Bugzilla – Bug 1217513
VUL-0: docker: mitigate power-based side channel attacks (advisory GHSA-jq35-85cj-fj4p)
Last modified: 2024-05-23 06:58:54 UTC
+++ This bug was initially created as a clone of Bug #1217404 +++ Advisory: https://github.com/advisories/GHSA-jq35-85cj-fj4p Commit: https://github.com/moby/moby/commit/c9ccbfad11a60e703e91b6cca4f48927828c7e35 Basically filters out the /sys/devices/virtual/powercap/* files to avoid container code to be able to execute powerbased side channel attacks.
SUSE-SU-2023:4625-1: An update that solves three vulnerabilities and has one security fix can now be installed. Category: security (important) Bug References: 1170415, 1170446, 1178760, 1217513 CVE References: CVE-2020-12912, CVE-2020-8694, CVE-2020-8695 Sources used: Containers Module 12 (src): runc-1.1.10-16.40.1, docker-24.0.7_ce-98.103.1, containerd-1.7.8-16.88.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2023:4936-1: An update that solves three vulnerabilities, contains one feature and has five security fixes can now be installed. Category: security (important) Bug References: 1170415, 1170446, 1178760, 1210141, 1213229, 1213500, 1215323, 1217513 CVE References: CVE-2020-12912, CVE-2020-8694, CVE-2020-8695 Jira References: PED-6180 Sources used: openSUSE Leap Micro 5.3 (src): docker-24.0.7_ce-150000.190.4 openSUSE Leap Micro 5.4 (src): docker-24.0.7_ce-150000.190.4 openSUSE Leap 15.4 (src): rootlesskit-1.1.1-150000.1.3.3, docker-24.0.7_ce-150000.190.4 openSUSE Leap 15.5 (src): rootlesskit-1.1.1-150000.1.3.3, docker-24.0.7_ce-150000.190.4 SUSE Linux Enterprise Micro for Rancher 5.3 (src): docker-24.0.7_ce-150000.190.4 SUSE Linux Enterprise Micro 5.3 (src): docker-24.0.7_ce-150000.190.4 SUSE Linux Enterprise Micro for Rancher 5.4 (src): docker-24.0.7_ce-150000.190.4 SUSE Linux Enterprise Micro 5.4 (src): docker-24.0.7_ce-150000.190.4 SUSE Linux Enterprise Micro 5.5 (src): docker-24.0.7_ce-150000.190.4 Containers Module 15-SP4 (src): rootlesskit-1.1.1-150000.1.3.3, docker-24.0.7_ce-150000.190.4 Containers Module 15-SP5 (src): rootlesskit-1.1.1-150000.1.3.3, docker-24.0.7_ce-150000.190.4 SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1 (src): docker-24.0.7_ce-150000.190.4 SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (src): docker-24.0.7_ce-150000.190.4 SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3 (src): docker-24.0.7_ce-150000.190.4 SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (src): docker-24.0.7_ce-150000.190.4 SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1 (src): docker-24.0.7_ce-150000.190.4 SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (src): docker-24.0.7_ce-150000.190.4 SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (src): docker-24.0.7_ce-150000.190.4 SUSE Linux Enterprise Server for SAP Applications 15 SP1 (src): docker-24.0.7_ce-150000.190.4 SUSE Linux Enterprise Server for SAP Applications 15 SP2 (src): docker-24.0.7_ce-150000.190.4 SUSE Linux Enterprise Server for SAP Applications 15 SP3 (src): docker-24.0.7_ce-150000.190.4 SUSE Enterprise Storage 7.1 (src): docker-24.0.7_ce-150000.190.4 SUSE CaaS Platform 4.0 (src): docker-24.0.7_ce-150000.190.4 SUSE Linux Enterprise Micro 5.1 (src): docker-24.0.7_ce-150000.190.4 SUSE Linux Enterprise Micro 5.2 (src): docker-24.0.7_ce-150000.190.4 SUSE Linux Enterprise Micro for Rancher 5.2 (src): docker-24.0.7_ce-150000.190.4 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Fixed last year.