:1914"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:2454 vom 2025-03-13",
"url": "https://access.redhat.com/errata/RHSA-2025:2456"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:2454 vom 2025-03-13",
"url": "https://access.redhat.com/errata/RHSA-2025:2454"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:2443 vom 2025-03-13",
"url": "https://access.redhat.com/errata/RHSA-2025:2443"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:2710 vom 2025-03-20",
"url": "https://access.redhat.com/errata/RHSA-2025:2710"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:2712 vom 2025-03-20",
"url": "https://access.redhat.com/errata/RHSA-2025:2712"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:2701 vom 2025-03-20",
"url": "https://access.redhat.com/errata/RHSA-2025:2701"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:2703 vom 2025-03-20",
"url": "https://access.redhat.com/errata/RHSA-2025:2703"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:3577 vom 2025-04-10",
"url": "https://access.redhat.com/errata/RHSA-2025:3577"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:3798 vom 2025-04-16",
"url": "https://access.redhat.com/errata/RHSA-2025:3798"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7231915 vom 2025-04-26",
"url": "https://www.ibm.com/support/pages/node/7231915"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20279-1 vom 2025-06-04",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021043.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20143-1 vom 2025-06-04",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021194.html"
}
],
"source_lang": "en-US",
"title": "Red Hat Enterprise Linux (Podman und Buildah): Schwachstelle erm\u00f6glicht Manipulation von Dateien",
"tracking": {
"current_release_date": "2025-06-03T22:00:00.000+00:00",
"generator": {
"date": "2025-06-04T10:24:22.469+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.12"
}
},
"id": "WID-SEC-W-2025-0253",
"initial_release_date": "2025-02-03T23:00:00.000+00:00",
"revision_history": [
{
"date": "2025-02-03T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2025-02-04T23:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2025-02-05T23:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-02-09T23:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von SUSE und Red Hat aufgenommen"
},
{
"date": "2025-02-10T23:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-02-12T23:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-02-13T23:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2025-02-19T23:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-02-26T23:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-03-04T23:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von SUSE und Red Hat aufgenommen"
},
{
"date": "2025-03-12T23:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-03-13T23:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-03-19T23:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-04-10T22:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-04-16T22:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-04-27T22:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-06-03T22:00:00.000+00:00",
"number": "17",
"summary": "Neue Updates von SUSE aufgenommen"
}
],
"status": "final",
"version": "17"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c7.5.0 UP11 IF04",
"product": {
"name": "IBM QRadar SIEM \u003c7.5.0 UP11 IF04",
"product_id": "T043169"
}
},
{
"category": "product_version",
"name": "7.5.0 UP11 IF04",
"product": {
"name": "IBM QRadar SIEM 7.5.0 UP11 IF04",
"product_id": "T043169-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:qradar_siem:7.5.0_up11_if04"
}
}
}
],
"category": "product_name",
"name": "QRadar SIEM"
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
},
{
"category": "product_version",
"name": "9",
"product": {
"name": "Red Hat Enterprise Linux 9",
"product_id": "T040750",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:9"
}
}
}
],
"category": "product_name",
"name": "Enterprise Linux"
},
{
"branches": [
{
"category": "product_version_range",
"name": "Container Platform \u003c4.17.15",
"product": {
"name": "Red Hat OpenShift Container Platform \u003c4.17.15",
"product_id": "T040819"
}
},
{
"category": "product_version",
"name": "Container Platform 4.17.15",
"product": {
"name": "Red Hat OpenShift Container Platform 4.17.15",
"product_id": "T040819-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:container_platform__4.17.15"
}
}
},
{
"category": "product_version_range",
"name": "Container Platform \u003c4.14.48",
"product": {
"name": "Red Hat OpenShift Container Platform \u003c4.14.48",
"product_id": "T041269"
}
},
{
"category": "product_version",
"name": "Container Platform 4.14.48",
"product": {
"name": "Red Hat OpenShift Container Platform 4.14.48",
"product_id": "T041269-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:container_platform__4.14.48"
}
}
},
{
"category": "product_version_range",
"name": "Container Platform \u003c4.13.56",
"product": {
"name": "Red Hat OpenShift Container Platform \u003c4.13.56",
"product_id": "T042009"
}
},
{
"category": "product_version",
"name": "Container Platform 4.13.56",
"product": {
"name": "Red Hat OpenShift Container Platform 4.13.56",
"product_id": "T042009-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:container_platform__4.13.56"
}
}
},
{
"category": "product_version_range",
"name": "Container Platform \u003c4.14.49",
"product": {
"name": "Red Hat OpenShift Container Platform \u003c4.14.49",
"product_id": "T042010"
}
},
{
"category": "product_version",
"name": "Container Platform 4.14.49",
"product": {
"name": "Red Hat OpenShift Container Platform 4.14.49",
"product_id": "T042010-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:container_platform__4.14.49"
}
}
},
{
"category": "product_version_range",
"name": "OpenShift Container Platform \u003c4.13.56",
"product": {
"name": "Red Hat OpenShift OpenShift Container Platform \u003c4.13.56",
"product_id": "T042040"
}
},
{
"category": "product_version",
"name": "OpenShift Container Platform 4.13.56",
"product": {
"name": "Red Hat OpenShift OpenShift Container Platform 4.13.56",
"product_id": "T042040-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:openshift_container_platform__4.13.56"
}
}
},
{
"category": "product_version_range",
"name": "Container Platform \u003c4.18.8",
"product": {
"name": "Red Hat OpenShift Container Platform \u003c4.18.8",
"product_id": "T042744"
}
},
{
"category": "product_version",
"name": "Container Platform 4.18.8",
"product": {
"name": "Red Hat OpenShift Container Platform 4.18.8",
"product_id": "T042744-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:container_platform__4.18.8"
}
}
}
],
"category": "product_name",
"name": "OpenShift"
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-11218",
"product_status": {
"known_affected": [
"T043169",
"T002207",
"67646",
"T042744",
"T042009",
"T042040",
"T041269",
"T004914",
"T040750",
"T042010",
"T040819"
]
},
"release_date": "2025-02-03T23:00:00.000+00:00",
"title": "CVE-2024-11218"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…