container-tools:rhel8 security update

エラータID: AXSA:2021-2362:01

Release date: 
Monday, August 16, 2021 - 07:05
Subject: 
container-tools:rhel8 security update
Affected Channels: 
Asianux Server 8 for x86_64
Severity: 
High
Description: 

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc.

Security Fix(es):

* runc: vulnerable to symlink exchange attack (CVE-2021-30465)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2021-30465
runc before 1.0.0-rc95 allows a Container Filesystem Breakout via Directory Traversal. To exploit the vulnerability, an attacker must be able to create multiple containers with a fairly specific mount configuration. The problem occurs via a symlink-exchange attack that relies on a race condition.

Modularity name: [security-high]container-tools
Stream name: rhel8

Solution: 

Update packages.

CVEs: 
CVE-2021-30465
runc before 1.0.0-rc95 allows a Container Filesystem Breakout via Directory Traversal. To exploit the vulnerability, an attacker must be able to create multiple containers with a fairly specific mount configuration. The problem occurs via a symlink-exchange attack that relies on a race condition.
Additional Info: 

N/A

Download: 

SRPMS
  1. buildah-1.19.7-2.module+el8+1280+ea68472a.src.rpm
    MD5: 8698a17b5b29d764cbe5b6796af0cb18
    SHA-256: 343b93e8a79cc5628e7ab1e268720aa1df8b7d5b623d881cbd0b5a160a58c07e
    Size: 10.10 MB
  2. cockpit-podman-29-2.module+el8+1280+ea68472a.src.rpm
    MD5: cca6722b10a8dc30d82999b3f30e1ee3
    SHA-256: fe878bf44bfb94031984b05ffe94c58abe8362a7faa75af335c2818d4d80940f
    Size: 1.34 MB
  3. conmon-2.0.26-3.module+el8+1280+ea68472a.src.rpm
    MD5: c87910d7b504e4d9e6751e2c7a6dccc1
    SHA-256: 7231a8e01f672536f75dbb85c808d465cfc5f1c6bb37f366d711a6715debadc3
    Size: 115.17 kB
  4. containernetworking-plugins-0.9.1-1.module+el8+1280+ea68472a.src.rpm
    MD5: 1730fa0d0e357fe9e7c18ba5b721b024
    SHA-256: 2e1d369a7ff19d9fd551b145ce2785c81d46ea4ba78cf75a2c3fd8cbd23d5eaa
    Size: 2.44 MB
  5. container-selinux-2.162.0-1.module+el8+1280+ea68472a.src.rpm
    MD5: b435dffb378ced30d6b90ff3234b36cb
    SHA-256: 14c6057c339b2a04cecc2e86309c985cfd63cd1f907e7b8ef12018c0f4fb7e07
    Size: 49.35 kB
  6. criu-3.15-1.module+el8+1280+ea68472a.src.rpm
    MD5: 9054bd531e03551534f93f98453b3a41
    SHA-256: c99670e479e782ff193cfa19ebf0f8cf2519fba1f7a7abaf433e72692c220e82
    Size: 1.15 MB
  7. crun-0.18-2.module+el8+1280+ea68472a.src.rpm
    MD5: e3e4940fb5c2ca293ac283f6fb7bf92e
    SHA-256: f9ea012aa41400d622a4b0e49e218adc1d4a25ff9271d50d197f30436b60c07e
    Size: 1.34 MB
  8. fuse-overlayfs-1.4.0-3.module+el8+1280+ea68472a.src.rpm
    MD5: 90425117f9f084deb8a38cbddac943fd
    SHA-256: 00b89231d7d73054fb9f26f50d65477003fb14233a2f009c16c98a024cfdce7a
    Size: 113.12 kB
  9. libslirp-4.3.1-1.module+el8+1280+ea68472a.src.rpm
    MD5: e1b1ebbd538d0f99af11820484264d8b
    SHA-256: 4bb0147eb016cd12ba2692e45ac0e61ee603104d19ded2da8530d0e51e3680f1
    Size: 105.84 kB
  10. oci-seccomp-bpf-hook-1.2.0-2.module+el8+1280+ea68472a.src.rpm
    MD5: b7b69eab3f707b3093987e12abadc08b
    SHA-256: 3241242d2b9e16df21cee93a9fdb568ec1084b2242076d5dbc6b71f46876e527
    Size: 929.38 kB
  11. podman-3.0.1-7.module+el8+1280+ea68472a.src.rpm
    MD5: ef47353f23d6a02ee42b1213cae3c8e7
    SHA-256: adea5963b23995b42d918996139851403b573a963053edefa57a609fa81e48a4
    Size: 11.96 MB
  12. runc-1.0.0-73.rc93.module+el8+1280+ea68472a.src.rpm
    MD5: cc4e94f7d541a0f890ec786fbe5141df
    SHA-256: f8599ab5c6c5e28587e75bd6a78dde506bd401958844e464a625a7515edc464e
    Size: 2.03 MB
  13. skopeo-1.2.2-10.module+el8+1280+ea68472a.src.rpm
    MD5: b686335d1033f20369b17d58fd27a8de
    SHA-256: f9369ca696b7699eff75c62b3d92d7464c1aa55896c156db62f877e3a88103f2
    Size: 4.58 MB
  14. slirp4netns-1.1.8-1.module+el8+1280+ea68472a.src.rpm
    MD5: 355a24b4adcceed6f471b680aa2f6e0c
    SHA-256: 68a7b120872d50c67aaa0c282907de4a612336429aed1879c77562494b7073ca
    Size: 67.48 kB
  15. toolbox-0.0.8-1.module+el8+1280+ea68472a.src.rpm
    MD5: f968fdae9b7cda18edfd43cbda4141c7
    SHA-256: 024f338c1ecc196f455de78bd0c47803878be12b3ca72b327c7358cc309945d7
    Size: 19.12 kB
  16. udica-0.2.4-1.module+el8+1280+ea68472a.src.rpm
    MD5: d1418ec7715136d9dd4d71b7f6221524
    SHA-256: 277ae14214a27d048076bdd6bcccd4d71645868cff4d83ba6ecd208b31af9398
    Size: 133.56 kB

Asianux Server 8 for x86_64
  1. buildah-1.19.7-2.module+el8+1280+ea68472a.x86_64.rpm
    MD5: 656a56a87ba69dd50dcb8da7fe814ead
    SHA-256: 4df64b3232ece36b6dbf437e8e1ba9b254ae093202c0f705abe544cf2947645f
    Size: 7.42 MB
  2. buildah-debugsource-1.19.7-2.module+el8+1280+ea68472a.x86_64.rpm
    MD5: fa25820686b121562d63c77249c731c6
    SHA-256: dc93a7f0e0fea378f33d5dd56478e0bf74dfbe0b092a8947fc837431d079e43c
    Size: 2.52 MB
  3. buildah-tests-1.19.7-2.module+el8+1280+ea68472a.x86_64.rpm
    MD5: 687ddf1a8fe177d93924d032515efd54
    SHA-256: df3401670f416470d8238b432e689824a2ed5e3258f806d094540b437bef63c2
    Size: 8.79 MB
  4. cockpit-podman-29-2.module+el8+1280+ea68472a.noarch.rpm
    MD5: 0520d71d984bdc02b55d32d6800d74fd
    SHA-256: bc0bef898ec4f581e0f94cac65a439621e93eebbbe39ccd5cce66507295bad24
    Size: 1.07 MB
  5. conmon-2.0.26-3.module+el8+1280+ea68472a.x86_64.rpm
    MD5: 0bd94b182e4d4355edc8c54a97a7eee4
    SHA-256: 1fd127203cf694f89faa84b3e52fd962383482c195a6870c32305065e60426d3
    Size: 50.50 kB
  6. conmon-debugsource-2.0.26-3.module+el8+1280+ea68472a.x86_64.rpm
    MD5: af45d21a65abec1da850c862685794ba
    SHA-256: f6ecdda03d367d4e644cecf0b98fb7778004441dece92fcb4c3dd11bfe081561
    Size: 42.17 kB
  7. containernetworking-plugins-0.9.1-1.module+el8+1280+ea68472a.x86_64.rpm
    MD5: 15865055b03d1d0438fae462416c8532
    SHA-256: ec469ddee315970dd4818acc5ad1918df9b615dea599207317565715ece9da35
    Size: 20.23 MB
  8. containernetworking-plugins-debugsource-0.9.1-1.module+el8+1280+ea68472a.x86_64.rpm
    MD5: 7a4d0c932b7c47a834e395dc4230ec02
    SHA-256: e4e15b6f9a57de2d99157accc8d100aaae6da01542a6b5d3fe23f7071ef6ddf5
    Size: 343.03 kB
  9. container-selinux-2.162.0-1.module+el8+1280+ea68472a.noarch.rpm
    MD5: ea04c01d625fe03839103cecbdfec260
    SHA-256: 3e50da2d6cac5813cef5292f69de2439e2dcb2075b44d83af01562699a404994
    Size: 50.62 kB
  10. crit-3.15-1.module+el8+1280+ea68472a.x86_64.rpm
    MD5: f91920045cab50c105a2900b2dd66f77
    SHA-256: 24ab4c11ae3915d9bbc14a2b34673733b15010d3b848cd3d732fc73212e89fab
    Size: 18.36 kB
  11. criu-3.15-1.module+el8+1280+ea68472a.x86_64.rpm
    MD5: 5919f5154f52332ba1925399ce8cca69
    SHA-256: 73b390fba3f5582fbb9874c0f232c29c2b98e71a25bd72d3f7a5bfb18359e6dd
    Size: 510.08 kB
  12. criu-debugsource-3.15-1.module+el8+1280+ea68472a.x86_64.rpm
    MD5: 424eaadd6202168c1f79a341bab75a79
    SHA-256: 18894685240d3ee4510bdf6fc5a59e9b83e988cee6dae49277d5c0582c55b183
    Size: 663.66 kB
  13. python3-criu-3.15-1.module+el8+1280+ea68472a.x86_64.rpm
    MD5: ff87e69427a5902f4692798178eff203
    SHA-256: fa21955eacdec7a8b96555b43536b78781af73d91a07c1755aea03b8c4e20c09
    Size: 168.57 kB
  14. crun-0.18-2.module+el8+1280+ea68472a.x86_64.rpm
    MD5: 424ed015e73fe042be6eedcd777641bc
    SHA-256: cd8a6d8b54c7c72551285048c5e69dcfb5579adc6530a0739a3571860228e6da
    Size: 183.96 kB
  15. crun-debugsource-0.18-2.module+el8+1280+ea68472a.x86_64.rpm
    MD5: 84a312f4afc1164c90baf9441d4d5882
    SHA-256: 22a1a3c8613972796d1ffdc336a204bf8fc49ca32a985692a9e3d67e71641286
    Size: 134.55 kB
  16. fuse-overlayfs-1.4.0-3.module+el8+1280+ea68472a.x86_64.rpm
    MD5: 8538f4599defbf99fb002c6869556429
    SHA-256: 8951fefd27dec189f37976c8c564ef5911f370c18408214765c11a86b02d896e
    Size: 71.15 kB
  17. fuse-overlayfs-debugsource-1.4.0-3.module+el8+1280+ea68472a.x86_64.rpm
    MD5: 8f7a2d00cec42357e9b4ffd38c8c72b9
    SHA-256: 16af5e5e9da833ef107cb1a652830350b4031f6521fb1c197b848cc764f81d0c
    Size: 52.76 kB
  18. libslirp-4.3.1-1.module+el8+1280+ea68472a.x86_64.rpm
    MD5: 72008b292970f644bf06092aae0b6701
    SHA-256: 41d151e5bd2255e4968aaeae6df53d4ef4ee22b2c03754a7d94747011d4ef94a
    Size: 67.85 kB
  19. libslirp-debugsource-4.3.1-1.module+el8+1280+ea68472a.x86_64.rpm
    MD5: 04b08d78660fc13c876f7e9176b5975a
    SHA-256: 371634b8cc78b6db1da64a9a1a99e96d37b65b1f0dc3d31a14828ba3aa5eee56
    Size: 112.95 kB
  20. libslirp-devel-4.3.1-1.module+el8+1280+ea68472a.x86_64.rpm
    MD5: cea6c190b7f898c0097b0753342792fd
    SHA-256: fd3dc51f0e557e30a9a49aba029661251a29b30da13459054634a3eb2cd9c8a4
    Size: 11.16 kB
  21. oci-seccomp-bpf-hook-1.2.0-2.module+el8+1280+ea68472a.x86_64.rpm
    MD5: 0dc31f702c57b535928e7224ae74f7e0
    SHA-256: 7c6683c9f9af4841897a599474501e0dbe8195bc0a4b22ee0a1de1cce0efd7ba
    Size: 1.11 MB
  22. oci-seccomp-bpf-hook-debugsource-1.2.0-2.module+el8+1280+ea68472a.x86_64.rpm
    MD5: 005b02c3351b8187ba88e02c7087352d
    SHA-256: 3a7ab621e31fb502beb95329b058b5dc8d330951cc5b263d9ebb4b2c9327370d
    Size: 143.57 kB
  23. podman-3.0.1-7.module+el8+1280+ea68472a.x86_64.rpm
    MD5: 7c9e1842d6841683341b400547f3bf4c
    SHA-256: a194579a79bdf0e78fd5cbb435038d68d5c1e8d038ac01585f8f7852415ec7cc
    Size: 11.85 MB
  24. podman-catatonit-3.0.1-7.module+el8+1280+ea68472a.x86_64.rpm
    MD5: f01daab5ec558c8fb5e28bb9255053f7
    SHA-256: ad8499fe0a7fc43a3f4b8d9b532ac84d384db85ea9744c71c53ce68325c9f87d
    Size: 321.69 kB
  25. podman-debugsource-3.0.1-7.module+el8+1280+ea68472a.x86_64.rpm
    MD5: 1b918dcdf9ee71ce298de66406dcff23
    SHA-256: b170b33fa094fd1f73336656909e9a26801db1c7d2a4e118b7aeab973a232376
    Size: 4.35 MB
  26. podman-docker-3.0.1-7.module+el8+1280+ea68472a.noarch.rpm
    MD5: f8290f1f90ca4cd8819b75afa2e98f25
    SHA-256: d4a0143ac34ed0fa78d7c0ba8c58cdb695da939b88125cb4c132b530b1a24030
    Size: 57.19 kB
  27. podman-plugins-3.0.1-7.module+el8+1280+ea68472a.x86_64.rpm
    MD5: 33a198ecf1d5f342e3000234e352fb48
    SHA-256: 2b74410081e3779926ecb5374dc9bfb28ef4e7008ce96273b2ac0f84c81bdeb7
    Size: 1.26 MB
  28. podman-remote-3.0.1-7.module+el8+1280+ea68472a.x86_64.rpm
    MD5: 57fe5523a4de4474ff8ebd9e2167a4d5
    SHA-256: 16c9ecbbb288ca2823bcee5a646891d5dddbb737f08927319370d766dd8d4809
    Size: 9.13 MB
  29. podman-tests-3.0.1-7.module+el8+1280+ea68472a.x86_64.rpm
    MD5: d4648190bb8aca21141eb80f9a29b76b
    SHA-256: 9d97c72b4d41457442e779e21435176c2466c4e097ad7eeb7128dce18d187043
    Size: 106.15 kB
  30. runc-1.0.0-73.rc93.module+el8+1280+ea68472a.x86_64.rpm
    MD5: f0c2cad958b9245bcdd0fedd6ac43ab1
    SHA-256: bf46cb18c2a70a83dfa686f5c2f9b9f027b5bc5ca8b076d1f18dde16768039da
    Size: 3.23 MB
  31. runc-debugsource-1.0.0-73.rc93.module+el8+1280+ea68472a.x86_64.rpm
    MD5: 4643ad9b19771dc8d66c5971015907df
    SHA-256: 281541273c77e38979d286fd13292f56abbe5151b389ffc69680d94323346d86
    Size: 812.77 kB
  32. containers-common-1.2.2-10.module+el8+1280+ea68472a.x86_64.rpm
    MD5: bce1747b1241d43940e72374fa66a0ac
    SHA-256: 7fae12bc05e2fb72dd9c1764983701b2fbfd4ba5fedc643827448468f72fb7b6
    Size: 98.09 kB
  33. skopeo-1.2.2-10.module+el8+1280+ea68472a.x86_64.rpm
    MD5: e7c11417d3d93679fd122644a1b2844d
    SHA-256: f0774a49b77feabf805c581ade11e338f85bb790f41def80cefacec90cc227c5
    Size: 6.31 MB
  34. skopeo-debugsource-1.2.2-10.module+el8+1280+ea68472a.x86_64.rpm
    MD5: 518491a6b4d2f9310409f0f0e5eff5a9
    SHA-256: d871e196fcc933fa25e4ca1a2d3733ecb1c9ea4b7b357c6ba4b7e092b0b95bdb
    Size: 2.01 MB
  35. skopeo-tests-1.2.2-10.module+el8+1280+ea68472a.x86_64.rpm
    MD5: 7187d09fedc6b4dc4b1093e9abd7b0a1
    SHA-256: 4b737da68de1cf344655af0f1366e0ce8cf12ee99383c189f74866c32d1d2277
    Size: 39.65 kB
  36. slirp4netns-1.1.8-1.module+el8+1280+ea68472a.x86_64.rpm
    MD5: 452bb4555946c05112ed808287dc2e48
    SHA-256: 84bcd28c4158b11b122b895388dfcaa05f5c1f40de99e8ec90421c84fef0bea8
    Size: 50.01 kB
  37. slirp4netns-debugsource-1.1.8-1.module+el8+1280+ea68472a.x86_64.rpm
    MD5: 44dbc1458218793fb885cc7a53433225
    SHA-256: 2effc5bda19b3bf70fac58fb74f286d98d020c797a3cdd346e48c6fa55aae2e1
    Size: 38.61 kB
  38. toolbox-0.0.8-1.module+el8+1280+ea68472a.noarch.rpm
    MD5: 1df138ad6959bf15f5512befdaf75ce2
    SHA-256: 4c2067169ec4d3ee6802c4218750680dd5ba543b0bd1a0cbf8814cbc93403abd
    Size: 14.60 kB
  39. udica-0.2.4-1.module+el8+1280+ea68472a.noarch.rpm
    MD5: eefd216c922bbbd9b15c67cfae55e10b
    SHA-256: 04dcfbd4a78dd1aea7d3bdc3a86b18771de8888202b1d28f7181cc5ffc32cdde
    Size: 49.39 kB