{"id":"ALSA-2025:0308","summary":"Important: fence-agents security update","details":"The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or unreachable nodes to be forcibly restarted and removed from the cluster.   \n\nSecurity Fix(es):  \n\n  * fence-agents: Jinja has a sandbox breakout through indirect reference to format method [almalinux-9.5.z] (CVE-2024-56326)\n  * fence-agents: Jinja has a sandbox breakout through malicious filenames [almalinux-9.5.z] (CVE-2024-56201)\n\n\n","modified":"2026-02-04T04:37:04.061746Z","published":"2025-01-14T00:00:00Z","related":["CVE-2024-56201","CVE-2024-56326"],"references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2025:0308"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2024-56201"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2024-56326"},{"type":"ADVISORY","url":"https://errata.almalinux.org/9/ALSA-2025-0308.html"}],"affected":[{"package":{"name":"fence-agents-common","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/fence-agents-common"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.10.0-76.el9_5.4.alma.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2025:0308.json"}},{"package":{"name":"fence-agents-compute","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/fence-agents-compute"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.10.0-76.el9_5.4.alma.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2025:0308.json"}},{"package":{"name":"fence-agents-ibm-powervs","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/fence-agents-ibm-powervs"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.10.0-76.el9_5.4.alma.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2025:0308.json"}},{"package":{"name":"fence-agents-ibm-vpc","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/fence-agents-ibm-vpc"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.10.0-76.el9_5.4.alma.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2025:0308.json"}},{"package":{"name":"fence-agents-kubevirt","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/fence-agents-kubevirt"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.10.0-76.el9_5.4.alma.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2025:0308.json"}},{"package":{"name":"fence-agents-virsh","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/fence-agents-virsh"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.10.0-76.el9_5.4.alma.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2025:0308.json"}},{"package":{"name":"fence-virt","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/fence-virt"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.10.0-76.el9_5.4.alma.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2025:0308.json"}},{"package":{"name":"fence-virtd","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/fence-virtd"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.10.0-76.el9_5.4.alma.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2025:0308.json"}},{"package":{"name":"fence-virtd-cpg","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/fence-virtd-cpg"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.10.0-76.el9_5.4.alma.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2025:0308.json"}},{"package":{"name":"fence-virtd-libvirt","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/fence-virtd-libvirt"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.10.0-76.el9_5.4.alma.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2025:0308.json"}},{"package":{"name":"fence-virtd-multicast","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/fence-virtd-multicast"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.10.0-76.el9_5.4.alma.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2025:0308.json"}},{"package":{"name":"fence-virtd-serial","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/fence-virtd-serial"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.10.0-76.el9_5.4.alma.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2025:0308.json"}},{"package":{"name":"fence-virtd-tcp","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/fence-virtd-tcp"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.10.0-76.el9_5.4.alma.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2025:0308.json"}}],"schema_version":"1.7.3"}