[Apollo] Advisories Statistics light light Login

RLSA-2025:1372

Security Mirrored from RHSA-2025:1372
Issued at: 2025-02-13
Updated at: 2025-02-13

Synopsis

Important: container-tools:rhel8 security update



Description

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc.

Security Fix(es):

* podman: buildah: Container breakout by using --jobs=2 and a race condition when building a malicious Containerfile (CVE-2024-11218)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.



Affected products

Rocky Linux 8 aarch64 Rocky Linux 8 x86_64

Fixes

2326231

CVEs

CVE-2024-11218

Affected packages

Rocky Linux 8 aarch64 - AppStream

aardvark-dns-2:1.10.1-2.module+el8.10.0+1874+ce489889.aarch64.rpm aardvark-dns-2:1.10.1-2.module+el8.10.0+1874+ce489889.src.rpm cockpit-podman-0:84.1-1.module+el8.10.0+1815+5fe7415e.noarch.rpm cockpit-podman-0:84.1-1.module+el8.10.0+1815+5fe7415e.src.rpm conmon-3:2.1.10-1.module+el8.10.0+1815+5fe7415e.aarch64.rpm conmon-3:2.1.10-1.module+el8.10.0+1815+5fe7415e.src.rpm conmon-debuginfo-3:2.1.10-1.module+el8.10.0+1815+5fe7415e.aarch64.rpm conmon-debugsource-3:2.1.10-1.module+el8.10.0+1815+5fe7415e.aarch64.rpm containernetworking-plugins-1:1.4.0-5.module+el8.10.0+1843+6892ab28.aarch64.rpm containernetworking-plugins-1:1.4.0-5.module+el8.10.0+1843+6892ab28.src.rpm containernetworking-plugins-debuginfo-1:1.4.0-5.module+el8.10.0+1843+6892ab28.aarch64.rpm containernetworking-plugins-debugsource-1:1.4.0-5.module+el8.10.0+1843+6892ab28.aarch64.rpm containers-common-2:1-82.module+el8.10.0+1843+6892ab28.aarch64.rpm containers-common-2:1-82.module+el8.10.0+1843+6892ab28.src.rpm container-selinux-2:2.229.0-2.module+el8.10.0+1815+5fe7415e.noarch.rpm container-selinux-2:2.229.0-2.module+el8.10.0+1815+5fe7415e.src.rpm crit-0:3.18-5.module+el8.10.0+1815+5fe7415e.aarch64.rpm criu-0:3.18-5.module+el8.10.0+1815+5fe7415e.aarch64.rpm criu-0:3.18-5.module+el8.10.0+1815+5fe7415e.src.rpm criu-debuginfo-0:3.18-5.module+el8.10.0+1815+5fe7415e.aarch64.rpm criu-debugsource-0:3.18-5.module+el8.10.0+1815+5fe7415e.aarch64.rpm criu-devel-0:3.18-5.module+el8.10.0+1815+5fe7415e.aarch64.rpm criu-libs-0:3.18-5.module+el8.10.0+1815+5fe7415e.aarch64.rpm criu-libs-debuginfo-0:3.18-5.module+el8.10.0+1815+5fe7415e.aarch64.rpm crun-0:1.14.3-2.module+el8.10.0+1815+5fe7415e.aarch64.rpm crun-0:1.14.3-2.module+el8.10.0+1815+5fe7415e.src.rpm crun-debuginfo-0:1.14.3-2.module+el8.10.0+1815+5fe7415e.aarch64.rpm crun-debugsource-0:1.14.3-2.module+el8.10.0+1815+5fe7415e.aarch64.rpm fuse-overlayfs-0:1.13-1.module+el8.10.0+1815+5fe7415e.aarch64.rpm fuse-overlayfs-0:1.13-1.module+el8.10.0+1815+5fe7415e.src.rpm fuse-overlayfs-debuginfo-0:1.13-1.module+el8.10.0+1815+5fe7415e.aarch64.rpm fuse-overlayfs-debugsource-0:1.13-1.module+el8.10.0+1815+5fe7415e.aarch64.rpm libslirp-0:4.4.0-2.module+el8.10.0+1815+5fe7415e.aarch64.rpm libslirp-0:4.4.0-2.module+el8.10.0+1815+5fe7415e.src.rpm libslirp-debuginfo-0:4.4.0-2.module+el8.10.0+1815+5fe7415e.aarch64.rpm libslirp-debugsource-0:4.4.0-2.module+el8.10.0+1815+5fe7415e.aarch64.rpm libslirp-devel-0:4.4.0-2.module+el8.10.0+1815+5fe7415e.aarch64.rpm netavark-2:1.10.3-1.module+el8.10.0+1815+5fe7415e.aarch64.rpm netavark-2:1.10.3-1.module+el8.10.0+1815+5fe7415e.src.rpm oci-seccomp-bpf-hook-0:1.2.10-1.module+el8.10.0+1815+5fe7415e.aarch64.rpm oci-seccomp-bpf-hook-0:1.2.10-1.module+el8.10.0+1815+5fe7415e.src.rpm oci-seccomp-bpf-hook-debuginfo-0:1.2.10-1.module+el8.10.0+1815+5fe7415e.aarch64.rpm oci-seccomp-bpf-hook-debugsource-0:1.2.10-1.module+el8.10.0+1815+5fe7415e.aarch64.rpm python3-criu-0:3.18-5.module+el8.10.0+1815+5fe7415e.aarch64.rpm python3-podman-0:4.9.0-3.module+el8.10.0+1896+b18fa106.noarch.rpm python-podman-0:4.9.0-3.module+el8.10.0+1896+b18fa106.src.rpm skopeo-2:1.14.5-3.module+el8.10.0+1843+6892ab28.aarch64.rpm skopeo-2:1.14.5-3.module+el8.10.0+1843+6892ab28.src.rpm skopeo-tests-2:1.14.5-3.module+el8.10.0+1843+6892ab28.aarch64.rpm slirp4netns-0:1.2.3-1.module+el8.10.0+1815+5fe7415e.aarch64.rpm slirp4netns-0:1.2.3-1.module+el8.10.0+1815+5fe7415e.src.rpm slirp4netns-debuginfo-0:1.2.3-1.module+el8.10.0+1815+5fe7415e.aarch64.rpm slirp4netns-debugsource-0:1.2.3-1.module+el8.10.0+1815+5fe7415e.aarch64.rpm toolbox-0:0.0.99.5-2.module+el8.10.0+1815+5fe7415e.rocky.0.2.rocky.0.2.aarch64.rpm toolbox-0:0.0.99.5-2.module+el8.10.0+1815+5fe7415e.rocky.0.2.rocky.0.2.src.rpm toolbox-debuginfo-0:0.0.99.5-2.module+el8.10.0+1815+5fe7415e.rocky.0.2.rocky.0.2.aarch64.rpm toolbox-debugsource-0:0.0.99.5-2.module+el8.10.0+1815+5fe7415e.rocky.0.2.rocky.0.2.aarch64.rpm toolbox-tests-0:0.0.99.5-2.module+el8.10.0+1815+5fe7415e.rocky.0.2.rocky.0.2.aarch64.rpm udica-0:0.2.6-21.module+el8.10.0+1815+5fe7415e.noarch.rpm udica-0:0.2.6-21.module+el8.10.0+1815+5fe7415e.src.rpm buildah-2:1.33.12-1.module+el8.10.0+1933+1fc610b1.aarch64.rpm buildah-2:1.33.12-1.module+el8.10.0+1933+1fc610b1.src.rpm buildah-debuginfo-2:1.33.12-1.module+el8.10.0+1933+1fc610b1.aarch64.rpm buildah-debugsource-2:1.33.12-1.module+el8.10.0+1933+1fc610b1.aarch64.rpm buildah-tests-2:1.33.12-1.module+el8.10.0+1933+1fc610b1.aarch64.rpm buildah-tests-debuginfo-2:1.33.12-1.module+el8.10.0+1933+1fc610b1.aarch64.rpm podman-4:4.9.4-19.module+el8.10.0+1933+1fc610b1.aarch64.rpm podman-4:4.9.4-19.module+el8.10.0+1933+1fc610b1.src.rpm podman-catatonit-4:4.9.4-19.module+el8.10.0+1933+1fc610b1.aarch64.rpm podman-catatonit-debuginfo-4:4.9.4-19.module+el8.10.0+1933+1fc610b1.aarch64.rpm podman-debuginfo-4:4.9.4-19.module+el8.10.0+1933+1fc610b1.aarch64.rpm podman-debugsource-4:4.9.4-19.module+el8.10.0+1933+1fc610b1.aarch64.rpm podman-docker-4:4.9.4-19.module+el8.10.0+1933+1fc610b1.noarch.rpm podman-gvproxy-4:4.9.4-19.module+el8.10.0+1933+1fc610b1.aarch64.rpm podman-gvproxy-debuginfo-4:4.9.4-19.module+el8.10.0+1933+1fc610b1.aarch64.rpm podman-plugins-4:4.9.4-19.module+el8.10.0+1933+1fc610b1.aarch64.rpm podman-plugins-debuginfo-4:4.9.4-19.module+el8.10.0+1933+1fc610b1.aarch64.rpm podman-remote-4:4.9.4-19.module+el8.10.0+1933+1fc610b1.aarch64.rpm podman-remote-debuginfo-4:4.9.4-19.module+el8.10.0+1933+1fc610b1.aarch64.rpm podman-tests-4:4.9.4-19.module+el8.10.0+1933+1fc610b1.aarch64.rpm runc-1:1.1.12-6.module+el8.10.0+1933+1fc610b1.aarch64.rpm runc-1:1.1.12-6.module+el8.10.0+1933+1fc610b1.src.rpm runc-debuginfo-1:1.1.12-6.module+el8.10.0+1933+1fc610b1.aarch64.rpm runc-debugsource-1:1.1.12-6.module+el8.10.0+1933+1fc610b1.aarch64.rpm

Rocky Linux 8 x86_64 - AppStream

aardvark-dns-2:1.10.1-2.module+el8.10.0+1874+ce489889.src.rpm aardvark-dns-2:1.10.1-2.module+el8.10.0+1874+ce489889.x86_64.rpm cockpit-podman-0:84.1-1.module+el8.10.0+1815+5fe7415e.noarch.rpm cockpit-podman-0:84.1-1.module+el8.10.0+1815+5fe7415e.src.rpm conmon-3:2.1.10-1.module+el8.10.0+1815+5fe7415e.src.rpm conmon-3:2.1.10-1.module+el8.10.0+1815+5fe7415e.x86_64.rpm conmon-debuginfo-3:2.1.10-1.module+el8.10.0+1815+5fe7415e.x86_64.rpm conmon-debugsource-3:2.1.10-1.module+el8.10.0+1815+5fe7415e.x86_64.rpm containernetworking-plugins-1:1.4.0-5.module+el8.10.0+1843+6892ab28.src.rpm containernetworking-plugins-1:1.4.0-5.module+el8.10.0+1843+6892ab28.x86_64.rpm containernetworking-plugins-debuginfo-1:1.4.0-5.module+el8.10.0+1843+6892ab28.x86_64.rpm containernetworking-plugins-debugsource-1:1.4.0-5.module+el8.10.0+1843+6892ab28.x86_64.rpm containers-common-2:1-82.module+el8.10.0+1843+6892ab28.src.rpm containers-common-2:1-82.module+el8.10.0+1843+6892ab28.x86_64.rpm container-selinux-2:2.229.0-2.module+el8.10.0+1815+5fe7415e.noarch.rpm container-selinux-2:2.229.0-2.module+el8.10.0+1815+5fe7415e.src.rpm crit-0:3.18-5.module+el8.10.0+1815+5fe7415e.x86_64.rpm criu-0:3.18-5.module+el8.10.0+1815+5fe7415e.src.rpm criu-0:3.18-5.module+el8.10.0+1815+5fe7415e.x86_64.rpm criu-debuginfo-0:3.18-5.module+el8.10.0+1815+5fe7415e.x86_64.rpm criu-debugsource-0:3.18-5.module+el8.10.0+1815+5fe7415e.x86_64.rpm criu-devel-0:3.18-5.module+el8.10.0+1815+5fe7415e.x86_64.rpm criu-libs-0:3.18-5.module+el8.10.0+1815+5fe7415e.x86_64.rpm criu-libs-debuginfo-0:3.18-5.module+el8.10.0+1815+5fe7415e.x86_64.rpm crun-0:1.14.3-2.module+el8.10.0+1815+5fe7415e.src.rpm crun-0:1.14.3-2.module+el8.10.0+1815+5fe7415e.x86_64.rpm crun-debuginfo-0:1.14.3-2.module+el8.10.0+1815+5fe7415e.x86_64.rpm crun-debugsource-0:1.14.3-2.module+el8.10.0+1815+5fe7415e.x86_64.rpm fuse-overlayfs-0:1.13-1.module+el8.10.0+1815+5fe7415e.src.rpm fuse-overlayfs-0:1.13-1.module+el8.10.0+1815+5fe7415e.x86_64.rpm fuse-overlayfs-debuginfo-0:1.13-1.module+el8.10.0+1815+5fe7415e.x86_64.rpm fuse-overlayfs-debugsource-0:1.13-1.module+el8.10.0+1815+5fe7415e.x86_64.rpm libslirp-0:4.4.0-2.module+el8.10.0+1815+5fe7415e.src.rpm libslirp-0:4.4.0-2.module+el8.10.0+1815+5fe7415e.x86_64.rpm libslirp-debuginfo-0:4.4.0-2.module+el8.10.0+1815+5fe7415e.x86_64.rpm libslirp-debugsource-0:4.4.0-2.module+el8.10.0+1815+5fe7415e.x86_64.rpm libslirp-devel-0:4.4.0-2.module+el8.10.0+1815+5fe7415e.x86_64.rpm netavark-2:1.10.3-1.module+el8.10.0+1815+5fe7415e.src.rpm netavark-2:1.10.3-1.module+el8.10.0+1815+5fe7415e.x86_64.rpm oci-seccomp-bpf-hook-0:1.2.10-1.module+el8.10.0+1815+5fe7415e.src.rpm oci-seccomp-bpf-hook-0:1.2.10-1.module+el8.10.0+1815+5fe7415e.x86_64.rpm oci-seccomp-bpf-hook-debuginfo-0:1.2.10-1.module+el8.10.0+1815+5fe7415e.x86_64.rpm oci-seccomp-bpf-hook-debugsource-0:1.2.10-1.module+el8.10.0+1815+5fe7415e.x86_64.rpm python3-criu-0:3.18-5.module+el8.10.0+1815+5fe7415e.x86_64.rpm python3-podman-0:4.9.0-3.module+el8.10.0+1896+b18fa106.noarch.rpm python-podman-0:4.9.0-3.module+el8.10.0+1896+b18fa106.src.rpm skopeo-2:1.14.5-3.module+el8.10.0+1843+6892ab28.src.rpm skopeo-2:1.14.5-3.module+el8.10.0+1843+6892ab28.x86_64.rpm skopeo-tests-2:1.14.5-3.module+el8.10.0+1843+6892ab28.x86_64.rpm slirp4netns-0:1.2.3-1.module+el8.10.0+1815+5fe7415e.src.rpm slirp4netns-0:1.2.3-1.module+el8.10.0+1815+5fe7415e.x86_64.rpm slirp4netns-debuginfo-0:1.2.3-1.module+el8.10.0+1815+5fe7415e.x86_64.rpm slirp4netns-debugsource-0:1.2.3-1.module+el8.10.0+1815+5fe7415e.x86_64.rpm toolbox-0:0.0.99.5-2.module+el8.10.0+1815+5fe7415e.rocky.0.2.rocky.0.2.src.rpm toolbox-0:0.0.99.5-2.module+el8.10.0+1815+5fe7415e.rocky.0.2.rocky.0.2.x86_64.rpm toolbox-debuginfo-0:0.0.99.5-2.module+el8.10.0+1815+5fe7415e.rocky.0.2.rocky.0.2.x86_64.rpm toolbox-debugsource-0:0.0.99.5-2.module+el8.10.0+1815+5fe7415e.rocky.0.2.rocky.0.2.x86_64.rpm toolbox-tests-0:0.0.99.5-2.module+el8.10.0+1815+5fe7415e.rocky.0.2.rocky.0.2.x86_64.rpm udica-0:0.2.6-21.module+el8.10.0+1815+5fe7415e.noarch.rpm udica-0:0.2.6-21.module+el8.10.0+1815+5fe7415e.src.rpm buildah-2:1.33.12-1.module+el8.10.0+1933+1fc610b1.src.rpm buildah-2:1.33.12-1.module+el8.10.0+1933+1fc610b1.x86_64.rpm buildah-debuginfo-2:1.33.12-1.module+el8.10.0+1933+1fc610b1.x86_64.rpm buildah-debugsource-2:1.33.12-1.module+el8.10.0+1933+1fc610b1.x86_64.rpm buildah-tests-2:1.33.12-1.module+el8.10.0+1933+1fc610b1.x86_64.rpm buildah-tests-debuginfo-2:1.33.12-1.module+el8.10.0+1933+1fc610b1.x86_64.rpm podman-4:4.9.4-19.module+el8.10.0+1933+1fc610b1.src.rpm podman-4:4.9.4-19.module+el8.10.0+1933+1fc610b1.x86_64.rpm podman-catatonit-4:4.9.4-19.module+el8.10.0+1933+1fc610b1.x86_64.rpm podman-catatonit-debuginfo-4:4.9.4-19.module+el8.10.0+1933+1fc610b1.x86_64.rpm podman-debuginfo-4:4.9.4-19.module+el8.10.0+1933+1fc610b1.x86_64.rpm podman-debugsource-4:4.9.4-19.module+el8.10.0+1933+1fc610b1.x86_64.rpm podman-docker-4:4.9.4-19.module+el8.10.0+1933+1fc610b1.noarch.rpm podman-gvproxy-4:4.9.4-19.module+el8.10.0+1933+1fc610b1.x86_64.rpm podman-gvproxy-debuginfo-4:4.9.4-19.module+el8.10.0+1933+1fc610b1.x86_64.rpm podman-plugins-4:4.9.4-19.module+el8.10.0+1933+1fc610b1.x86_64.rpm podman-plugins-debuginfo-4:4.9.4-19.module+el8.10.0+1933+1fc610b1.x86_64.rpm podman-remote-4:4.9.4-19.module+el8.10.0+1933+1fc610b1.x86_64.rpm podman-remote-debuginfo-4:4.9.4-19.module+el8.10.0+1933+1fc610b1.x86_64.rpm podman-tests-4:4.9.4-19.module+el8.10.0+1933+1fc610b1.x86_64.rpm runc-1:1.1.12-6.module+el8.10.0+1933+1fc610b1.src.rpm runc-1:1.1.12-6.module+el8.10.0+1933+1fc610b1.x86_64.rpm runc-debuginfo-1:1.1.12-6.module+el8.10.0+1933+1fc610b1.x86_64.rpm runc-debugsource-1:1.1.12-6.module+el8.10.0+1933+1fc610b1.x86_64.rpm