container-tools:rhel8 security update

エラータID: AXSA:2025-11632:01

リリース日: 
2025/12/26 Friday - 12:00
題名: 
container-tools:rhel8 security update
影響のあるチャネル: 
Asianux Server 8 for x86_64
Severity: 
High
Description: 

以下項目について対処しました。

[Security Fix]
- runc には、ローカルの攻撃者により、情報の漏洩、データ破壊、
およびサービス拒否攻撃を可能とする脆弱性が存在します。
(CVE-2025-52881)

Modularity name: container-tools
Stream name: rhel8

解決策: 

パッケージをアップデートしてください。

CVE: 
CVE-2025-52881
runc is a CLI tool for spawning and running containers according to the OCI specification. In versions 1.2.7, 1.3.2 and 1.4.0-rc.2, an attacker can trick runc into misdirecting writes to /proc to other procfs files through the use of a racing container with shared mounts (we have also verified this attack is possible to exploit using a standard Dockerfile with docker buildx build as that also permits triggering parallel execution of containers with custom shared mounts configured). This redirect could be through symbolic links in a tmpfs or theoretically other methods such as regular bind-mounts. While similar, the mitigation applied for the related CVE, CVE-2019-19921, was fairly limited and effectively only caused runc to verify that when LSM labels are written they are actually procfs files. This issue is fixed in versions 1.2.8, 1.3.3, and 1.4.0-rc.3.
追加情報: 

N/A

ダウンロード: 

SRPMS
  1. aardvark-dns-1.10.1-2.module+el8+1932+d3930bb0.src.rpm
    MD5: a842147363c8ea9839ad6e9701e373c3
    SHA-256: 2eaeee9c8084a0121a86c6cbf0cddea8e6692f9373d3e4af2152ed740630263d
    Size: 6.14 MB
  2. buildah-1.33.13-1.module+el8+1932+d3930bb0.src.rpm
    MD5: 94749334c5a73ee909478eaafb0734ab
    SHA-256: 6e8744a86b12b56e026123093893e385777508535846300627cf83ae31267ea9
    Size: 18.31 MB
  3. cockpit-podman-84.1-1.module+el8+1932+d3930bb0.src.rpm
    MD5: 6dda15d6b4b202114e005d5d85a0cb6d
    SHA-256: d6cf057be51e488a4dd41e33169ba3001e4264260c67ed5f893de772866fc32b
    Size: 1.27 MB
  4. conmon-2.1.10-1.module+el8+1932+d3930bb0.src.rpm
    MD5: 8582e41257f3c93f8e6bf09c3ab85cde
    SHA-256: f5306831c71ad248e339ce5aae7f5bfeea1f9923e01651f51fa9b24abce649a1
    Size: 133.59 kB
  5. containernetworking-plugins-1.4.0-6.module+el8+1932+d3930bb0.src.rpm
    MD5: 1a8ba8aca3050dcd30ab9ddb1b810304
    SHA-256: 7b7b591d41b879115fffdcb137e24d8d00781c08f2c2ecb6839f3698082d3f9a
    Size: 3.62 MB
  6. containers-common-1-82.module+el8+1932+d3930bb0.src.rpm
    MD5: 796ee3c45a46d4d8e7e7577d995b4447
    SHA-256: 59538dd9e03552ddcb3b6ba7f9c380cd9af6311b382e06b98e13685a8976930d
    Size: 145.63 kB
  7. container-selinux-2.229.0-2.module+el8+1932+d3930bb0.src.rpm
    MD5: 95c1854ef423b11ff76ced905c37c746
    SHA-256: d830a760e4a65c77fc18e9018e1301d18cab33dd8e1b376444b896cea0048724
    Size: 65.58 kB
  8. criu-3.18-5.module+el8+1932+d3930bb0.src.rpm
    MD5: 55b669a37bb99aae4e5a7767f066ae7f
    SHA-256: 91e3c45b93ca116b80f18c871772ec8a14e8aaff12c3eda56b4053285fc7a429
    Size: 1.32 MB
  9. crun-1.14.3-2.module+el8+1932+d3930bb0.src.rpm
    MD5: 4b5ce318a45e7fc1c863c4fd18236e35
    SHA-256: 9279ba3540aea6adb8ffc56f10aefdef7e5acf27166e8bdaa5f00014f5791999
    Size: 1.68 MB
  10. fuse-overlayfs-1.13-1.module+el8+1932+d3930bb0.src.rpm
    MD5: 22af1aac71157ef16f4b8576d4817c7e
    SHA-256: 1daf967d7cc34a379d7249360d1d1810f9eee3d0b0b1c8127badc2f8e2366657
    Size: 112.28 kB
  11. libslirp-4.4.0-2.module+el8+1932+d3930bb0.src.rpm
    MD5: 74e36caccdb1f492535149db89f69a3b
    SHA-256: 107bb9837bda6ebd0c0733c7f164441c7acedf994023d260ce3b99599e6e8e95
    Size: 114.97 kB
  12. netavark-1.10.3-1.module+el8+1932+d3930bb0.src.rpm
    MD5: 9761afcdf4d1789f0f324c6084239521
    SHA-256: 2875256f486791b98c9abe0032059b09b615d5ee7abc2fc8fd45b2c2e8006abb
    Size: 15.51 MB
  13. oci-seccomp-bpf-hook-1.2.10-1.module+el8+1932+d3930bb0.src.rpm
    MD5: 48321eadcc31969644e668ea9e647de1
    SHA-256: f49e4df250b8672f1f3a3184835644e9cb80ce5f163e1ddc4bf1fe521200982b
    Size: 1.43 MB
  14. podman-4.9.4-25.module+el8+1932+d3930bb0.src.rpm
    MD5: 8b81225a80628d8b9f5fb66433a1e650
    SHA-256: d29b065f70796623b4a6377c32728a4e998081bd8411184f6f5ec5bcdab99463
    Size: 32.64 MB
  15. python-podman-4.9.0-3.module+el8+1932+d3930bb0.src.rpm
    MD5: ee80710d843028cd2e451a68f58e50a1
    SHA-256: 6d21dd5de6e2eba8f566c94b9222e08e579b0c235a04f4ebda759327578c4a44
    Size: 188.74 kB
  16. runc-1.2.9-2.module+el8+1932+d3930bb0.src.rpm
    MD5: 1b9dada6e37d200179955f956ac47fa5
    SHA-256: 6dd56e2c2a0bc6d219534af417bd35224aba94257be453a4719e89d6c9d4f0bc
    Size: 2.63 MB
  17. skopeo-1.14.5-5.module+el8+1932+d3930bb0.src.rpm
    MD5: 45170bcf9b0f10f6dac3be6760c509fd
    SHA-256: cf65bbabbc9f94e05cd389704bf11366775565c5a59ddd6dd374bd79bfa677d2
    Size: 10.00 MB
  18. slirp4netns-1.2.3-1.module+el8+1932+d3930bb0.src.rpm
    MD5: c4b78a5b6e49967c23f3252302bd68f9
    SHA-256: 4f6f3e645df86ecbec1d145ddecb7785c52214bdfaa7030711241cc22d32df59
    Size: 76.05 kB
  19. toolbox-0.0.99.5-2.module+el8+1932+d3930bb0.src.rpm
    MD5: d411846d46718bdb4dd2e5597f594242
    SHA-256: c90de6b2213bb30ef8fa8494634b9dde8422fcc1d939ca7c67e5cf3c9a795d6f
    Size: 1.10 MB
  20. udica-0.2.6-21.module+el8+1932+d3930bb0.src.rpm
    MD5: c113e4577dc334dc9b7609fd2c1d4d99
    SHA-256: 4c3f9128d0bcf48b6afaeea1a39aadb474e6e580ef2ce0a865802d25587b0cff
    Size: 134.32 kB

Asianux Server 8 for x86_64
  1. aardvark-dns-1.10.1-2.module+el8+1932+d3930bb0.x86_64.rpm
    MD5: e0c4976286b82b3f63000981f6e9a1ec
    SHA-256: 2f11efe85460f3e8584abd3d0cc0d5d37daf73dd24b36da7e3c48eb611e96b1e
    Size: 0.97 MB
  2. buildah-1.33.13-1.module+el8+1932+d3930bb0.x86_64.rpm
    MD5: cd060c42539031cdffb07a1b482aecb9
    SHA-256: 3e6d2cb11e71053209e691ab7c49658540ee099534099a4478c781d7fbf400e9
    Size: 10.29 MB
  3. buildah-debugsource-1.33.13-1.module+el8+1932+d3930bb0.x86_64.rpm
    MD5: 3ac139537553dddd1273f14f83b85b50
    SHA-256: 44aab9f6f0ff5ffe789fe25b3913b82c7155b212a514ad027220ec75ce0b392d
    Size: 6.19 MB
  4. buildah-tests-1.33.13-1.module+el8+1932+d3930bb0.x86_64.rpm
    MD5: f3edf88cd1cef46b4c32e0cc4f975db9
    SHA-256: 7ab7afb43a9bacca7199ca0d527a30acc60fe23c7c3aadb9b9499f3367f09b60
    Size: 32.78 MB
  5. cockpit-podman-84.1-1.module+el8+1932+d3930bb0.noarch.rpm
    MD5: de34c1c629e6ec5b9c3feed73990d19a
    SHA-256: c67571328a631bffd950973440d4c30f6cd2d8304d3236754bcb1d2690142386
    Size: 682.92 kB
  6. conmon-2.1.10-1.module+el8+1932+d3930bb0.x86_64.rpm
    MD5: 8d332b6552a67d3923b0fb87b64bf97d
    SHA-256: 4918d16300c8b4fc4813947fc240c22b2f63914a6e3ea8d3da26a8e13986d973
    Size: 56.83 kB
  7. conmon-debugsource-2.1.10-1.module+el8+1932+d3930bb0.x86_64.rpm
    MD5: 8890a54fa7625ff3c1b99d9e71eb975d
    SHA-256: 3249d861fbc4c84fd5ac1aa8e2f7c6766eadd86be5d0a28bb2e5f4c53238ec11
    Size: 50.46 kB
  8. containernetworking-plugins-1.4.0-6.module+el8+1932+d3930bb0.x86_64.rpm
    MD5: f4052c598d0ad6b7313012112b19cd79
    SHA-256: 8d8757ecabe6b90d261a6148f68f4da9161381ee54bf6730aac80e83f9b4046d
    Size: 25.18 MB
  9. containernetworking-plugins-debugsource-1.4.0-6.module+el8+1932+d3930bb0.x86_64.rpm
    MD5: 38063381915dfe39671094aaf47b3dca
    SHA-256: b45bd98d8c711a776afe62ab3f445e494c9b0758986cd7d276c0f00358e5473b
    Size: 430.04 kB
  10. containers-common-1-82.module+el8+1932+d3930bb0.x86_64.rpm
    MD5: 54044973fb432f8efebcdb78288676de
    SHA-256: 9f192c3307ec57004dbf29f31006eb4ad6b0875b69452946dfb9d50c0ffd4640
    Size: 142.03 kB
  11. container-selinux-2.229.0-2.module+el8+1932+d3930bb0.noarch.rpm
    MD5: bc89dc6683c242a330234d810b72a21d
    SHA-256: 0b91688ec56bf86a18901a87746a2a3143e6f4f907091ad0544e738d7fc2a5ee
    Size: 69.43 kB
  12. crit-3.18-5.module+el8+1932+d3930bb0.x86_64.rpm
    MD5: 7249d0c2338e1a64710483dc353c2e9c
    SHA-256: 1e108af106c1afef748f11386548370aa16047008debbb02ee958edb8c9b1920
    Size: 22.11 kB
  13. criu-3.18-5.module+el8+1932+d3930bb0.x86_64.rpm
    MD5: e68051c44c33414a7c0e9fc1b6dae8ef
    SHA-256: f4c00409618b8781e70e9303e12b772f1b6c102479e826251d78417efbc31813
    Size: 563.14 kB
  14. criu-debugsource-3.18-5.module+el8+1932+d3930bb0.x86_64.rpm
    MD5: 8e7412f8748105142fc810792b796381
    SHA-256: 427539fa63aa77b3a269fc48a4887a13ac6dc621e53c2fee9e0a004fed35e3a2
    Size: 729.80 kB
  15. criu-devel-3.18-5.module+el8+1932+d3930bb0.x86_64.rpm
    MD5: e00e7a7d4f99acc2e0e5c4f82d96c82b
    SHA-256: a7d4f8625a0428ae3f8cb5eee6670d30cedc88166d396afa0160bbf84d8a83d0
    Size: 28.23 kB
  16. criu-libs-3.18-5.module+el8+1932+d3930bb0.x86_64.rpm
    MD5: 610896671013a9740bc312b7ef1d5654
    SHA-256: 221d8b2275068488cc07952469b098f0bb9f76d667aaad15584478fc726587f9
    Size: 38.16 kB
  17. crun-1.14.3-2.module+el8+1932+d3930bb0.x86_64.rpm
    MD5: 2c45769a4ebb1b3c5337a013aa00c3ac
    SHA-256: 020d89c6e42d7232e710b3925d7481f3f2c31ae9432fd2584462fbfc884daa09
    Size: 256.51 kB
  18. crun-debugsource-1.14.3-2.module+el8+1932+d3930bb0.x86_64.rpm
    MD5: 975fed91cce69919d079240c8f6a5a33
    SHA-256: ffb29a62d4923df2683ab61e8ea99ae1cb7723b8e615619a1890c8fd9b9d66fc
    Size: 204.13 kB
  19. fuse-overlayfs-1.13-1.module+el8+1932+d3930bb0.x86_64.rpm
    MD5: 882d7784579583e1abe8e5317aa0f84f
    SHA-256: 200ea95a6ce57af9824e013db6ad60a600ba4ab6917cd8b0f09f9edc8e7af7be
    Size: 68.72 kB
  20. fuse-overlayfs-debugsource-1.13-1.module+el8+1932+d3930bb0.x86_64.rpm
    MD5: 5186009868dcfc63a62f650c19d780db
    SHA-256: 831a83a62a5cf581c4272691076758a8206fa6a546b8e1bb243834c948527178
    Size: 55.61 kB
  21. libslirp-4.4.0-2.module+el8+1932+d3930bb0.x86_64.rpm
    MD5: 31b459a54bb90a700a117aad6ee924c5
    SHA-256: 4b023458b586ac846da934197154c33ab31b539f9f73ee40b9efe847f9471bc5
    Size: 69.28 kB
  22. libslirp-debugsource-4.4.0-2.module+el8+1932+d3930bb0.x86_64.rpm
    MD5: 04966cdd54a7429e52a05df898dfcbc9
    SHA-256: d70af69e54405d5fb295582ea1849d5b101cfef4adf54efc5dc05231d25e5da7
    Size: 114.55 kB
  23. libslirp-devel-4.4.0-2.module+el8+1932+d3930bb0.x86_64.rpm
    MD5: b3845ba08c4221847d00acd004dd083a
    SHA-256: 6c0849d2dbea5c5e03e0295d92b5246a78617e3f9a0ab6c9275ce1c81b6ee8e3
    Size: 11.41 kB
  24. netavark-1.10.3-1.module+el8+1932+d3930bb0.x86_64.rpm
    MD5: b219acc917ee69152a9cc944538f3f22
    SHA-256: e18533ed8dd05379979e7643402456d9126ea7054d126bbe615be44290f476c7
    Size: 4.08 MB
  25. oci-seccomp-bpf-hook-1.2.10-1.module+el8+1932+d3930bb0.x86_64.rpm
    MD5: 10b1396ca7abe4baf301811d96d9c713
    SHA-256: 0f6786ad80ccb423c2088f24412759a7e9063484c7f2a4be17a70a5c4ac34526
    Size: 1.28 MB
  26. oci-seccomp-bpf-hook-debugsource-1.2.10-1.module+el8+1932+d3930bb0.x86_64.rpm
    MD5: 935f64cf8d7380abcf742cacc05d78ab
    SHA-256: 9a4ad4f01633791bc7fffb7c4df4543d9645648e9df3a9ecbd1ab84290d6dbb1
    Size: 247.94 kB
  27. podman-4.9.4-25.module+el8+1932+d3930bb0.x86_64.rpm
    MD5: 3e82ebe7ccb3fa748cf458c98820dcc4
    SHA-256: 660a2d09a06d3609b0f1935abcebe17234dcba3a9f923f232fac6086444126cf
    Size: 16.89 MB
  28. podman-catatonit-4.9.4-25.module+el8+1932+d3930bb0.x86_64.rpm
    MD5: e2eda6996825ac2667e08b374f43b53c
    SHA-256: 781e20ac09b57891b31b3ea4ad43921f421467026a3518e31759331a1032ef75
    Size: 379.41 kB
  29. podman-debugsource-4.9.4-25.module+el8+1932+d3930bb0.x86_64.rpm
    MD5: 7f27981edd918e47f2f09aaa15315034
    SHA-256: 990fc2f1399703466ba2a8c7b05932d530210af0b69daf36f65606c5e49f6b55
    Size: 9.28 MB
  30. podman-docker-4.9.4-25.module+el8+1932+d3930bb0.noarch.rpm
    MD5: d45e0865ce5826491987731c064470ed
    SHA-256: 10c4649262aaf986c1692b087848ae2c71d81cb523e316209a1133acff64deca
    Size: 116.95 kB
  31. podman-gvproxy-4.9.4-25.module+el8+1932+d3930bb0.x86_64.rpm
    MD5: 0c62e6acd23331a13053d435f111c835
    SHA-256: 9a47a10a390f66139e8c66fd06a03f380f07158e085a7e5fd5361f3fa4731aa8
    Size: 4.27 MB
  32. podman-plugins-4.9.4-25.module+el8+1932+d3930bb0.x86_64.rpm
    MD5: d6a577abe3933a0111504fb75e37507e
    SHA-256: 321a1e65722802291be923c729444bc6342fcaaf9ab1157f17ce36108b47c248
    Size: 1.51 MB
  33. podman-remote-4.9.4-25.module+el8+1932+d3930bb0.x86_64.rpm
    MD5: 563ae9df364eac7bcc232245c59367f3
    SHA-256: fdad20f5a3f2b507151509446f4ca79ff526965b76fcf11bb382877f9980b91d
    Size: 10.90 MB
  34. podman-tests-4.9.4-25.module+el8+1932+d3930bb0.x86_64.rpm
    MD5: 42f1be8da286c95e415fa6fcbc1abf45
    SHA-256: 3694bb9175b0ea3a8ee8556d51c4cff9b5fc291d5b89d7c56d6ccdd219c46ed7
    Size: 269.22 kB
  35. python3-criu-3.18-5.module+el8+1932+d3930bb0.x86_64.rpm
    MD5: 55cd89882f14e62e32cfdaee0148aeb2
    SHA-256: 608a292bc6426dd38ea3a8563daea9c8f23557b0aae8f3f8a8e5691ed04ee2a5
    Size: 177.28 kB
  36. python3-podman-4.9.0-3.module+el8+1932+d3930bb0.noarch.rpm
    MD5: 66986f6e1c2c45eea8f5e9274fe7baab
    SHA-256: 27c2457bf7f46257ebdab591e3352bed9f77875eaedb5aa914e613a03d1b3d6b
    Size: 155.52 kB
  37. runc-1.2.9-2.module+el8+1932+d3930bb0.x86_64.rpm
    MD5: 597195831f1afa2337f82b760cb2c7ee
    SHA-256: b36ae533acaefe00d8b78fe625c96b180888d5236e6fec1ed44fa4c787c0cc90
    Size: 3.85 MB
  38. runc-debugsource-1.2.9-2.module+el8+1932+d3930bb0.x86_64.rpm
    MD5: e287ff8db2cfcfcbb7e543171eb54a26
    SHA-256: d082c23848b0b18139c0615dbd1000d9664881da27c9e860792ffa7fb7e07275
    Size: 1.03 MB
  39. skopeo-1.14.5-5.module+el8+1932+d3930bb0.x86_64.rpm
    MD5: cf54f3ab19e0249731936022428571e2
    SHA-256: 8803779d61c33f63c839f127052bcd6e2591b3ea597fd677f5203c5a7ce93b03
    Size: 9.40 MB
  40. skopeo-tests-1.14.5-5.module+el8+1932+d3930bb0.x86_64.rpm
    MD5: 7c7400838b1220e314d9866d59fee1a3
    SHA-256: 410edbd28cebfcec94e04561e51f6820c543b1adb0e65aef3bd1e2d2f1ada9e5
    Size: 785.60 kB
  41. slirp4netns-1.2.3-1.module+el8+1932+d3930bb0.x86_64.rpm
    MD5: d3d1661c7ecd4580bf0308811c345f62
    SHA-256: d8e4215d4db361d700a70dcd5622ac9466268677dcdf4718843bf4d154ff284d
    Size: 54.92 kB
  42. slirp4netns-debugsource-1.2.3-1.module+el8+1932+d3930bb0.x86_64.rpm
    MD5: db806cd49e1fb5ed74eaf31eeda2339f
    SHA-256: e9a731983e500ee233b0f6ddf8f58ee956979b5f2737b725fa22b570bd7087e6
    Size: 43.73 kB
  43. toolbox-0.0.99.5-2.module+el8+1932+d3930bb0.x86_64.rpm
    MD5: 21dd6698d4413ffde20964a0097b1906
    SHA-256: 513e301ba663ee92cb57eda66213069679ceefe46b9235108f4bdd33405f153b
    Size: 3.01 MB
  44. toolbox-debugsource-0.0.99.5-2.module+el8+1932+d3930bb0.x86_64.rpm
    MD5: 8e18e1344b1ac08867d756ebd9661426
    SHA-256: 7696f4e3305bb70641a7577697392494e3fc4f3c7137159f7d8086d2effbc2c1
    Size: 571.81 kB
  45. toolbox-tests-0.0.99.5-2.module+el8+1932+d3930bb0.x86_64.rpm
    MD5: e3ed5b1382724fd0a5e857507ed7861f
    SHA-256: 0f5ed9af98c13347f6790cdbf7237f63347b797fe9960178f469eabe64328083
    Size: 43.69 kB
  46. udica-0.2.6-21.module+el8+1932+d3930bb0.noarch.rpm
    MD5: bc5e253d63151aad753fa399ab35f32d
    SHA-256: c7d310384b9d8cbb1208cc3a753af0537d1e8e5f42727f630c8f0d69ef356342
    Size: 48.26 kB