Buildah: buildah allows arbitrary directory mount

CVE-2024-9675

4.4MEDIUM

Key Information

Vendor: Red Hat
Status: Red Hat Enterprise Linux 8; Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support; Red Hat Enterprise Linux 8.6 Telecommunications Update Service; Red Hat Enterprise Linux 8.6 Update Services For SAP Solutions
Vendor: CVE Published:; 9 October 2024

Summary

A vulnerability was found in Buildah. Cache mounts do not properly validate that user-specified paths for the cache are within our cache directory, allowing a `RUN` instruction in a Container file to mount an arbitrary directory from the host (read/write) into the container as long as those files can be accessed by the user running Buildah.

Affected Version(s)

Red Hat Enterprise Linux 8 <= 8100020241023085649.afee755d

Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support <= 8060020241028154646.3b538bd8

Red Hat Enterprise Linux 8.6 Telecommunications Update Service <= 8060020241028154646.3b538bd8

CVSS V3.1

Score:

4.4

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Reported to Red Hat.
Oct 9, 2024
Vulnerability published.
Oct 9, 2024

Collectors

NVD DatabaseMitre Database