Lucene search
OracleLinuxELSA-2024-6194HistorySep 03, 2024 - 12:00 a.m.
podman security update
2024-09-0300:00:00
linux.oracle.com
podman
security update
fixes
execvp error
remote build
device addition
compression
overlay
resolves rhel-53250
resolves rhel-50507
resolves rhel-45916
resolves rhel-40804
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
6.8
Confidence
High
[4.9.4-10.0.1]
- Fixes issue of podman execvp error while using podmansh [Orabug: 36073625]
- Improved saving remote build context to tarfile in Podman daemon [Orabug: 36495655]
- Add devices on container startup, not on creation
- Backport fast gzip for compression [Orabug: 36420418]
- overlay: Put should ignore ENINVAL for Unmount [Orabug: 36234694]
- Drop nmap-ncat requirement and skip ignore-socket test case [Orabug: 34117404]
[4:4.9.4-10] - update to the latest content of https://github.com/containers/podman/tree/v4.9-rhel
(https://github.com/containers/podman/commit/6b45bb1) - Resolves: RHEL-53250
[4:4.9.4-9] - update to the latest content of https://github.com/containers/podman/tree/v4.9-rhel
(https://github.com/containers/podman/commit/1a2d8e3) - Resolves: RHEL-50507
[4:4.9.4-8] - update to the latest content of https://github.com/containers/podman/tree/v4.9-rhel
(https://github.com/containers/podman/commit/affa589) - Resolves: RHEL-45916
[4:4.9.4-7] - update to the latest content of https://github.com/containers/podman/tree/v4.9-rhel
(https://github.com/containers/podman/commit/8fa0c76) - Resolves: RHEL-40804
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| oracle linux | 9 | src | podman | < 4.9.4-10.0.1.el9_4 | podman-4.9.4-10.0.1.el9_4.src.rpm |
| oracle linux | 9 | aarch64 | podman | < 4.9.4-10.0.1.el9_4 | podman-4.9.4-10.0.1.el9_4.aarch64.rpm |
| oracle linux | 9 | noarch | podman-docker | < 4.9.4-10.0.1.el9_4 | podman-docker-4.9.4-10.0.1.el9_4.noarch.rpm |
| oracle linux | 9 | aarch64 | podman-plugins | < 4.9.4-10.0.1.el9_4 | podman-plugins-4.9.4-10.0.1.el9_4.aarch64.rpm |
| oracle linux | 9 | aarch64 | podman-remote | < 4.9.4-10.0.1.el9_4 | podman-remote-4.9.4-10.0.1.el9_4.aarch64.rpm |
| oracle linux | 9 | aarch64 | podman-tests | < 4.9.4-10.0.1.el9_4 | podman-tests-4.9.4-10.0.1.el9_4.aarch64.rpm |
| oracle linux | 9 | src | podman | < 4.9.4-10.0.1.el9_4 | podman-4.9.4-10.0.1.el9_4.src.rpm |
| oracle linux | 9 | x86_64 | podman | < 4.9.4-10.0.1.el9_4 | podman-4.9.4-10.0.1.el9_4.x86_64.rpm |
| oracle linux | 9 | noarch | podman-docker | < 4.9.4-10.0.1.el9_4 | podman-docker-4.9.4-10.0.1.el9_4.noarch.rpm |
| oracle linux | 9 | x86_64 | podman-plugins | < 4.9.4-10.0.1.el9_4 | podman-plugins-4.9.4-10.0.1.el9_4.x86_64.rpm |
Related
almalinux
almalinux
Important: podman security update
2024-09-03 00:00:00
Important: container-tools:rhel8 security update
2024-08-13 00:00:00
redhat
redhat
(RHSA-2024:6194) Important: podman security update
2024-09-03 05:31:21
osv
osv
Important: podman security update
2024-09-03 00:00:00
Potential memory exhaustion attack due to sparse slice deserialization
2024-07-01 20:35:12
CGA-8x9p-h548-675r
2024-07-15 21:54:58
nessus
nessus
RHEL 9 : podman (RHSA-2024:6194)
2024-09-03 00:00:00
Oracle Linux 9 : podman (ELSA-2024-6194)
2024-09-03 00:00:00
AlmaLinux 9 : podman (ALSA-2024:6194)
2024-09-04 00:00:00
ubuntucve
ubuntucve
CVE-2024-37298
2024-07-01 00:00:00
cve
cve
CVE-2024-37298
2024-07-01 19:15:04
CVE-2024-6104
2024-06-24 17:15:11
wolfi
wolfi
CVE-2024-37298 vulnerabilities
2024-09-19 09:11:50
CVE-2024-6104 vulnerabilities
2024-09-19 09:11:50
cvelist
cvelist
nvd
nvd
CVE-2024-37298
2024-07-01 19:15:04
CVE-2024-6104
2024-06-24 17:15:11
cbl_mariner
cbl_mariner
oraclelinux
oraclelinux
container-tools:ol8 security update
2024-08-13 00:00:00
vulnrichment
vulnrichment
debiancve
debiancve
CVE-2024-37298
2024-07-01 19:15:04
CVE-2024-6104
2024-06-24 17:15:11
redhatcve
redhatcve
CVE-2024-37298
2024-07-02 15:56:45
CVE-2024-6104
2024-06-24 21:50:10
github
github
Potential memory exhaustion attack due to sparse slice deserialization
2024-07-01 20:35:12
go-retryablehttp can leak basic auth credentials to log files
2024-06-24 18:31:37
veracode
veracode
Denial Of Service (DoS)
2024-07-02 06:16:54
Information Disclosure
2024-06-25 05:18:18
rocky
rocky
container-tools:rhel8 security update
2024-08-21 14:52:31
openvas
openvas
openSUSE: Security Advisory for podman (SUSE-SU-2024:2273-1)
2024-07-10 00:00:00
openSUSE: Security Advisory for podman (SUSE-SU-2024:2286-1)
2024-07-10 00:00:00
redos
redos
ROS-20240902-12
2024-09-02 00:00:00
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
6.8
Confidence
High
Related for ELSA-2024-6194