Podman Vulnerability Leads to Memory-Based Denial of Service
CVE-2024-3056

7.7HIGH

Key Information:

Status
Red Hat Enterprise Linux 10
Red Hat Enterprise Linux 7
Red Hat Enterprise Linux 8
Vendor
CVE Published:
2 August 2024

What is CVE-2024-3056?

A vulnerability exists in Podman that can be exploited by attackers to create specially crafted containers configured to share IPC resources with other containers. This flaw can lead to the creation of excessive IPC resources in the /dev/shm directory, causing the system to exhaust its memory. When a malicious container is initiated, it may repeatedly consume memory until it is out-of-memory killed. However, the IPC resources it generated remain tied to the IPC namespace, which persists as long as at least one non-malicious container holds the namespace open. By automatically restarting the malicious container, attackers can continuously leverage this vulnerability, leading to significant memory depletion and potential denial of service for the system.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://access.redhat.com/security/cve/CVE-2024-3056
vdb-entryx_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2270717
issue-trackingx_refsource_REDHAT

CVSS V3.1

Score:
7.7
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

JSON
.