INFCSA-2024:11216: containernetworking-plugins security update
Information about definition
Identificator: INFCSA-2024:11216
Type: security
Release date: 2025-09-24 19:14:06 UTC
Information about package
The Container Network Interface (CNI) project consists of a specification and libraries for writing plug-ins for configuring network interfaces in Linux containers, along with a number of supported plug-ins. CNI concerns itself only with network connectivity of containers and removing allocated resources when the container is deleted.
Vulnerabilities description
- CVE-2024-34156
A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.
Severity level
| CVE | Score CVSS 2.0 | Score CVSS 3.x | Score CVSS 4.0 |
|---|---|---|---|
|
NIST — CVE-2024-34156
|
no information | 7.5 | no information |
Updated packages
Preparing to download...