{"schema_version": "1.3.1", "id": "RLSA-2024:0752", "modified": "2024-02-12T20:19:03.131302Z", "published": "2024-02-12T20:17:26.918627Z", "related": ["CVE-2024-21626"], "summary": "Important: container-tools:rhel8 security update", "details": "The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc.\n\nSecurity Fix(es):\n\n* runc: file descriptor leak (CVE-2024-21626)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "affected": [{"package": {"ecosystem": "Rocky Linux:8", "name": "aardvark-dns", "purl": "pkg:rpm/rocky-linux/aardvark-dns?distro=rocky-linux-8&epoch=2"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "2:1.7.0-1.module+el8.9.0+1580+e76741f0"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "buildah", "purl": "pkg:rpm/rocky-linux/buildah?distro=rocky-linux-8&epoch=1"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "1:1.31.3-3.module+el8.9.0+1703+29de406e"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "cockpit-podman", "purl": "pkg:rpm/rocky-linux/cockpit-podman?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:75-1.module+el8.9.0+1580+e76741f0"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "conmon", "purl": "pkg:rpm/rocky-linux/conmon?distro=rocky-linux-8&epoch=3"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "3:2.1.8-1.module+el8.9.0+1444+82dcc378"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "containernetworking-plugins", "purl": "pkg:rpm/rocky-linux/containernetworking-plugins?distro=rocky-linux-8&epoch=1"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "1:1.3.0-8.module+el8.9.0+1703+29de406e"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "containers-common", "purl": "pkg:rpm/rocky-linux/containers-common?distro=rocky-linux-8&epoch=2"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "2:1-71.module+el8.9.0+1703+29de406e"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "container-selinux", "purl": "pkg:rpm/rocky-linux/container-selinux?distro=rocky-linux-8&epoch=2"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "2:2.221.0-1.module+el8.9.0+1580+e76741f0"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "criu", "purl": "pkg:rpm/rocky-linux/criu?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:3.18-4.module+el8.9.0+1420+91577025"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "crun", "purl": "pkg:rpm/rocky-linux/crun?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:1.8.7-1.module+el8.9.0+1580+e76741f0"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "fuse-overlayfs", "purl": "pkg:rpm/rocky-linux/fuse-overlayfs?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:1.12-1.module+el8.9.0+1580+e76741f0"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "libslirp", "purl": "pkg:rpm/rocky-linux/libslirp?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:4.4.0-1.module+el8.9.0+1420+91577025"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "netavark", "purl": "pkg:rpm/rocky-linux/netavark?distro=rocky-linux-8&epoch=2"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "2:1.7.0-2.module+el8.9.0+1703+29de406e"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "oci-seccomp-bpf-hook", "purl": "pkg:rpm/rocky-linux/oci-seccomp-bpf-hook?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:1.2.9-1.module+el8.9.0+1580+e76741f0"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "podman", "purl": "pkg:rpm/rocky-linux/podman?distro=rocky-linux-8&epoch=3"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "3:4.6.1-8.module+el8.9.0+1703+29de406e"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-podman", "purl": "pkg:rpm/rocky-linux/python-podman?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:4.6.0-2.module+el8.9.0+1703+29de406e"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "runc", "purl": "pkg:rpm/rocky-linux/runc?distro=rocky-linux-8&epoch=1"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "1:1.1.12-1.module+el8.9.0+1702+822f0675"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "skopeo", "purl": "pkg:rpm/rocky-linux/skopeo?distro=rocky-linux-8&epoch=2"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "2:1.13.3-3.module+el8.9.0+1703+29de406e"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "slirp4netns", "purl": "pkg:rpm/rocky-linux/slirp4netns?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:1.2.1-1.module+el8.9.0+1580+e76741f0"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "toolbox", "purl": "pkg:rpm/rocky-linux/toolbox?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:0.0.99.4-5.module+el8.9.0+1445+07728297"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "udica", "purl": "pkg:rpm/rocky-linux/udica?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:0.2.6-20.module+el8.9.0+1420+91577025"}], "database_specific": {"yum_repository": "AppStream"}}]}], "references": [{"type": "ADVISORY", "url": "https://errata.rockylinux.org/RLSA-2024:0752"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258725"}], "credits": [{"name": "Rocky Enterprise Software Foundation"}, {"name": "Red Hat"}]}