{"id":"RHSA-2020:1650","summary":"Red Hat Security Advisory: container-tools:rhel8 security, bug fix, and enhancement update","modified":"2026-03-11T07:27:12.696562Z","published":"2024-09-16T03:17:28Z","upstream":["CVE-2019-19921","CVE-2020-1702","CVE-2020-1726"],"references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2020:1650"},{"type":"ARTICLE","url":"https://access.redhat.com/security/updates/classification/#moderate"},{"type":"ARTICLE","url":"https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.2_release_notes/index"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1703245"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1717357"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1731107"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1732704"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1732713"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1748519"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1749999"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1754744"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1754763"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1755119"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1756919"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1757693"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1757845"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1763454"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1766774"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1768930"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1769469"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1771990"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1774755"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1775307"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1776112"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1779834"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1783267"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1783268"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1783270"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1783272"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1783274"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1784267"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1784952"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1788539"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1792796"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1793084"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1793598"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1796107"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1801152"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1802907"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1803496"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1804849"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1805017"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1805212"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1806901"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1808707"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1810053"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1811514"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1813295"},{"type":"ADVISORY","url":"https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_1650.json"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2019-19921"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2019-19921"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2019-19921"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2020-1702"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2020-1702"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2020-1702"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2020-1726"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2020-1726"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2020-1726"}],"affected":[{"package":{"name":"buildah","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/buildah"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.11.6-7.module+el8.2.0+5856+b8046c6d"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:1650.json"}},{"package":{"name":"buildah-debuginfo","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/buildah-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.11.6-7.module+el8.2.0+5856+b8046c6d"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:1650.json"}},{"package":{"name":"buildah-debugsource","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/buildah-debugsource"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.11.6-7.module+el8.2.0+5856+b8046c6d"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:1650.json"}},{"package":{"name":"buildah-tests","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/buildah-tests"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.11.6-7.module+el8.2.0+5856+b8046c6d"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:1650.json"}},{"package":{"name":"buildah-tests-debuginfo","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/buildah-tests-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.11.6-7.module+el8.2.0+5856+b8046c6d"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:1650.json"}},{"package":{"name":"cockpit-podman","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/cockpit-podman"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:12-1.module+el8.2.0+5950+6d183a6a"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:1650.json"}},{"package":{"name":"conmon","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/conmon"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:2.0.6-1.module+el8.2.0+5182+3136e5d4"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:1650.json"}},{"package":{"name":"container-selinux","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/container-selinux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:2.124.0-1.module+el8.2.0+5182+3136e5d4"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:1650.json"}},{"package":{"name":"containernetworking-plugins","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/containernetworking-plugins"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.8.3-5.module+el8.2.0+5201+6b31f0d9"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:1650.json"}},{"package":{"name":"containernetworking-plugins-debuginfo","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/containernetworking-plugins-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.8.3-5.module+el8.2.0+5201+6b31f0d9"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:1650.json"}},{"package":{"name":"containernetworking-plugins-debugsource","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/containernetworking-plugins-debugsource"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.8.3-5.module+el8.2.0+5201+6b31f0d9"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:1650.json"}},{"package":{"name":"containers-common","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/containers-common"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:0.1.40-10.module+el8.2.0+5955+6cd70ceb"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:1650.json"}},{"package":{"name":"crit","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/crit"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.12-9.module+el8.2.0+5029+3ac48e7d"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:1650.json"}},{"package":{"name":"criu","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/criu"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.12-9.module+el8.2.0+5029+3ac48e7d"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:1650.json"}},{"package":{"name":"criu-debuginfo","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/criu-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.12-9.module+el8.2.0+5029+3ac48e7d"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:1650.json"}},{"package":{"name":"criu-debugsource","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/criu-debugsource"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.12-9.module+el8.2.0+5029+3ac48e7d"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:1650.json"}},{"package":{"name":"fuse-overlayfs","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/fuse-overlayfs"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.7.2-5.module+el8.2.0+6060+9dbc027d"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:1650.json"}},{"package":{"name":"fuse-overlayfs-debuginfo","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/fuse-overlayfs-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.7.2-5.module+el8.2.0+6060+9dbc027d"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:1650.json"}},{"package":{"name":"fuse-overlayfs-debugsource","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/fuse-overlayfs-debugsource"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.7.2-5.module+el8.2.0+6060+9dbc027d"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:1650.json"}},{"package":{"name":"podman","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/podman"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.6.4-10.module+el8.2.0+6063+e761893a"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:1650.json"}},{"package":{"name":"podman-debuginfo","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/podman-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.6.4-10.module+el8.2.0+6063+e761893a"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:1650.json"}},{"package":{"name":"podman-debugsource","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/podman-debugsource"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.6.4-10.module+el8.2.0+6063+e761893a"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:1650.json"}},{"package":{"name":"podman-docker","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/podman-docker"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.6.4-10.module+el8.2.0+6063+e761893a"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:1650.json"}},{"package":{"name":"podman-remote","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/podman-remote"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.6.4-10.module+el8.2.0+6063+e761893a"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:1650.json"}},{"package":{"name":"podman-remote-debuginfo","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/podman-remote-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.6.4-10.module+el8.2.0+6063+e761893a"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:1650.json"}},{"package":{"name":"podman-tests","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/podman-tests"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.6.4-10.module+el8.2.0+6063+e761893a"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:1650.json"}},{"package":{"name":"python-podman-api","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/python-podman-api"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.2.0-0.2.gitd0a45fe.module+el8.2.0+5201+6b31f0d9"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:1650.json"}},{"package":{"name":"python3-criu","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/python3-criu"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.12-9.module+el8.2.0+5029+3ac48e7d"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:1650.json"}},{"package":{"name":"runc","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/runc"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.0.0-65.rc10.module+el8.2.0+5762+aaee29fb"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:1650.json"}},{"package":{"name":"runc-debuginfo","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/runc-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.0.0-65.rc10.module+el8.2.0+5762+aaee29fb"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:1650.json"}},{"package":{"name":"runc-debugsource","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/runc-debugsource"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.0.0-65.rc10.module+el8.2.0+5762+aaee29fb"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:1650.json"}},{"package":{"name":"skopeo","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/skopeo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:0.1.40-10.module+el8.2.0+5955+6cd70ceb"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:1650.json"}},{"package":{"name":"skopeo-debuginfo","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/skopeo-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:0.1.40-10.module+el8.2.0+5955+6cd70ceb"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:1650.json"}},{"package":{"name":"skopeo-debugsource","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/skopeo-debugsource"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:0.1.40-10.module+el8.2.0+5955+6cd70ceb"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:1650.json"}},{"package":{"name":"skopeo-tests","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/skopeo-tests"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:0.1.40-10.module+el8.2.0+5955+6cd70ceb"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:1650.json"}},{"package":{"name":"slirp4netns","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/slirp4netns"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.4.2-3.git21fdece.module+el8.2.0+5658+9a15711d"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:1650.json"}},{"package":{"name":"slirp4netns-debuginfo","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/slirp4netns-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.4.2-3.git21fdece.module+el8.2.0+5658+9a15711d"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:1650.json"}},{"package":{"name":"slirp4netns-debugsource","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/slirp4netns-debugsource"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.4.2-3.git21fdece.module+el8.2.0+5658+9a15711d"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:1650.json"}},{"package":{"name":"toolbox","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/toolbox"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.0.7-1.module+el8.2.0+6096+9c3f08f3"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:1650.json"}},{"package":{"name":"udica","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/udica"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.2.1-2.module+el8.2.0+4896+8f613c81"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:1650.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}