We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? # to your account
Advisory GHSA-7p9f-6x8j-gxxp references a vulnerability in the following Go modules:
Description:
1.31.1, 1.30.6, 1.29.8
set enable_criu_support = false
enable_criu_support = false
Are there any links users can visit to find out more?
References:
Cross references:
See doc/quickstart.md for instructions on how to triage this report.
id: GO-ID-PENDING modules: - module: github.com/cri-o/cri-o versions: - introduced: 1.30.0 - introduced: 1.31.0 non_go_versions: - fixed: 1.29.11 - fixed: 1.30.8 - fixed: 1.31.3 vulnerable_at: 1.31.2 summary: 'CRI-O: Maliciously structured checkpoint file can gain arbitrary node access in github.com/cri-o/cri-o' cves: - CVE-2024-8676 ghsas: - GHSA-7p9f-6x8j-gxxp references: - advisory: https://github.com/advisories/GHSA-7p9f-6x8j-gxxp - advisory: https://github.com/cri-o/cri-o/security/advisories/GHSA-7p9f-6x8j-gxxp - advisory: https://nvd.nist.gov/vuln/detail/CVE-2024-8676 - fix: https://github.com/cri-o/cri-o/commit/e8e7dcb7838d11b5157976bf3e31a5840bb77de7 - web: https://access.redhat.com/security/cve/CVE-2024-8676 - web: https://bugzilla.redhat.com/show_bug.cgi?id=2313842 source: id: GHSA-7p9f-6x8j-gxxp created: 2024-11-26T22:01:24.604637589Z review_status: UNREVIEWED
The text was updated successfully, but these errors were encountered:
Change https://go.dev/cl/633598 mentions this issue: data/reports: add 6 unreviewed reports
data/reports: add 6 unreviewed reports
Sorry, something went wrong.
9d72e77
No branches or pull requests
Advisory GHSA-7p9f-6x8j-gxxp references a vulnerability in the following Go modules:
Description:
Impact
Patches
1.31.1, 1.30.6, 1.29.8
Workarounds
set
enable_criu_support = false
References
Are there any links users can visit to find out more?
References:
Cross references:
See doc/quickstart.md for instructions on how to triage this report.
The text was updated successfully, but these errors were encountered: