RHSA-2024:0564MediumCVSS 7.8
Red Hat Security Advisory: container-tools:3.0 security update
🔗 CVE IDs covered (2)
📋 Description
CVE-2022-21698 — prometheus/client_golang: Denial of service using InstrumentHandlerCounter
CVE-2023-28642 — runc: AppArmor can be bypassed when /proc inside the container is symlinked with a specific mount configuration
🔗 References (6)
- selfhttps://access.redhat.com/errata/RHSA-2024:0564
- externalhttps://access.redhat.com/security/updates/classification/#moderate
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2045880
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2182883
- externalhttps://issues.redhat.com/browse/RHEL-17147
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_0564.json