openSUSE Local Security Checks : openSUSE Security Advisory (SUSE-SU-2024:0586-1)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.1.18.2.2024.0586.1

Categoría: openSUSE Local Security Checks

Título: openSUSE Security Advisory (SUSE-SU-2024:0586-1)

Resumen: The remote host is missing an update for the 'docker' package(s) announced via the SUSE-SU-2024:0586-1 advisory.

Descripción: Summary:
The remote host is missing an update for the 'docker' package(s) announced via the SUSE-SU-2024:0586-1 advisory.

Vulnerability Insight:
This update for docker fixes the following issues:

Vendor latest buildkit v0.11 including bugfixes for the following:

* CVE-2024-23653: BuildKit API doesn't validate entitlement on container creation (bsc#1219438).
* CVE-2024-23652: Fixed arbitrary deletion of files (bsc#1219268).
* CVE-2024-23651: Fixed race condition in mount (bsc#1219267).

Affected Software/OS:
'docker' package(s) on openSUSE Leap 15.5.

Solution:
Please install the updated package(s).

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2024-23651
https://github.com/moby/buildkit/pull/4604
https://github.com/moby/buildkit/releases/tag/v0.12.5
https://github.com/moby/buildkit/security/advisories/GHSA-m3r6-h7wv-7xxv
Common Vulnerability Exposure (CVE) ID: CVE-2024-23652
https://github.com/moby/buildkit/pull/4603
https://github.com/moby/buildkit/security/advisories/GHSA-4v98-7qmw-rqr8
Common Vulnerability Exposure (CVE) ID: CVE-2024-23653
https://github.com/moby/buildkit/pull/4602
https://github.com/moby/buildkit/security/advisories/GHSA-wr6v-9f75-vh2g

Copyright Copyright (C) 2025 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.1.18.2.2024.0586.1
Categoría:	openSUSE Local Security Checks
Título:	openSUSE Security Advisory (SUSE-SU-2024:0586-1)
Resumen:	The remote host is missing an update for the 'docker' package(s) announced via the SUSE-SU-2024:0586-1 advisory.
Descripción:	Summary: The remote host is missing an update for the 'docker' package(s) announced via the SUSE-SU-2024:0586-1 advisory. Vulnerability Insight: This update for docker fixes the following issues: Vendor latest buildkit v0.11 including bugfixes for the following: * CVE-2024-23653: BuildKit API doesn't validate entitlement on container creation (bsc#1219438). * CVE-2024-23652: Fixed arbitrary deletion of files (bsc#1219268). * CVE-2024-23651: Fixed race condition in mount (bsc#1219267). Affected Software/OS: 'docker' package(s) on openSUSE Leap 15.5. Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2024-23651 https://github.com/moby/buildkit/pull/4604 https://github.com/moby/buildkit/releases/tag/v0.12.5 https://github.com/moby/buildkit/security/advisories/GHSA-m3r6-h7wv-7xxv Common Vulnerability Exposure (CVE) ID: CVE-2024-23652 https://github.com/moby/buildkit/pull/4603 https://github.com/moby/buildkit/security/advisories/GHSA-4v98-7qmw-rqr8 Common Vulnerability Exposure (CVE) ID: CVE-2024-23653 https://github.com/moby/buildkit/pull/4602 https://github.com/moby/buildkit/security/advisories/GHSA-wr6v-9f75-vh2g
Copyright	Copyright (C) 2025 Greenbone AG