Early Access — Mondoo Vulnerability Intelligence is currently in preview.

SUSE-SU-2022:1689-1

UNKNOWN

Security update for containerd, docker

Published May 16, 2022

Modified 3 years ago

Fix available

Details

This update for containerd, docker fixes the following issues:

CVE-2022-24769: Fixed incorrect default inheritable capabilities (bsc#1197517).
CVE-2022-23648: Fixed directory traversal issue (bsc#1196441).
CVE-2022-27191: Fixed a crash in a golang.org/x/crypto/ssh server (bsc#1197284).
CVE-2021-43565: Fixed a panic in golang.org/x/crypto by empty plaintext packet (bsc#1193930).

Affected Packages

SUSE:Enterprise Storage 6containerd

Fixed in:

1.5.11-150000.68.1

SUSE:Enterprise Storage 6containerd-ctr

Fixed in:

1.5.11-150000.68.1

SUSE:Enterprise Storage 6docker

Fixed in:

20.10.14_ce-150000.163.1

SUSE:Enterprise Storage 6docker-bash-completion

Fixed in:

20.10.14_ce-150000.163.1

SUSE:Enterprise Storage 7containerd

Fixed in:

1.5.11-150000.68.1

SUSE:Enterprise Storage 7containerd-ctr

Fixed in:

1.5.11-150000.68.1

SUSE:Enterprise Storage 7docker

Fixed in:

20.10.14_ce-150000.163.1

SUSE:Enterprise Storage 7docker-bash-completion

Fixed in:

20.10.14_ce-150000.163.1

SUSE:Linux Enterprise High Performance Computing 15 SP1-ESPOScontainerd

Fixed in:

1.5.11-150000.68.1

SUSE:Linux Enterprise High Performance Computing 15 SP1-ESPOScontainerd-ctr

Fixed in:

1.5.11-150000.68.1

SUSE:Linux Enterprise High Performance Computing 15 SP1-ESPOSdocker

Fixed in:

20.10.14_ce-150000.163.1

SUSE:Linux Enterprise High Performance Computing 15 SP1-ESPOSdocker-bash-completion

Fixed in:

20.10.14_ce-150000.163.1

SUSE:Linux Enterprise High Performance Computing 15 SP1-LTSScontainerd

Fixed in:

1.5.11-150000.68.1

SUSE:Linux Enterprise High Performance Computing 15 SP1-LTSScontainerd-ctr

Fixed in:

1.5.11-150000.68.1

SUSE:Linux Enterprise High Performance Computing 15 SP1-LTSSdocker

Fixed in:

20.10.14_ce-150000.163.1

SUSE:Linux Enterprise High Performance Computing 15 SP1-LTSSdocker-bash-completion

Fixed in:

20.10.14_ce-150000.163.1

SUSE:Linux Enterprise High Performance Computing 15 SP2-ESPOScontainerd

Fixed in:

1.5.11-150000.68.1

SUSE:Linux Enterprise High Performance Computing 15 SP2-ESPOScontainerd-ctr

Fixed in:

1.5.11-150000.68.1

SUSE:Linux Enterprise High Performance Computing 15 SP2-ESPOSdocker

Fixed in:

20.10.14_ce-150000.163.1

SUSE:Linux Enterprise High Performance Computing 15 SP2-ESPOSdocker-bash-completion

Fixed in:

20.10.14_ce-150000.163.1

SUSE:Linux Enterprise High Performance Computing 15 SP2-LTSScontainerd

Fixed in:

1.5.11-150000.68.1

SUSE:Linux Enterprise High Performance Computing 15 SP2-LTSScontainerd-ctr

Fixed in:

1.5.11-150000.68.1

SUSE:Linux Enterprise High Performance Computing 15 SP2-LTSSdocker

Fixed in:

20.10.14_ce-150000.163.1

SUSE:Linux Enterprise High Performance Computing 15 SP2-LTSSdocker-bash-completion

Fixed in:

20.10.14_ce-150000.163.1

SUSE:Linux Enterprise High Performance Computing 15-ESPOScontainerd

Fixed in:

1.5.11-150000.68.1

SUSE:Linux Enterprise High Performance Computing 15-ESPOScontainerd-ctr

Fixed in:

1.5.11-150000.68.1

SUSE:Linux Enterprise High Performance Computing 15-ESPOSdocker

Fixed in:

20.10.14_ce-150000.163.1

SUSE:Linux Enterprise High Performance Computing 15-ESPOSdocker-bash-completion

Fixed in:

20.10.14_ce-150000.163.1

SUSE:Linux Enterprise High Performance Computing 15-LTSScontainerd

Fixed in:

1.5.11-150000.68.1

SUSE:Linux Enterprise High Performance Computing 15-LTSScontainerd-ctr

Fixed in:

1.5.11-150000.68.1

SUSE:Linux Enterprise High Performance Computing 15-LTSSdocker

Fixed in:

20.10.14_ce-150000.163.1

SUSE:Linux Enterprise High Performance Computing 15-LTSSdocker-bash-completion

Fixed in:

20.10.14_ce-150000.163.1

SUSE:Linux Enterprise Micro 5.0containerd

Fixed in:

1.5.11-150000.68.1

SUSE:Linux Enterprise Micro 5.0docker

Fixed in:

20.10.14_ce-150000.163.1

SUSE:Linux Enterprise Micro 5.1containerd

Fixed in:

1.5.11-150000.68.1

SUSE:Linux Enterprise Micro 5.1docker

Fixed in:

20.10.14_ce-150000.163.1

SUSE:Linux Enterprise Micro 5.2containerd

Fixed in:

1.5.11-150000.68.1

SUSE:Linux Enterprise Micro 5.2docker

Fixed in:

20.10.14_ce-150000.163.1

SUSE:Linux Enterprise Module for Containers 15 SP3containerd

Fixed in:

1.5.11-150000.68.1

SUSE:Linux Enterprise Module for Containers 15 SP3containerd-ctr

Fixed in:

1.5.11-150000.68.1

SUSE:Linux Enterprise Module for Containers 15 SP3docker

Fixed in:

20.10.14_ce-150000.163.1

SUSE:Linux Enterprise Module for Containers 15 SP3docker-bash-completion

Fixed in:

20.10.14_ce-150000.163.1

SUSE:Linux Enterprise Module for Containers 15 SP3docker-fish-completion

Fixed in:

20.10.14_ce-150000.163.1

SUSE:Linux Enterprise Module for Containers 15 SP4containerd

Fixed in:

1.5.11-150000.68.1

SUSE:Linux Enterprise Module for Containers 15 SP4docker

Fixed in:

20.10.14_ce-150000.163.1

SUSE:Linux Enterprise Module for Containers 15 SP4docker-bash-completion

Fixed in:

20.10.14_ce-150000.163.1

SUSE:Linux Enterprise Module for Package Hub 15 SP3containerd

Fixed in:

1.5.11-150000.68.1

SUSE:Linux Enterprise Module for Package Hub 15 SP3containerd-ctr

Fixed in:

1.5.11-150000.68.1

SUSE:Linux Enterprise Server 15 SP1-BCLcontainerd

Fixed in:

1.5.11-150000.68.1

SUSE:Linux Enterprise Server 15 SP1-BCLcontainerd-ctr

Fixed in:

1.5.11-150000.68.1

SUSE:Linux Enterprise Server 15 SP1-BCLdocker

Fixed in:

20.10.14_ce-150000.163.1

SUSE:Linux Enterprise Server 15 SP1-BCLdocker-bash-completion

Fixed in:

20.10.14_ce-150000.163.1

SUSE:Linux Enterprise Server 15 SP1-LTSScontainerd

Fixed in:

1.5.11-150000.68.1

SUSE:Linux Enterprise Server 15 SP1-LTSScontainerd-ctr

Fixed in:

1.5.11-150000.68.1

SUSE:Linux Enterprise Server 15 SP1-LTSSdocker

Fixed in:

20.10.14_ce-150000.163.1

SUSE:Linux Enterprise Server 15 SP1-LTSSdocker-bash-completion

Fixed in:

20.10.14_ce-150000.163.1

SUSE:Linux Enterprise Server 15 SP2-BCLcontainerd

Fixed in:

1.5.11-150000.68.1

SUSE:Linux Enterprise Server 15 SP2-BCLcontainerd-ctr

Fixed in:

1.5.11-150000.68.1

SUSE:Linux Enterprise Server 15 SP2-BCLdocker

Fixed in:

20.10.14_ce-150000.163.1

SUSE:Linux Enterprise Server 15 SP2-BCLdocker-bash-completion

Fixed in:

20.10.14_ce-150000.163.1

SUSE:Linux Enterprise Server 15 SP2-LTSScontainerd

Fixed in:

1.5.11-150000.68.1

SUSE:Linux Enterprise Server 15 SP2-LTSScontainerd-ctr

Fixed in:

1.5.11-150000.68.1

SUSE:Linux Enterprise Server 15 SP2-LTSSdocker

Fixed in:

20.10.14_ce-150000.163.1

SUSE:Linux Enterprise Server 15 SP2-LTSSdocker-bash-completion

Fixed in:

20.10.14_ce-150000.163.1

SUSE:Linux Enterprise Server 15-LTSScontainerd

Fixed in:

1.5.11-150000.68.1

SUSE:Linux Enterprise Server 15-LTSScontainerd-ctr

Fixed in:

1.5.11-150000.68.1

SUSE:Linux Enterprise Server 15-LTSSdocker

Fixed in:

20.10.14_ce-150000.163.1

SUSE:Linux Enterprise Server 15-LTSSdocker-bash-completion

Fixed in:

20.10.14_ce-150000.163.1

SUSE:Linux Enterprise Server for SAP Applications 15containerd

Fixed in:

1.5.11-150000.68.1

SUSE:Linux Enterprise Server for SAP Applications 15containerd-ctr

Fixed in:

1.5.11-150000.68.1

SUSE:Linux Enterprise Server for SAP Applications 15docker

Fixed in:

20.10.14_ce-150000.163.1

SUSE:Linux Enterprise Server for SAP Applications 15docker-bash-completion

Fixed in:

20.10.14_ce-150000.163.1

SUSE:Linux Enterprise Server for SAP Applications 15 SP1containerd

Fixed in:

1.5.11-150000.68.1

SUSE:Linux Enterprise Server for SAP Applications 15 SP1containerd-ctr

Fixed in:

1.5.11-150000.68.1

SUSE:Linux Enterprise Server for SAP Applications 15 SP1docker

Fixed in:

20.10.14_ce-150000.163.1

SUSE:Linux Enterprise Server for SAP Applications 15 SP1docker-bash-completion

Fixed in:

20.10.14_ce-150000.163.1

SUSE:Linux Enterprise Server for SAP Applications 15 SP2containerd

Fixed in:

1.5.11-150000.68.1

SUSE:Linux Enterprise Server for SAP Applications 15 SP2containerd-ctr

Fixed in:

1.5.11-150000.68.1

SUSE:Linux Enterprise Server for SAP Applications 15 SP2docker

Fixed in:

20.10.14_ce-150000.163.1

SUSE:Linux Enterprise Server for SAP Applications 15 SP2docker-bash-completion

Fixed in:

20.10.14_ce-150000.163.1

SUSE:Manager Proxy 4.1containerd

Fixed in:

1.5.11-150000.68.1

SUSE:Manager Proxy 4.1containerd-ctr

Fixed in:

1.5.11-150000.68.1

SUSE:Manager Proxy 4.1docker

Fixed in:

20.10.14_ce-150000.163.1

SUSE:Manager Proxy 4.1docker-bash-completion

Fixed in:

20.10.14_ce-150000.163.1

SUSE:Manager Retail Branch Server 4.1containerd

Fixed in:

1.5.11-150000.68.1

SUSE:Manager Retail Branch Server 4.1containerd-ctr

Fixed in:

1.5.11-150000.68.1

SUSE:Manager Retail Branch Server 4.1docker

Fixed in:

20.10.14_ce-150000.163.1

SUSE:Manager Retail Branch Server 4.1docker-bash-completion

Fixed in:

20.10.14_ce-150000.163.1

SUSE:Manager Server 4.1containerd

Fixed in:

1.5.11-150000.68.1

SUSE:Manager Server 4.1containerd-ctr

Fixed in:

1.5.11-150000.68.1

SUSE:Manager Server 4.1docker

Fixed in:

20.10.14_ce-150000.163.1

SUSE:Manager Server 4.1docker-bash-completion

Fixed in:

20.10.14_ce-150000.163.1

openSUSE:Leap 15.3containerd

Fixed in:

1.5.11-150000.68.1

openSUSE:Leap 15.3containerd-ctr

Fixed in:

1.5.11-150000.68.1

openSUSE:Leap 15.3docker

Fixed in:

20.10.14_ce-150000.163.1

openSUSE:Leap 15.3docker-bash-completion

Fixed in:

20.10.14_ce-150000.163.1

openSUSE:Leap 15.3docker-fish-completion

Fixed in:

20.10.14_ce-150000.163.1

openSUSE:Leap 15.3docker-kubic

Fixed in:

20.10.14_ce-150000.163.1

openSUSE:Leap 15.3docker-kubic-bash-completion

Fixed in:

20.10.14_ce-150000.163.1

openSUSE:Leap 15.3docker-kubic-fish-completion

Fixed in:

20.10.14_ce-150000.163.1

openSUSE:Leap 15.3docker-kubic-kubeadm-criconfig

Fixed in:

20.10.14_ce-150000.163.1

openSUSE:Leap 15.3docker-kubic-zsh-completion

Fixed in:

20.10.14_ce-150000.163.1

openSUSE:Leap 15.3docker-zsh-completion

Fixed in:

20.10.14_ce-150000.163.1

openSUSE:Leap 15.4containerd

Fixed in:

1.5.11-150000.68.1

openSUSE:Leap 15.4containerd-ctr

Fixed in:

1.5.11-150000.68.1

openSUSE:Leap 15.4docker

Fixed in:

20.10.14_ce-150000.163.1

openSUSE:Leap 15.4docker-bash-completion

Fixed in:

20.10.14_ce-150000.163.1

openSUSE:Leap 15.4docker-fish-completion

Fixed in:

20.10.14_ce-150000.163.1

openSUSE:Leap 15.4docker-kubic

Fixed in:

20.10.14_ce-150000.163.1

openSUSE:Leap 15.4docker-kubic-bash-completion

Fixed in:

20.10.14_ce-150000.163.1

openSUSE:Leap 15.4docker-kubic-fish-completion

Fixed in:

20.10.14_ce-150000.163.1

openSUSE:Leap 15.4docker-kubic-kubeadm-criconfig

Fixed in:

20.10.14_ce-150000.163.1

openSUSE:Leap 15.4docker-kubic-zsh-completion

Fixed in:

20.10.14_ce-150000.163.1

openSUSE:Leap 15.4docker-zsh-completion

Fixed in:

20.10.14_ce-150000.163.1

References

REPORThttps://bugzilla.suse.com/1193930 REPORThttps://bugzilla.suse.com/1196441 REPORThttps://bugzilla.suse.com/1197284 REPORThttps://bugzilla.suse.com/1197517 WEBhttps://www.suse.com/security/cve/CVE-2021-43565 WEBhttps://www.suse.com/security/cve/CVE-2022-23648 WEBhttps://www.suse.com/security/cve/CVE-2022-24769 WEBhttps://www.suse.com/security/cve/CVE-2022-27191 ADVISORYhttps://www.suse.com/support/update/announcement/2022/suse-su-20221689-1/

Upstream

CVE-2021-43565 CVE-2022-23648 CVE-2022-24769 CVE-2022-27191

Related

CVE-2021-43565 CVE-2022-23648 CVE-2022-24769 CVE-2022-27191

Ecosystems

SUSE Enterprise Storage 6 SUSE Enterprise Storage 7 SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS SUSE Linux Enterprise High Performance Computing 15-ESPOS SUSE Linux Enterprise High Performance Computing 15-LTSS SUSE Linux Enterprise Micro 5.0 SUSE Linux Enterprise Micro 5.1 SUSE Linux Enterprise Micro 5.2 SUSE Linux Enterprise Module for Containers 15 SP3 SUSE Linux Enterprise Module for Containers 15 SP4 SUSE Linux Enterprise Module for Package Hub 15 SP3 SUSE Linux Enterprise Server 15 SP1-BCL SUSE Linux Enterprise Server 15 SP1-LTSS SUSE Linux Enterprise Server 15 SP2-BCL SUSE Linux Enterprise Server 15 SP2-LTSS SUSE Linux Enterprise Server 15-LTSS SUSE Linux Enterprise Server for SAP Applications 15 SUSE Linux Enterprise Server for SAP Applications 15 SP1 SUSE Linux Enterprise Server for SAP Applications 15 SP2 SUSE Manager Proxy 4.1 SUSE Manager Retail Branch Server 4.1 SUSE Manager Server 4.1 openSUSE Leap 15.3 openSUSE Leap 15.4

Timeline

PublishedMay 16, 2022

ModifiedMay 16, 2022

SUSE-SU-2022:1689-1 | Mondoo Vulnerability Intelligence