2317458 – (CVE-2024-9675) CVE-2024-9675 buildah: Buildah allows arbitrary directory mount

Bug 2317458 (CVE-2024-9675) - CVE-2024-9675 buildah: Buildah allows arbitrary directory mount

Summary: CVE-2024-9675 buildah: Buildah allows arbitrary directory mount

Keywords:
Status:	NEW
Alias:	CVE-2024-9675
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	high
Severity:	high
Target Milestone:	---
Assignee:	Product Security DevOps Team
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	2317459 2317460 2317461 2317462 2317463 2317464 2317465 2317466
Blocks:
TreeView+	depends on / blocked

Reported:	2024-10-09 02:49 UTC by OSIDB Bzimport
Modified:	2025-04-11 10:53 UTC (History)
CC List:	5 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2024:8563	None	None	None	2024-10-29 09:12:15 UTC
Red Hat Product Errata	RHSA-2024:8675	None	None	None	2024-10-30 14:36:30 UTC
Red Hat Product Errata	RHSA-2024:8679	None	None	None	2024-10-30 19:49:03 UTC
Red Hat Product Errata	RHSA-2024:8686	None	None	None	2024-11-06 03:42:59 UTC
Red Hat Product Errata	RHSA-2024:8690	None	None	None	2024-11-06 14:48:19 UTC
Red Hat Product Errata	RHSA-2024:8700	None	None	None	2024-11-08 15:00:21 UTC
Red Hat Product Errata	RHSA-2024:8703	None	None	None	2024-10-31 11:16:39 UTC
Red Hat Product Errata	RHSA-2024:8707	None	None	None	2024-10-31 13:42:39 UTC
Red Hat Product Errata	RHSA-2024:8708	None	None	None	2024-10-31 13:35:24 UTC
Red Hat Product Errata	RHSA-2024:8709	None	None	None	2024-10-31 13:53:58 UTC
Red Hat Product Errata	RHSA-2024:8846	None	None	None	2024-11-05 03:54:57 UTC
Red Hat Product Errata	RHSA-2024:8984	None	None	None	2024-11-13 04:23:53 UTC
Red Hat Product Errata	RHSA-2024:8994	None	None	None	2024-11-13 18:51:09 UTC
Red Hat Product Errata	RHSA-2024:9051	None	None	None	2024-11-11 01:27:15 UTC
Red Hat Product Errata	RHSA-2024:9454	None	None	None	2024-11-12 11:12:12 UTC
Red Hat Product Errata	RHSA-2024:9459	None	None	None	2024-11-12 11:13:19 UTC
Red Hat Product Errata	RHSA-2025:2445	None	None	None	2025-03-12 17:40:01 UTC
Red Hat Product Errata	RHSA-2025:2449	None	None	None	2025-03-11 02:08:18 UTC
Red Hat Product Errata	RHSA-2025:2454	None	None	None	2025-03-13 05:47:03 UTC
Red Hat Product Errata	RHSA-2025:2701	None	None	None	2025-03-20 07:01:51 UTC
Red Hat Product Errata	RHSA-2025:2710	None	None	None	2025-03-19 20:55:03 UTC
Red Hat Product Errata	RHSA-2025:3301	None	None	None	2025-04-03 00:21:35 UTC
Red Hat Product Errata	RHSA-2025:3573	None	None	None	2025-04-10 21:37:20 UTC

Description OSIDB Bzimport 2024-10-09 02:49:15 UTC

Cache mounts (`--mount type=cache,id=...`) in Buildah and `podman build` do
not properly validate that user-specified paths for the cache are within
our cache directory, allowing a `RUN` instruction in a Containerfile to mount
an arbitrary directory from the host (read/write) into the container as
long as those files can be accessed by the user running Buildah. This codepath automatically performs an SELinux relabel on
the directory in question to ensure the build has access to it, so SELinux
does not stop this.

Comment 4 errata-xmlrpc 2024-10-29 09:12:13 UTC

This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2024:8563 https://access.redhat.com/errata/RHSA-2024:8563

Comment 5 errata-xmlrpc 2024-10-30 14:36:29 UTC

This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.0 Extended Update Support

Via RHSA-2024:8675 https://access.redhat.com/errata/RHSA-2024:8675

Comment 6 errata-xmlrpc 2024-10-30 19:49:02 UTC

This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.0 Extended Update Support

Via RHSA-2024:8679 https://access.redhat.com/errata/RHSA-2024:8679

Comment 7 errata-xmlrpc 2024-10-31 11:16:38 UTC

This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support
  Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.6 Telecommunications Update Service

Via RHSA-2024:8703 https://access.redhat.com/errata/RHSA-2024:8703

Comment 8 errata-xmlrpc 2024-10-31 13:35:23 UTC

This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.2 Extended Update Support

Via RHSA-2024:8708 https://access.redhat.com/errata/RHSA-2024:8708

Comment 9 errata-xmlrpc 2024-10-31 13:42:38 UTC

This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.8 Extended Update Support

Via RHSA-2024:8707 https://access.redhat.com/errata/RHSA-2024:8707

Comment 10 errata-xmlrpc 2024-10-31 13:53:57 UTC

This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.2 Extended Update Support

Via RHSA-2024:8709 https://access.redhat.com/errata/RHSA-2024:8709

Comment 11 errata-xmlrpc 2024-11-05 03:54:56 UTC

This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2024:8846 https://access.redhat.com/errata/RHSA-2024:8846

Comment 12 errata-xmlrpc 2024-11-06 03:42:58 UTC

This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.16

Via RHSA-2024:8686 https://access.redhat.com/errata/RHSA-2024:8686

Comment 13 errata-xmlrpc 2024-11-06 14:48:17 UTC

This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.13

Via RHSA-2024:8690 https://access.redhat.com/errata/RHSA-2024:8690

Comment 14 errata-xmlrpc 2024-11-08 15:00:19 UTC

This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.14

Via RHSA-2024:8700 https://access.redhat.com/errata/RHSA-2024:8700

Comment 15 errata-xmlrpc 2024-11-11 01:27:14 UTC

This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2024:9051 https://access.redhat.com/errata/RHSA-2024:9051

Comment 16 errata-xmlrpc 2024-11-12 11:12:11 UTC

This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2024:9454 https://access.redhat.com/errata/RHSA-2024:9454

Comment 17 errata-xmlrpc 2024-11-12 11:13:18 UTC

This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2024:9459 https://access.redhat.com/errata/RHSA-2024:9459

Comment 18 errata-xmlrpc 2024-11-13 04:23:51 UTC

This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.17

Via RHSA-2024:8984 https://access.redhat.com/errata/RHSA-2024:8984

Comment 19 errata-xmlrpc 2024-11-13 18:51:08 UTC

This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.15

Via RHSA-2024:8994 https://access.redhat.com/errata/RHSA-2024:8994

Comment 20 errata-xmlrpc 2025-03-11 02:08:17 UTC

This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.18

Via RHSA-2025:2449 https://access.redhat.com/errata/RHSA-2025:2449

Comment 21 errata-xmlrpc 2025-03-12 17:39:59 UTC

This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.17

Via RHSA-2025:2445 https://access.redhat.com/errata/RHSA-2025:2445

Comment 22 errata-xmlrpc 2025-03-13 05:47:02 UTC

This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.15

Via RHSA-2025:2454 https://access.redhat.com/errata/RHSA-2025:2454

Comment 23 errata-xmlrpc 2025-03-19 20:55:02 UTC

This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.14

Via RHSA-2025:2710 https://access.redhat.com/errata/RHSA-2025:2710

Comment 24 errata-xmlrpc 2025-03-20 07:01:50 UTC

This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.13

Via RHSA-2025:2701 https://access.redhat.com/errata/RHSA-2025:2701

Comment 25 errata-xmlrpc 2025-04-03 00:21:34 UTC

This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.16

Via RHSA-2025:3301 https://access.redhat.com/errata/RHSA-2025:3301

Comment 28 errata-xmlrpc 2025-04-10 21:37:19 UTC

This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.12

Via RHSA-2025:3573 https://access.redhat.com/errata/RHSA-2025:3573

Note You need to log in before you can comment on or make changes to this bug.