podman: Multiple Vulnerabilities — GLSA 202407-12

Multiple vulnerabilities have been discovered in Podman, the worst of which could lead to privilege escalation.

Affected packages

Background

Podman is a tool for managing OCI containers and pods with a Docker-compatible CLI.

Description

Please review the referenced CVE identifiers for details.

Impact

Please review the referenced CVE identifiers for details.

Workaround

There is no known workaround at this time.

Resolution

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=app-containers/podman-4.9.4"
 

References

• CVE-2021-4024
• CVE-2022-2989
• CVE-2023-0778
• CVE-2023-48795
• CVE-2024-1753
• CVE-2024-23651
• CVE-2024-23652
• CVE-2024-23653
• CVE-2024-24786

Release date
July 05, 2024

Latest revision
July 05, 2024: 1

Severity
high

Exploitable
local

Bugzilla entries

• 829896
• 870931
• 896372
• 921290
• 923751
• 927500
• 927501