Red Hat OpenShift 4.14 Security Advisory: Buildah, Go, and containers/storage Vulnerabilities (CVE-2024-9675, CVE-2024-9676, CVE-2024-34155, CVE-2024-34156, CVE-2024-34158)

从这个网页截图中，可以获取到以下关于漏洞的关键信息： 1. 漏洞编号：CVE-2024-9675, CVE-2024-9676, CVE-2024-34155, CVE-2024-34156, CVE-2024-34158 2. 漏洞类型： - Buildah: Buildah allows arbitrary directory mount (CVE-2024-9675) - Encoding/gob: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion (CVE-2024-34156) - Podman: Buildah: CRI-O: symlink traversal vulnerability in the containers/storage library can cause Denial of Service (DoS) (CVE-2024-9676) - Go/parser: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion (CVE-2024-34155) - Go/build/constraint: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion (CVE-2024-34158) 3. 受影响的产品： - Red Hat OpenShift Container Platform 4.14 for RHEL 9 x86_64 - Red Hat OpenShift Container Platform 4.14 for RHEL 8 x86_64 - Red Hat OpenShift Container Platform for Power 4.14 for RHEL 9 ppc64le - Red Hat OpenShift Container Platform for Power 4.14 for RHEL 8 ppc64le - Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.14 for RHEL 9 s390x - Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.14 for RHEL 8 s390x - Red Hat OpenShift Container Platform for ARM 64 4.14 for RHEL 9 aarch64 - Red Hat OpenShift Container Platform for ARM 64 4.14 for RHEL 8 aarch64 4. 解决方案： - 使用OpenShift CLI (oc)或web控制台检查可用更新。 - 参考文档：https://docs.openshift.com/container-platform/4.14/release_notes/ocp-4-14-release-notes.html 5. 联系信息： - Red Hat安全联系人：secalert@redhat.com - 更多联系详情：https://access.redhat.com/security/team/contact/ 这些信息可以帮助用户了解漏洞的详细情况、受影响的产品、解决方案以及联系信息。

目標達成すべての支援者に感謝 — 100%達成しました！

Red Hat OpenShift 4.14 Security Advisory: Buildah, Go, and containers/storage Vulnerabilities (CVE-2024-9675, CVE-2024-9676, CVE-2024-34155, CVE-2024-34156, CVE-2024-34158)

このソースからの他の記事

目標達成 すべての支援者に感謝 — 100%達成しました！

Red Hat OpenShift 4.14 Security Advisory: Buildah, Go, and containers/storage Vulnerabilities (CVE-2024-9675, CVE-2024-9676, CVE-2024-34155, CVE-2024-34156, CVE-2024-34158)

このソースからの他の記事

目標達成すべての支援者に感謝 — 100%達成しました！