REDHAT-BUG-2317458
First published: Wed Oct 09 2024(Updated: )
Cache mounts (`--mount type=cache,id=...`) in Buildah and `podman build` do not properly validate that user-specified paths for the cache are within our cache directory, allowing a `RUN` instruction in a Containerfile to mount an arbitrary directory from the host (read/write) into the container as long as those files can be accessed by the user running Buildah. This codepath automatically performs an SELinux relabel on the directory in question to ensure the build has access to it, so SELinux does not stop this.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Buildah | ||
| Podman |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://access.redhat.com/errata/RHSA-2024:8563
- https://access.redhat.com/errata/RHSA-2024:8675
- https://access.redhat.com/errata/RHSA-2024:8679
- https://access.redhat.com/errata/RHSA-2024:8703
- https://access.redhat.com/errata/RHSA-2024:8708
- https://access.redhat.com/errata/RHSA-2024:8707
- https://access.redhat.com/errata/RHSA-2024:8709
- https://access.redhat.com/errata/RHSA-2024:8846
- https://access.redhat.com/errata/RHSA-2024:8686
- https://access.redhat.com/errata/RHSA-2024:8690
- https://access.redhat.com/errata/RHSA-2024:8700
- https://access.redhat.com/errata/RHSA-2024:9051
- https://access.redhat.com/errata/RHSA-2024:9454
- https://access.redhat.com/errata/RHSA-2024:9459
- https://access.redhat.com/errata/RHSA-2024:8984
- https://access.redhat.com/errata/RHSA-2024:8994
- https://access.redhat.com/errata/RHSA-2025:2449
- https://access.redhat.com/errata/RHSA-2025:2445
- https://access.redhat.com/errata/RHSA-2025:2454
- https://access.redhat.com/errata/RHSA-2025:2710
- https://access.redhat.com/errata/RHSA-2025:2701
- https://access.redhat.com/errata/RHSA-2025:3301
- https://bugzilla.redhat.com/show_bug.cgi?id=2317458
Frequently Asked Questions
What is the severity of REDHAT-BUG-2317458?
The severity of REDHAT-BUG-2317458 is classified as critical.
How do I fix REDHAT-BUG-2317458?
To fix REDHAT-BUG-2317458, update to the latest version of Buildah or Podman where the vulnerability has been addressed.
What systems are affected by REDHAT-BUG-2317458?
REDHAT-BUG-2317458 affects Red Hat Buildah and Red Hat Podman.
Can REDHAT-BUG-2317458 lead to data exposure?
Yes, REDHAT-BUG-2317458 can potentially allow unauthorized access to arbitrary directories on the host.
What should I monitor for regarding REDHAT-BUG-2317458?
Monitor your container builds and ensure that the cache paths used are properly validated to mitigate potential risks from REDHAT-BUG-2317458.
- agent/type
- agent/first-publish-date
- agent/description
- agent/event
- agent/severity
- agent/source
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- agent/softwarecombine
- agent/tags
- agent/references
- agent/last-modified-date
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2024-9675
- vendor/red hat
- canonical/buildah
- canonical/podman