docker-moby: Fix CVE-2024-36621 - linux/meta-virtualization.git - Mirror of git.yoctoproject.org/meta-virtualization

diff options

author	Praveen Kumar <praveen.kumar@windriver.com>	2025-03-26 19:50:08 +0000
committer	Bruce Ashfield <bruce.ashfield@gmail.com>	2025-04-02 02:21:37 +0000
commit	5dfb3a6b222beb4239b1f62db6caa4868e2e9d46 (patch)
tree	d0fd75eac3d5b73676992e2f8b594d24be61858b /recipes-networking/openvswitch/openvswitch-git/openvswitch-add-ptest-71d553b995d0bd527d3ab1e9fbaf5a2ae34de2f3.patch
parent	2bfcc55701824f37bf2d0dc3ef5f719d22e9919f (diff)
download	meta-virtualization-5dfb3a6b222beb4239b1f62db6caa4868e2e9d46.tar.gz

docker-moby: Fix CVE-2024-36621

moby v25.0.5 is affected by a Race Condition in builder/builder-next/adapters/snapshot/layer.go. The vulnerability could be used to trigger concurrent builds that call the EnsureLayer function resulting in resource leaks/exhaustion. Reference: https://nvd.nist.gov/vuln/detail/CVE-2024-36621 Upstream-patch: https://github.com/moby/moby/commit/37545cc644344dcb576cba67eb7b6f51a463d31e Signed-off-by: Praveen Kumar <praveen.kumar@windriver.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>

Diffstat (limited to 'recipes-networking/openvswitch/openvswitch-git/openvswitch-add-ptest-71d553b995d0bd527d3ab1e9fbaf5a2ae34de2f3.patch')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: