Bug 2262224 (CVE-2024-23651)
| Summary: | CVE-2024-23651 moby/buildkit: possible race condition with accessing subpaths from cache mounts | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | TEJ RATHI <trathi> |
| Component: | vulnerability | Assignee: | Product Security <prodsec-ir-bot> |
| Status: | NEW --- | QA Contact: | |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | unspecified | CC: | adudiak, bdettelb, davidn, dfreiber, dhanak, drow, dsimansk, epacific, hkataria, jburrell, jcammara, jhardy, jneedle, jobarker, jwendell, kingland, kshier, kverlaen, luizcosta, mabashia, matzew, mnovotny, nweather, owatkins, pierdipi, rcernich, rguimara, rhuss, sdawley, simaishi, smcdonal, stcannon, teagle, tkral, twalsh, vkumar, yguenane, zmiele, zsadeh |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | buildkit 0.12.5 | Doc Type: | If docs needed, set a value |
| Doc Text: |
A race condition issue was found in the Moby Builder Toolkit, stemming from a time-of-check/time-of-use (TOCTOU) vulnerability during cache volume mounting at container build time. Concurrent execution of two malicious build steps, sharing the same cache mounts with subpaths, may result in files from the host system being accessible to the build container. Successful exploitation could lead to a container escape to the underlying host OS when building an image using a malicious Dockerfile or upstream image (for example, when using FROM).
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | Type: | --- | |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | |||
| Bug Blocks: | 2258742 | ||
|
Description
TEJ RATHI
2024-02-01 09:56:25 UTC
|