Vulnerability CVE-2024-1753: Information
Description
A flaw was found in Buildah (and subsequently Podman Build) which allows containers to mount arbitrary locations on the host filesystem into build containers. A malicious Containerfile can use a dummy image with a symbolic link to the root filesystem as a mount source and cause the mount operation to mount the host root filesystem inside the RUN step. The commands inside the RUN step will then have read-write access to the host filesystem, allowing for full container escape at build time.
Fixed packages
Package name | Branch | Fixed in version | Version from repository | Errata ID | Task # | State |
|---|---|---|---|---|---|---|
| buildah | sisyphus | 1.35.1-alt1 | 1.35.4-alt1 | ALT-PU-2024-4351-1 | 343349 | Fixed |
| buildah | sisyphus_riscv64 | 1.35.1-alt1 | 1.35.3-alt1 | ALT-PU-2024-4416-1 | - | Fixed |
| buildah | sisyphus_loongarch64 | 1.35.1-alt1.1 | 1.35.3-alt1 | ALT-PU-2024-4429-1 | - | Fixed |
| buildah | p10 | 1.34.3-alt0.p10 | 1.34.3-alt0.p10 | ALT-PU-2024-4646-2 | 343760 | Fixed |
| buildah | c10f1 | 1.34.3-alt0.p10 | 1.34.3-alt0.p10 | ALT-PU-2024-7024-3 | 345716 | Fixed |
| podman | sisyphus | 5.0.0-alt1 | 5.0.3-alt1 | ALT-PU-2024-4349-1 | 343349 | Fixed |
| podman | sisyphus_riscv64 | 5.0.0-alt1 | 5.0.2-alt1.1 | ALT-PU-2024-4415-1 | - | Fixed |
| podman | sisyphus_loongarch64 | 5.0.0-alt1 | 5.0.2-alt1.1 | ALT-PU-2024-4426-1 | - | Fixed |
| podman | p10 | 4.9.4-alt0.p10 | 4.9.4-alt0.p10 | ALT-PU-2024-4644-2 | 343760 | Fixed |