Oracle Linux: CVE-2024-11218: ELSA-2025-0922: podman security update (IMPORTANT) (Multiple Advisories)

Oracle Linux: CVE-2024-11218: ELSA-2025-0922:podman security update (IMPORTANT) (Multiple Advisories)

Severity

7

CVSS

(AV:L/AC:L/Au:N/C:C/I:C/A:C)

Published

01/20/2025

Created

02/05/2025

Added

02/04/2025

Modified

02/13/2025

Description

A vulnerability was found in `podman build` and `buildah.` This issue occurs in a container breakout by using --jobs=2 and a race condition when building a malicious Containerfile. SELinux might mitigate it, but even with SELinux on, it still allows the enumeration of files and directories on the host.

Solution(s)

• oracle-linux-upgrade-aardvark-dns
• oracle-linux-upgrade-buildah
• oracle-linux-upgrade-buildah-tests
• oracle-linux-upgrade-cockpit-podman
• oracle-linux-upgrade-conmon
• oracle-linux-upgrade-containernetworking-plugins
• oracle-linux-upgrade-containers-common
• oracle-linux-upgrade-container-selinux
• oracle-linux-upgrade-crit
• oracle-linux-upgrade-criu
• oracle-linux-upgrade-criu-devel
• oracle-linux-upgrade-criu-libs
• oracle-linux-upgrade-crun
• oracle-linux-upgrade-fuse-overlayfs
• oracle-linux-upgrade-libslirp
• oracle-linux-upgrade-libslirp-devel
• oracle-linux-upgrade-netavark
• oracle-linux-upgrade-oci-seccomp-bpf-hook
• oracle-linux-upgrade-podman
• oracle-linux-upgrade-podman-docker
• oracle-linux-upgrade-podman-plugins
• oracle-linux-upgrade-podman-remote
• oracle-linux-upgrade-podman-tests
• oracle-linux-upgrade-python3-criu
• oracle-linux-upgrade-python3-podman
• oracle-linux-upgrade-skopeo
• oracle-linux-upgrade-skopeo-tests
• oracle-linux-upgrade-slirp4netns
• oracle-linux-upgrade-udica

References

• https://attackerkb.com/topics/cve-2024-11218
• CVE - 2024-11218
• ELSA-2025-0922
• ELSA-2025-0923
• ELSA-2025-1372