Issued at: 2026-07-10
Updated at: 2026-07-12
Synopsis
Important: oci-seccomp-bpf-hook security update
Description
OCI Hook to generate seccomp json files based on EBF syscalls used by container oci-seccomp-bpf-hook provides a library for applications looking to use the Container Pod concept popularized by Kubernetes.
Security Fix(es):
* net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME (CVE-2026-33811)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected products
Rocky Linux 9 aarch64
Rocky Linux 9 ppc64le
Rocky Linux 9 s390x
Rocky Linux 9 x86_64
Fixes
2467822
CVEs
CVE-2026-33811
Affected packages
Rocky Linux 9 aarch64 - AppStream
oci-seccomp-bpf-hook-0:1.2.11-2.el9_8.aarch64.rpm
oci-seccomp-bpf-hook-0:1.2.11-2.el9_8.src.rpm
oci-seccomp-bpf-hook-debuginfo-0:1.2.11-2.el9_8.aarch64.rpm
oci-seccomp-bpf-hook-debugsource-0:1.2.11-2.el9_8.aarch64.rpm
Rocky Linux 9 ppc64le - AppStream
oci-seccomp-bpf-hook-0:1.2.11-2.el9_8.ppc64le.rpm
oci-seccomp-bpf-hook-0:1.2.11-2.el9_8.src.rpm
oci-seccomp-bpf-hook-debuginfo-0:1.2.11-2.el9_8.ppc64le.rpm
oci-seccomp-bpf-hook-debugsource-0:1.2.11-2.el9_8.ppc64le.rpm
Rocky Linux 9 s390x - AppStream
oci-seccomp-bpf-hook-0:1.2.11-2.el9_8.s390x.rpm
oci-seccomp-bpf-hook-0:1.2.11-2.el9_8.src.rpm
oci-seccomp-bpf-hook-debuginfo-0:1.2.11-2.el9_8.s390x.rpm
oci-seccomp-bpf-hook-debugsource-0:1.2.11-2.el9_8.s390x.rpm
Rocky Linux 9 x86_64 - AppStream
oci-seccomp-bpf-hook-0:1.2.11-2.el9_8.src.rpm
oci-seccomp-bpf-hook-0:1.2.11-2.el9_8.x86_64.rpm
oci-seccomp-bpf-hook-debuginfo-0:1.2.11-2.el9_8.x86_64.rpm
oci-seccomp-bpf-hook-debugsource-0:1.2.11-2.el9_8.x86_64.rpm