suse-su-2022:4607-1
Vulnerability from csaf_suse
Published
2022-12-22 08:52
Modified
2022-12-22 08:52
Summary
Security update for conmon
Notes
Title of the patch
Security update for conmon
Description of the patch
This update for conmon fixes the following issues:
conmon was updated to version 2.1.5:
* don't leak syslog_identifier
* logging: do not read more that the buf size
* logging: fix error handling
* Makefile: Fix install for FreeBSD
* signal: Track changes to get_signal_descriptor in the FreeBSD version
* Packit: initial enablement
Update to version 2.1.4:
* Fix a bug where conmon crashed when it got a SIGCHLD
update to 2.1.3:
* Stop using g_unix_signal_add() to avoid threads
* Rename CLI optionlog-size-global-max to log-global-size-max
Update to version 2.1.2:
* add log-global-size-max option to limit the total output conmon processes (CVE-2022-1708 bsc#1200285)
* journald: print tag and name if both are specified
* drop some logs to debug level
Update to version 2.1.0
* logging: buffer partial messages to journald
* exit: close all fds >= 3
* fix: cgroup: Free memory_cgroup_file_path if open fails.
Update to version 2.0.32
* Fix: Avoid mainfd_std{in,out} sharing the same file descriptor.
* exit_command: Fix: unset subreaper attribute before running exit command
Update to version 2.0.31
* logging: new mode -l passthrough
* ctr_logs: use container name or ID as SYSLOG_IDENTIFIER for journald
* conmon: Fix: free userdata files before exec cleanup
Patchnames
SUSE-2022-4607,SUSE-SLE-Module-Containers-15-SP3-2022-4607,SUSE-SUSE-MicroOS-5.1-2022-4607,SUSE-SUSE-MicroOS-5.2-2022-4607,SUSE-Storage-7.1-2022-4607,openSUSE-Leap-Micro-5.2-2022-4607,openSUSE-SLE-15.3-2022-4607
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for conmon",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for conmon fixes the following issues:\n\nconmon was updated to version 2.1.5:\n\n* don\u0027t leak syslog_identifier\n* logging: do not read more that the buf size\n* logging: fix error handling\n* Makefile: Fix install for FreeBSD\n* signal: Track changes to get_signal_descriptor in the FreeBSD version\n* Packit: initial enablement\n\nUpdate to version 2.1.4:\n\n* Fix a bug where conmon crashed when it got a SIGCHLD\n\nupdate to 2.1.3:\n\n* Stop using g_unix_signal_add() to avoid threads\n* Rename CLI optionlog-size-global-max to log-global-size-max \n\nUpdate to version 2.1.2:\n\n* add log-global-size-max option to limit the total output conmon processes (CVE-2022-1708 bsc#1200285)\n* journald: print tag and name if both are specified\n* drop some logs to debug level\n\nUpdate to version 2.1.0\n\n* logging: buffer partial messages to journald\n* exit: close all fds \u003e= 3\n* fix: cgroup: Free memory_cgroup_file_path if open fails.\n\nUpdate to version 2.0.32\n\n* Fix: Avoid mainfd_std{in,out} sharing the same file descriptor.\n* exit_command: Fix: unset subreaper attribute before running exit command\n\nUpdate to version 2.0.31\n* logging: new mode -l passthrough\n* ctr_logs: use container name or ID as SYSLOG_IDENTIFIER for journald\n* conmon: Fix: free userdata files before exec cleanup\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2022-4607,SUSE-SLE-Module-Containers-15-SP3-2022-4607,SUSE-SUSE-MicroOS-5.1-2022-4607,SUSE-SUSE-MicroOS-5.2-2022-4607,SUSE-Storage-7.1-2022-4607,openSUSE-Leap-Micro-5.2-2022-4607,openSUSE-SLE-15.3-2022-4607",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_4607-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2022:4607-1",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20224607-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2022:4607-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-December/013327.html"
},
{
"category": "self",
"summary": "SUSE Bug 1200285",
"url": "https://bugzilla.suse.com/1200285"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-1708 page",
"url": "https://www.suse.com/security/cve/CVE-2022-1708/"
}
],
"title": "Security update for conmon",
"tracking": {
"current_release_date": "2022-12-22T08:52:49Z",
"generator": {
"date": "2022-12-22T08:52:49Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2022:4607-1",
"initial_release_date": "2022-12-22T08:52:49Z",
"revision_history": [
{
"date": "2022-12-22T08:52:49Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "conmon-2.1.5-150300.8.6.1.aarch64",
"product": {
"name": "conmon-2.1.5-150300.8.6.1.aarch64",
"product_id": "conmon-2.1.5-150300.8.6.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "conmon-2.1.5-150300.8.6.1.i586",
"product": {
"name": "conmon-2.1.5-150300.8.6.1.i586",
"product_id": "conmon-2.1.5-150300.8.6.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "conmon-2.1.5-150300.8.6.1.ppc64le",
"product": {
"name": "conmon-2.1.5-150300.8.6.1.ppc64le",
"product_id": "conmon-2.1.5-150300.8.6.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "conmon-2.1.5-150300.8.6.1.s390x",
"product": {
"name": "conmon-2.1.5-150300.8.6.1.s390x",
"product_id": "conmon-2.1.5-150300.8.6.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "conmon-2.1.5-150300.8.6.1.x86_64",
"product": {
"name": "conmon-2.1.5-150300.8.6.1.x86_64",
"product_id": "conmon-2.1.5-150300.8.6.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Containers 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Module for Containers 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-containers:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.1",
"product": {
"name": "SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-microos:5.1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.2",
"product": {
"name": "SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-microos:5.2"
}
}
},
{
"category": "product_name",
"name": "SUSE Enterprise Storage 7.1",
"product": {
"name": "SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:ses:7.1"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap Micro 5.2",
"product": {
"name": "openSUSE Leap Micro 5.2",
"product_id": "openSUSE Leap Micro 5.2",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap-micro:5.2"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.3",
"product": {
"name": "openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "conmon-2.1.5-150300.8.6.1.aarch64 as component of SUSE Linux Enterprise Module for Containers 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.1.5-150300.8.6.1.aarch64"
},
"product_reference": "conmon-2.1.5-150300.8.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "conmon-2.1.5-150300.8.6.1.ppc64le as component of SUSE Linux Enterprise Module for Containers 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.1.5-150300.8.6.1.ppc64le"
},
"product_reference": "conmon-2.1.5-150300.8.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "conmon-2.1.5-150300.8.6.1.s390x as component of SUSE Linux Enterprise Module for Containers 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.1.5-150300.8.6.1.s390x"
},
"product_reference": "conmon-2.1.5-150300.8.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "conmon-2.1.5-150300.8.6.1.x86_64 as component of SUSE Linux Enterprise Module for Containers 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.1.5-150300.8.6.1.x86_64"
},
"product_reference": "conmon-2.1.5-150300.8.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "conmon-2.1.5-150300.8.6.1.aarch64 as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:conmon-2.1.5-150300.8.6.1.aarch64"
},
"product_reference": "conmon-2.1.5-150300.8.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "conmon-2.1.5-150300.8.6.1.s390x as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:conmon-2.1.5-150300.8.6.1.s390x"
},
"product_reference": "conmon-2.1.5-150300.8.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "conmon-2.1.5-150300.8.6.1.x86_64 as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:conmon-2.1.5-150300.8.6.1.x86_64"
},
"product_reference": "conmon-2.1.5-150300.8.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "conmon-2.1.5-150300.8.6.1.aarch64 as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:conmon-2.1.5-150300.8.6.1.aarch64"
},
"product_reference": "conmon-2.1.5-150300.8.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "conmon-2.1.5-150300.8.6.1.s390x as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:conmon-2.1.5-150300.8.6.1.s390x"
},
"product_reference": "conmon-2.1.5-150300.8.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "conmon-2.1.5-150300.8.6.1.x86_64 as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:conmon-2.1.5-150300.8.6.1.x86_64"
},
"product_reference": "conmon-2.1.5-150300.8.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "conmon-2.1.5-150300.8.6.1.aarch64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:conmon-2.1.5-150300.8.6.1.aarch64"
},
"product_reference": "conmon-2.1.5-150300.8.6.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "conmon-2.1.5-150300.8.6.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:conmon-2.1.5-150300.8.6.1.x86_64"
},
"product_reference": "conmon-2.1.5-150300.8.6.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "conmon-2.1.5-150300.8.6.1.aarch64 as component of openSUSE Leap Micro 5.2",
"product_id": "openSUSE Leap Micro 5.2:conmon-2.1.5-150300.8.6.1.aarch64"
},
"product_reference": "conmon-2.1.5-150300.8.6.1.aarch64",
"relates_to_product_reference": "openSUSE Leap Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "conmon-2.1.5-150300.8.6.1.x86_64 as component of openSUSE Leap Micro 5.2",
"product_id": "openSUSE Leap Micro 5.2:conmon-2.1.5-150300.8.6.1.x86_64"
},
"product_reference": "conmon-2.1.5-150300.8.6.1.x86_64",
"relates_to_product_reference": "openSUSE Leap Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "conmon-2.1.5-150300.8.6.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:conmon-2.1.5-150300.8.6.1.aarch64"
},
"product_reference": "conmon-2.1.5-150300.8.6.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "conmon-2.1.5-150300.8.6.1.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:conmon-2.1.5-150300.8.6.1.ppc64le"
},
"product_reference": "conmon-2.1.5-150300.8.6.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "conmon-2.1.5-150300.8.6.1.s390x as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:conmon-2.1.5-150300.8.6.1.s390x"
},
"product_reference": "conmon-2.1.5-150300.8.6.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "conmon-2.1.5-150300.8.6.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:conmon-2.1.5-150300.8.6.1.x86_64"
},
"product_reference": "conmon-2.1.5-150300.8.6.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-1708",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-1708"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability was found in CRI-O that causes memory or disk space exhaustion on the node for anyone with access to the Kube API. The ExecSync request runs commands in a container and logs the output of the command. This output is then read by CRI-O after command execution, and it is read in a manner where the entire file corresponding to the output of the command is read in. Thus, if the output of the command is large it is possible to exhaust the memory or the disk space of the node when CRI-O reads the output of the command. The highest threat from this vulnerability is system availability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:conmon-2.1.5-150300.8.6.1.aarch64",
"SUSE Enterprise Storage 7.1:conmon-2.1.5-150300.8.6.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:conmon-2.1.5-150300.8.6.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:conmon-2.1.5-150300.8.6.1.s390x",
"SUSE Linux Enterprise Micro 5.1:conmon-2.1.5-150300.8.6.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:conmon-2.1.5-150300.8.6.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:conmon-2.1.5-150300.8.6.1.s390x",
"SUSE Linux Enterprise Micro 5.2:conmon-2.1.5-150300.8.6.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.1.5-150300.8.6.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.1.5-150300.8.6.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.1.5-150300.8.6.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.1.5-150300.8.6.1.x86_64",
"openSUSE Leap 15.3:conmon-2.1.5-150300.8.6.1.aarch64",
"openSUSE Leap 15.3:conmon-2.1.5-150300.8.6.1.ppc64le",
"openSUSE Leap 15.3:conmon-2.1.5-150300.8.6.1.s390x",
"openSUSE Leap 15.3:conmon-2.1.5-150300.8.6.1.x86_64",
"openSUSE Leap Micro 5.2:conmon-2.1.5-150300.8.6.1.aarch64",
"openSUSE Leap Micro 5.2:conmon-2.1.5-150300.8.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-1708",
"url": "https://www.suse.com/security/cve/CVE-2022-1708"
},
{
"category": "external",
"summary": "SUSE Bug 1200285 for CVE-2022-1708",
"url": "https://bugzilla.suse.com/1200285"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:conmon-2.1.5-150300.8.6.1.aarch64",
"SUSE Enterprise Storage 7.1:conmon-2.1.5-150300.8.6.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:conmon-2.1.5-150300.8.6.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:conmon-2.1.5-150300.8.6.1.s390x",
"SUSE Linux Enterprise Micro 5.1:conmon-2.1.5-150300.8.6.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:conmon-2.1.5-150300.8.6.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:conmon-2.1.5-150300.8.6.1.s390x",
"SUSE Linux Enterprise Micro 5.2:conmon-2.1.5-150300.8.6.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.1.5-150300.8.6.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.1.5-150300.8.6.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.1.5-150300.8.6.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.1.5-150300.8.6.1.x86_64",
"openSUSE Leap 15.3:conmon-2.1.5-150300.8.6.1.aarch64",
"openSUSE Leap 15.3:conmon-2.1.5-150300.8.6.1.ppc64le",
"openSUSE Leap 15.3:conmon-2.1.5-150300.8.6.1.s390x",
"openSUSE Leap 15.3:conmon-2.1.5-150300.8.6.1.x86_64",
"openSUSE Leap Micro 5.2:conmon-2.1.5-150300.8.6.1.aarch64",
"openSUSE Leap Micro 5.2:conmon-2.1.5-150300.8.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:conmon-2.1.5-150300.8.6.1.aarch64",
"SUSE Enterprise Storage 7.1:conmon-2.1.5-150300.8.6.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:conmon-2.1.5-150300.8.6.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:conmon-2.1.5-150300.8.6.1.s390x",
"SUSE Linux Enterprise Micro 5.1:conmon-2.1.5-150300.8.6.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:conmon-2.1.5-150300.8.6.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:conmon-2.1.5-150300.8.6.1.s390x",
"SUSE Linux Enterprise Micro 5.2:conmon-2.1.5-150300.8.6.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.1.5-150300.8.6.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.1.5-150300.8.6.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.1.5-150300.8.6.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.1.5-150300.8.6.1.x86_64",
"openSUSE Leap 15.3:conmon-2.1.5-150300.8.6.1.aarch64",
"openSUSE Leap 15.3:conmon-2.1.5-150300.8.6.1.ppc64le",
"openSUSE Leap 15.3:conmon-2.1.5-150300.8.6.1.s390x",
"openSUSE Leap 15.3:conmon-2.1.5-150300.8.6.1.x86_64",
"openSUSE Leap Micro 5.2:conmon-2.1.5-150300.8.6.1.aarch64",
"openSUSE Leap Micro 5.2:conmon-2.1.5-150300.8.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-12-22T08:52:49Z",
"details": "moderate"
}
],
"title": "CVE-2022-1708"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…