Issued:: 2024-02-02
Updated:: 2024-02-02

RHSA-2024:0670 - Security Advisory

Overview
Updated Packages

Synopsis

Important: runc security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for runc is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The runC tool is a lightweight, portable implementation of the Open Container Format (OCF) that provides container runtime.

Security Fix(es):

runc: file descriptor leak (CVE-2024-21626)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat Enterprise Linux for x86_64 9 x86_64
Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6 x86_64
Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.4 x86_64
Red Hat Enterprise Linux Server - AUS 9.6 x86_64
Red Hat Enterprise Linux Server - AUS 9.4 x86_64
Red Hat Enterprise Linux for IBM z Systems 9 s390x
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6 s390x
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.4 s390x
Red Hat Enterprise Linux for Power, little endian 9 ppc64le
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6 ppc64le
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.4 ppc64le
Red Hat Enterprise Linux for ARM 64 9 aarch64
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6 aarch64
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.4 aarch64
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6 ppc64le
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.4 ppc64le
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6 x86_64
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.4 x86_64
Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.6 aarch64
Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.4 aarch64
Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.6 s390x
Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.4 s390x

Fixes

BZ - 2258725 - CVE-2024-21626 runc: file descriptor leak

CVEs

CVE-2024-21626

References

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux for x86_64 9

SRPM
runc-1.1.12-1.el9_3.src.rpm	SHA-256: 77be72f3bc2e644ac4e936826bc2aabb01353dad86227d84ce1e0623d6e31878
x86_64
runc-1.1.12-1.el9_3.x86_64.rpm	SHA-256: caebb54c66874cc2b34c5ec1875e46c1eaa9214819d9e42042db2badbbb3847d
runc-debuginfo-1.1.12-1.el9_3.x86_64.rpm	SHA-256: f5370e48089b4d30580260edbe74c072105da3c7fb461dab2f00528a02be0e00
runc-debugsource-1.1.12-1.el9_3.x86_64.rpm	SHA-256: 17f879fd43e3d5a8ac455870e87f753ef2ff8fa0564e7d7ea292772d81c94c77

Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6

SRPM
runc-1.1.12-1.el9_3.src.rpm	SHA-256: 77be72f3bc2e644ac4e936826bc2aabb01353dad86227d84ce1e0623d6e31878
x86_64
runc-1.1.12-1.el9_3.x86_64.rpm	SHA-256: caebb54c66874cc2b34c5ec1875e46c1eaa9214819d9e42042db2badbbb3847d
runc-debuginfo-1.1.12-1.el9_3.x86_64.rpm	SHA-256: f5370e48089b4d30580260edbe74c072105da3c7fb461dab2f00528a02be0e00
runc-debugsource-1.1.12-1.el9_3.x86_64.rpm	SHA-256: 17f879fd43e3d5a8ac455870e87f753ef2ff8fa0564e7d7ea292772d81c94c77

Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.4

SRPM
runc-1.1.12-1.el9_3.src.rpm	SHA-256: 77be72f3bc2e644ac4e936826bc2aabb01353dad86227d84ce1e0623d6e31878
x86_64
runc-1.1.12-1.el9_3.x86_64.rpm	SHA-256: caebb54c66874cc2b34c5ec1875e46c1eaa9214819d9e42042db2badbbb3847d
runc-debuginfo-1.1.12-1.el9_3.x86_64.rpm	SHA-256: f5370e48089b4d30580260edbe74c072105da3c7fb461dab2f00528a02be0e00
runc-debugsource-1.1.12-1.el9_3.x86_64.rpm	SHA-256: 17f879fd43e3d5a8ac455870e87f753ef2ff8fa0564e7d7ea292772d81c94c77

Red Hat Enterprise Linux Server - AUS 9.6

SRPM
runc-1.1.12-1.el9_3.src.rpm	SHA-256: 77be72f3bc2e644ac4e936826bc2aabb01353dad86227d84ce1e0623d6e31878
x86_64
runc-1.1.12-1.el9_3.x86_64.rpm	SHA-256: caebb54c66874cc2b34c5ec1875e46c1eaa9214819d9e42042db2badbbb3847d
runc-debuginfo-1.1.12-1.el9_3.x86_64.rpm	SHA-256: f5370e48089b4d30580260edbe74c072105da3c7fb461dab2f00528a02be0e00
runc-debugsource-1.1.12-1.el9_3.x86_64.rpm	SHA-256: 17f879fd43e3d5a8ac455870e87f753ef2ff8fa0564e7d7ea292772d81c94c77

Red Hat Enterprise Linux Server - AUS 9.4

SRPM
runc-1.1.12-1.el9_3.src.rpm	SHA-256: 77be72f3bc2e644ac4e936826bc2aabb01353dad86227d84ce1e0623d6e31878
x86_64
runc-1.1.12-1.el9_3.x86_64.rpm	SHA-256: caebb54c66874cc2b34c5ec1875e46c1eaa9214819d9e42042db2badbbb3847d
runc-debuginfo-1.1.12-1.el9_3.x86_64.rpm	SHA-256: f5370e48089b4d30580260edbe74c072105da3c7fb461dab2f00528a02be0e00
runc-debugsource-1.1.12-1.el9_3.x86_64.rpm	SHA-256: 17f879fd43e3d5a8ac455870e87f753ef2ff8fa0564e7d7ea292772d81c94c77

Red Hat Enterprise Linux for IBM z Systems 9

SRPM
runc-1.1.12-1.el9_3.src.rpm	SHA-256: 77be72f3bc2e644ac4e936826bc2aabb01353dad86227d84ce1e0623d6e31878
s390x
runc-1.1.12-1.el9_3.s390x.rpm	SHA-256: e1f126283c09e752262cf57745141312677e938b6f8d95a061b8827aae5ba20c
runc-debuginfo-1.1.12-1.el9_3.s390x.rpm	SHA-256: ec005fb62c7046e6b2389bb1b8ebfe90c6751b7fb0fda6a6a0c2a4656f83b8fe
runc-debugsource-1.1.12-1.el9_3.s390x.rpm	SHA-256: 2bdc94302e4c5a204a7594b9e562e93443b1ae687c237a9d36247803f4f9fd5d

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6

SRPM
runc-1.1.12-1.el9_3.src.rpm	SHA-256: 77be72f3bc2e644ac4e936826bc2aabb01353dad86227d84ce1e0623d6e31878
s390x
runc-1.1.12-1.el9_3.s390x.rpm	SHA-256: e1f126283c09e752262cf57745141312677e938b6f8d95a061b8827aae5ba20c
runc-debuginfo-1.1.12-1.el9_3.s390x.rpm	SHA-256: ec005fb62c7046e6b2389bb1b8ebfe90c6751b7fb0fda6a6a0c2a4656f83b8fe
runc-debugsource-1.1.12-1.el9_3.s390x.rpm	SHA-256: 2bdc94302e4c5a204a7594b9e562e93443b1ae687c237a9d36247803f4f9fd5d

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.4

SRPM
runc-1.1.12-1.el9_3.src.rpm	SHA-256: 77be72f3bc2e644ac4e936826bc2aabb01353dad86227d84ce1e0623d6e31878
s390x
runc-1.1.12-1.el9_3.s390x.rpm	SHA-256: e1f126283c09e752262cf57745141312677e938b6f8d95a061b8827aae5ba20c
runc-debuginfo-1.1.12-1.el9_3.s390x.rpm	SHA-256: ec005fb62c7046e6b2389bb1b8ebfe90c6751b7fb0fda6a6a0c2a4656f83b8fe
runc-debugsource-1.1.12-1.el9_3.s390x.rpm	SHA-256: 2bdc94302e4c5a204a7594b9e562e93443b1ae687c237a9d36247803f4f9fd5d

Red Hat Enterprise Linux for Power, little endian 9

SRPM
runc-1.1.12-1.el9_3.src.rpm	SHA-256: 77be72f3bc2e644ac4e936826bc2aabb01353dad86227d84ce1e0623d6e31878
ppc64le
runc-1.1.12-1.el9_3.ppc64le.rpm	SHA-256: 3d6f9e06802ce8904e0cf60936861ebd7526a6c48e624b1931be456547dab718
runc-debuginfo-1.1.12-1.el9_3.ppc64le.rpm	SHA-256: 949f9692cdc7273f1eb574e9cdb6e3bd3641e9e864d186fd3c31ecc588dc3373
runc-debugsource-1.1.12-1.el9_3.ppc64le.rpm	SHA-256: 5805f857ea0022fdb17f24a27baf8c4a85c08ec6f1c592d57f18f0a41cb51ef3

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6

SRPM
runc-1.1.12-1.el9_3.src.rpm	SHA-256: 77be72f3bc2e644ac4e936826bc2aabb01353dad86227d84ce1e0623d6e31878
ppc64le
runc-1.1.12-1.el9_3.ppc64le.rpm	SHA-256: 3d6f9e06802ce8904e0cf60936861ebd7526a6c48e624b1931be456547dab718
runc-debuginfo-1.1.12-1.el9_3.ppc64le.rpm	SHA-256: 949f9692cdc7273f1eb574e9cdb6e3bd3641e9e864d186fd3c31ecc588dc3373
runc-debugsource-1.1.12-1.el9_3.ppc64le.rpm	SHA-256: 5805f857ea0022fdb17f24a27baf8c4a85c08ec6f1c592d57f18f0a41cb51ef3

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.4

SRPM
runc-1.1.12-1.el9_3.src.rpm	SHA-256: 77be72f3bc2e644ac4e936826bc2aabb01353dad86227d84ce1e0623d6e31878
ppc64le
runc-1.1.12-1.el9_3.ppc64le.rpm	SHA-256: 3d6f9e06802ce8904e0cf60936861ebd7526a6c48e624b1931be456547dab718
runc-debuginfo-1.1.12-1.el9_3.ppc64le.rpm	SHA-256: 949f9692cdc7273f1eb574e9cdb6e3bd3641e9e864d186fd3c31ecc588dc3373
runc-debugsource-1.1.12-1.el9_3.ppc64le.rpm	SHA-256: 5805f857ea0022fdb17f24a27baf8c4a85c08ec6f1c592d57f18f0a41cb51ef3

Red Hat Enterprise Linux for ARM 64 9

SRPM
runc-1.1.12-1.el9_3.src.rpm	SHA-256: 77be72f3bc2e644ac4e936826bc2aabb01353dad86227d84ce1e0623d6e31878
aarch64
runc-1.1.12-1.el9_3.aarch64.rpm	SHA-256: 65e8b6f9fa3ade041724c5efef18fabc24043a189fbe0478af8747161bc137dc
runc-debuginfo-1.1.12-1.el9_3.aarch64.rpm	SHA-256: dcf724ed1b0f6ed81f13d192eec8990fe5f323d72bdcf9c8ce5e3f3375d39d8b
runc-debugsource-1.1.12-1.el9_3.aarch64.rpm	SHA-256: 50345336985aa6137c8625d20372525caf994e0e708ab9618300ca96ccfccba1

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6

SRPM
runc-1.1.12-1.el9_3.src.rpm	SHA-256: 77be72f3bc2e644ac4e936826bc2aabb01353dad86227d84ce1e0623d6e31878
aarch64
runc-1.1.12-1.el9_3.aarch64.rpm	SHA-256: 65e8b6f9fa3ade041724c5efef18fabc24043a189fbe0478af8747161bc137dc
runc-debuginfo-1.1.12-1.el9_3.aarch64.rpm	SHA-256: dcf724ed1b0f6ed81f13d192eec8990fe5f323d72bdcf9c8ce5e3f3375d39d8b
runc-debugsource-1.1.12-1.el9_3.aarch64.rpm	SHA-256: 50345336985aa6137c8625d20372525caf994e0e708ab9618300ca96ccfccba1

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.4

SRPM
runc-1.1.12-1.el9_3.src.rpm	SHA-256: 77be72f3bc2e644ac4e936826bc2aabb01353dad86227d84ce1e0623d6e31878
aarch64
runc-1.1.12-1.el9_3.aarch64.rpm	SHA-256: 65e8b6f9fa3ade041724c5efef18fabc24043a189fbe0478af8747161bc137dc
runc-debuginfo-1.1.12-1.el9_3.aarch64.rpm	SHA-256: dcf724ed1b0f6ed81f13d192eec8990fe5f323d72bdcf9c8ce5e3f3375d39d8b
runc-debugsource-1.1.12-1.el9_3.aarch64.rpm	SHA-256: 50345336985aa6137c8625d20372525caf994e0e708ab9618300ca96ccfccba1

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6

SRPM
runc-1.1.12-1.el9_3.src.rpm	SHA-256: 77be72f3bc2e644ac4e936826bc2aabb01353dad86227d84ce1e0623d6e31878
ppc64le
runc-1.1.12-1.el9_3.ppc64le.rpm	SHA-256: 3d6f9e06802ce8904e0cf60936861ebd7526a6c48e624b1931be456547dab718
runc-debuginfo-1.1.12-1.el9_3.ppc64le.rpm	SHA-256: 949f9692cdc7273f1eb574e9cdb6e3bd3641e9e864d186fd3c31ecc588dc3373
runc-debugsource-1.1.12-1.el9_3.ppc64le.rpm	SHA-256: 5805f857ea0022fdb17f24a27baf8c4a85c08ec6f1c592d57f18f0a41cb51ef3

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.4

SRPM
runc-1.1.12-1.el9_3.src.rpm	SHA-256: 77be72f3bc2e644ac4e936826bc2aabb01353dad86227d84ce1e0623d6e31878
ppc64le
runc-1.1.12-1.el9_3.ppc64le.rpm	SHA-256: 3d6f9e06802ce8904e0cf60936861ebd7526a6c48e624b1931be456547dab718
runc-debuginfo-1.1.12-1.el9_3.ppc64le.rpm	SHA-256: 949f9692cdc7273f1eb574e9cdb6e3bd3641e9e864d186fd3c31ecc588dc3373
runc-debugsource-1.1.12-1.el9_3.ppc64le.rpm	SHA-256: 5805f857ea0022fdb17f24a27baf8c4a85c08ec6f1c592d57f18f0a41cb51ef3

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6

SRPM
runc-1.1.12-1.el9_3.src.rpm	SHA-256: 77be72f3bc2e644ac4e936826bc2aabb01353dad86227d84ce1e0623d6e31878
x86_64
runc-1.1.12-1.el9_3.x86_64.rpm	SHA-256: caebb54c66874cc2b34c5ec1875e46c1eaa9214819d9e42042db2badbbb3847d
runc-debuginfo-1.1.12-1.el9_3.x86_64.rpm	SHA-256: f5370e48089b4d30580260edbe74c072105da3c7fb461dab2f00528a02be0e00
runc-debugsource-1.1.12-1.el9_3.x86_64.rpm	SHA-256: 17f879fd43e3d5a8ac455870e87f753ef2ff8fa0564e7d7ea292772d81c94c77

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.4

SRPM
runc-1.1.12-1.el9_3.src.rpm	SHA-256: 77be72f3bc2e644ac4e936826bc2aabb01353dad86227d84ce1e0623d6e31878
x86_64
runc-1.1.12-1.el9_3.x86_64.rpm	SHA-256: caebb54c66874cc2b34c5ec1875e46c1eaa9214819d9e42042db2badbbb3847d
runc-debuginfo-1.1.12-1.el9_3.x86_64.rpm	SHA-256: f5370e48089b4d30580260edbe74c072105da3c7fb461dab2f00528a02be0e00
runc-debugsource-1.1.12-1.el9_3.x86_64.rpm	SHA-256: 17f879fd43e3d5a8ac455870e87f753ef2ff8fa0564e7d7ea292772d81c94c77

Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.6

SRPM
runc-1.1.12-1.el9_3.src.rpm	SHA-256: 77be72f3bc2e644ac4e936826bc2aabb01353dad86227d84ce1e0623d6e31878
aarch64
runc-1.1.12-1.el9_3.aarch64.rpm	SHA-256: 65e8b6f9fa3ade041724c5efef18fabc24043a189fbe0478af8747161bc137dc
runc-debuginfo-1.1.12-1.el9_3.aarch64.rpm	SHA-256: dcf724ed1b0f6ed81f13d192eec8990fe5f323d72bdcf9c8ce5e3f3375d39d8b
runc-debugsource-1.1.12-1.el9_3.aarch64.rpm	SHA-256: 50345336985aa6137c8625d20372525caf994e0e708ab9618300ca96ccfccba1

Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.4

SRPM
runc-1.1.12-1.el9_3.src.rpm	SHA-256: 77be72f3bc2e644ac4e936826bc2aabb01353dad86227d84ce1e0623d6e31878
aarch64
runc-1.1.12-1.el9_3.aarch64.rpm	SHA-256: 65e8b6f9fa3ade041724c5efef18fabc24043a189fbe0478af8747161bc137dc
runc-debuginfo-1.1.12-1.el9_3.aarch64.rpm	SHA-256: dcf724ed1b0f6ed81f13d192eec8990fe5f323d72bdcf9c8ce5e3f3375d39d8b
runc-debugsource-1.1.12-1.el9_3.aarch64.rpm	SHA-256: 50345336985aa6137c8625d20372525caf994e0e708ab9618300ca96ccfccba1

Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.6

SRPM
runc-1.1.12-1.el9_3.src.rpm	SHA-256: 77be72f3bc2e644ac4e936826bc2aabb01353dad86227d84ce1e0623d6e31878
s390x
runc-1.1.12-1.el9_3.s390x.rpm	SHA-256: e1f126283c09e752262cf57745141312677e938b6f8d95a061b8827aae5ba20c
runc-debuginfo-1.1.12-1.el9_3.s390x.rpm	SHA-256: ec005fb62c7046e6b2389bb1b8ebfe90c6751b7fb0fda6a6a0c2a4656f83b8fe
runc-debugsource-1.1.12-1.el9_3.s390x.rpm	SHA-256: 2bdc94302e4c5a204a7594b9e562e93443b1ae687c237a9d36247803f4f9fd5d

Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.4

SRPM
runc-1.1.12-1.el9_3.src.rpm	SHA-256: 77be72f3bc2e644ac4e936826bc2aabb01353dad86227d84ce1e0623d6e31878
s390x
runc-1.1.12-1.el9_3.s390x.rpm	SHA-256: e1f126283c09e752262cf57745141312677e938b6f8d95a061b8827aae5ba20c
runc-debuginfo-1.1.12-1.el9_3.s390x.rpm	SHA-256: ec005fb62c7046e6b2389bb1b8ebfe90c6751b7fb0fda6a6a0c2a4656f83b8fe
runc-debugsource-1.1.12-1.el9_3.s390x.rpm	SHA-256: 2bdc94302e4c5a204a7594b9e562e93443b1ae687c237a9d36247803f4f9fd5d

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.