First published: Wed Oct 09 2024(Updated: )
A vulnerability was found in Buildah. Cache mounts do not properly validate that user-specified paths for the cache are within our cache directory, allowing a `RUN` instruction in a Container file to mount an arbitrary directory from the host (read/write) into the container as long as those files can be accessed by the user running Buildah.
Credit: secalert@redhat.com secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
go/github.com/containers/buildah | <1.38.0 | 1.38.0 |
Buildah | ||
Red Hat OpenShift Container Platform | =4.13 | |
Red Hat OpenShift Container Platform | =4.14 | |
Red Hat OpenShift Container Platform | =4.15 | |
Red Hat OpenShift Container Platform | =4.16 | |
Red Hat OpenShift Container Platform | =4.17 | |
Red Hat Enterprise Linux | =8.0 | |
Red Hat Enterprise Linux | =9.0 | |
Red Hat Enterprise Linux Server EUS | =8.8 | |
Red Hat Enterprise Linux Server EUS | =9.0 | |
Red Hat Enterprise Linux Server EUS | =9.2 | |
Red Hat Enterprise Linux Server EUS | =9.4 | |
Red Hat Enterprise Linux | =8.0_aarch64 | |
Red Hat Enterprise Linux | =9.0_aarch64 | |
Red Hat Enterprise Linux for ARM64 EUS | =8.8_aarch64 | |
Red Hat Enterprise Linux for ARM64 EUS | =9.0_aarch64 | |
Red Hat Enterprise Linux for ARM64 EUS | =9.2_aarch64 | |
Red Hat Enterprise Linux for ARM64 EUS | =9.4_aarch64 | |
Red Hat Enterprise Linux for IBM Z Systems | =8.0_s390x | |
Red Hat Enterprise Linux for IBM Z Systems | =9.0_s390x | |
Red Hat Enterprise Linux for IBM Z Systems (s390x) | =8.8_s390x | |
Red Hat Enterprise Linux for IBM Z Systems (s390x) | =9.0_s390x | |
Red Hat Enterprise Linux for IBM Z Systems (s390x) | =9.2_s390x | |
Red Hat Enterprise Linux for IBM Z Systems (s390x) | =9.4_s390x | |
Red Hat Enterprise Linux for Power, little endian | =8.0_ppc64le | |
Red Hat Enterprise Linux for Power, little endian | =9.0_ppc64le | |
Red Hat Enterprise Linux for Power, little endian - Extended Update Support | =8.8_ppc64le | |
Red Hat Enterprise Linux for Power, little endian - Extended Update Support | =9.0_ppc64le | |
Red Hat Enterprise Linux for Power, little endian - Extended Update Support | =9.2_ppc64le | |
Red Hat Enterprise Linux for Power, little endian - Extended Update Support | =9.4_ppc64le | |
Red Hat Enterprise Linux Server | =8.6 | |
Red Hat Enterprise Linux Server | =9.2 | |
Red Hat Enterprise Linux Server | =9.4 | |
Red Hat Enterprise Linux for SAP Applications for Power, little endian - Extended Update Support | =8.6_ppc64le | |
Red Hat Enterprise Linux for SAP Applications for Power, little endian - Extended Update Support | =8.8_ppc64le | |
Red Hat Enterprise Linux for SAP Applications for Power, little endian - Extended Update Support | =9.0_ppc64le | |
Red Hat Enterprise Linux for SAP Applications for Power, little endian - Extended Update Support | =9.2_ppc64le | |
Red Hat Enterprise Linux for SAP Applications for Power, little endian - Extended Update Support | =9.4_ppc64le | |
Red Hat Enterprise Linux Server | =8.6 | |
Red Hat Enterprise Linux Server | =8.8 | |
Red Hat Enterprise Linux for SAP Solutions | =8.6 | |
Red Hat Enterprise Linux for SAP Solutions | =8.8 | |
Red Hat Enterprise Linux for SAP Solutions | =9.0 | |
Red Hat Enterprise Linux for SAP Solutions | =9.2 | |
Red Hat Enterprise Linux for SAP Solutions | =9.4 | |
=4.13 | ||
=4.14 | ||
=4.15 | ||
=4.16 | ||
=4.17 | ||
=8.0 | ||
=9.0 | ||
=8.8 | ||
=9.0 | ||
=9.2 | ||
=9.4 | ||
=8.0_aarch64 | ||
=9.0_aarch64 | ||
=8.8_aarch64 | ||
=9.0_aarch64 | ||
=9.2_aarch64 | ||
=9.4_aarch64 | ||
=8.0_s390x | ||
=9.0_s390x | ||
=8.8_s390x | ||
=9.0_s390x | ||
=9.2_s390x | ||
=9.4_s390x | ||
=8.0_ppc64le | ||
=9.0_ppc64le | ||
=8.8_ppc64le | ||
=9.0_ppc64le | ||
=9.2_ppc64le | ||
=9.4_ppc64le | ||
=8.6 | ||
=9.2 | ||
=9.4 | ||
=8.6_ppc64le | ||
=8.8_ppc64le | ||
=9.0_ppc64le | ||
=9.2_ppc64le | ||
=9.4_ppc64le | ||
=8.6 | ||
=8.8 | ||
=8.6 | ||
=8.8 | ||
=9.0 | ||
=9.2 | ||
=9.4 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2024-9675 is considered a critical severity vulnerability due to its potential exploitation allowing unauthorized access to sensitive file paths.
To remediate CVE-2024-9675, update to Buildah version 1.38.0 or later which includes the necessary patches.
CVE-2024-9675 affects Buildah and various versions of Red Hat OpenShift and Red Hat Enterprise Linux.
Exploitation of CVE-2024-9675 allows an attacker to mount arbitrary directories from the host to the container with read and write access.
CVE-2024-9675 is classified as a local vulnerability, requiring access to the host system to exploit.