Bugzilla – Bug 1224323
VUL-0: containerd: mitigate power-based side channel attacks (advisory GHSA-jq35-85cj-fj4p)
Last modified: 2024-06-24 11:00:12 UTC
also problem in containerd. for https://github.com/advisories/GHSA-7ww5-4wqc-m92c +++ This bug was initially created as a clone of Bug #1217513 +++ +++ This bug was initially created as a clone of Bug #1217404 +++ Advisory: https://github.com/advisories/GHSA-jq35-85cj-fj4p Commit: https://github.com/moby/moby/commit/c9ccbfad11a60e703e91b6cca4f48927828c7e35 Basically filters out the /sys/devices/virtual/powercap/* files to avoid container code to be able to execute powerbased side channel attacks.
Affected packages: - SUSE:ALP:Source:Standard:1.0/containerd - SUSE:SLE-12:Update/containerd - SUSE:SLE-15:Update/containerd - SUSE:SLFO:Main/containerd
SUSE-SU-2024:2108-1: An update that solves one vulnerability and has one security fix can now be installed. Category: security (important) Bug References: 1221400, 1224323 CVE References: CVE-2023-45288 Maintenance Incident: [SUSE:Maintenance:34007](https://smelt.suse.de/incident/34007/) Sources used: openSUSE Leap Micro 5.3 (src): containerd-1.7.17-150000.111.3 openSUSE Leap Micro 5.4 (src): containerd-1.7.17-150000.111.3 openSUSE Leap 15.5 (src): containerd-1.7.17-150000.111.3 openSUSE Leap 15.6 (src): containerd-1.7.17-150000.111.3 SUSE Linux Enterprise Micro for Rancher 5.3 (src): containerd-1.7.17-150000.111.3 SUSE Linux Enterprise Micro 5.3 (src): containerd-1.7.17-150000.111.3 SUSE Linux Enterprise Micro for Rancher 5.4 (src): containerd-1.7.17-150000.111.3 SUSE Linux Enterprise Micro 5.4 (src): containerd-1.7.17-150000.111.3 SUSE Linux Enterprise Micro 5.5 (src): containerd-1.7.17-150000.111.3 Containers Module 15-SP5 (src): containerd-1.7.17-150000.111.3 Containers Module 15-SP6 (src): containerd-1.7.17-150000.111.3 SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (src): containerd-1.7.17-150000.111.3 SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (src): containerd-1.7.17-150000.111.3 SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (src): containerd-1.7.17-150000.111.3 SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (src): containerd-1.7.17-150000.111.3 SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (src): containerd-1.7.17-150000.111.3 SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (src): containerd-1.7.17-150000.111.3 SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (src): containerd-1.7.17-150000.111.3 SUSE Linux Enterprise Server for SAP Applications 15 SP2 (src): containerd-1.7.17-150000.111.3 SUSE Linux Enterprise Server for SAP Applications 15 SP3 (src): containerd-1.7.17-150000.111.3 SUSE Linux Enterprise Server for SAP Applications 15 SP4 (src): containerd-1.7.17-150000.111.3 SUSE Enterprise Storage 7.1 (src): containerd-1.7.17-150000.111.3 SUSE Linux Enterprise Micro 5.1 (src): containerd-1.7.17-150000.111.3 SUSE Linux Enterprise Micro 5.2 (src): containerd-1.7.17-150000.111.3 SUSE Linux Enterprise Micro for Rancher 5.2 (src): containerd-1.7.17-150000.111.3 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.