Metrics
Affected Vendors & Products
Solution
No solution given by the vendor.
Workaround
Mandatory access controls should limit the access of the process performing the build, on systems where they are enabled. SELinux enforces strict access controls by confining the build process (e.g., Podman) to specific domains like container_t. This prevents unauthorized access to sensitive host files and directories, even if a malicious Containerfile tries to exploit the --mount flag.
Wed, 16 Jul 2025 13:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
epss
|
epss
|
Mon, 30 Jun 2025 19:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:/o:redhat:enterprise_linux:10 |
Thu, 08 May 2025 09:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs |
Wed, 16 Apr 2025 19:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
Thu, 10 Apr 2025 13:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
Thu, 20 Mar 2025 07:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
Thu, 20 Mar 2025 07:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:/a:redhat:openshift:4.13::el8 cpe:/a:redhat:openshift:4.13::el9 |
|
References |
|
Wed, 19 Mar 2025 23:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
Wed, 19 Mar 2025 21:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
Thu, 13 Mar 2025 17:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
Thu, 13 Mar 2025 16:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:/a:redhat:openshift:4.12::el8 cpe:/a:redhat:openshift:4.12::el9 |
|
References |
|
Thu, 13 Mar 2025 06:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
Thu, 13 Mar 2025 06:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
Wed, 05 Mar 2025 05:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
Wed, 05 Mar 2025 04:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
Tue, 04 Mar 2025 17:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:/a:redhat:openshift:4.18::el8 cpe:/a:redhat:openshift:4.18::el9 |
|
References |
|
Thu, 27 Feb 2025 05:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:/a:redhat:openshift:4.15::el8 cpe:/a:redhat:openshift:4.15::el9 |
|
References |
|
Thu, 27 Feb 2025 01:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
Thu, 20 Feb 2025 02:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:/a:redhat:openshift:4.14::el8 cpe:/a:redhat:openshift:4.14::el9 |
|
References |
|
Fri, 14 Feb 2025 03:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:/a:redhat:enterprise_linux:8 |
Thu, 13 Feb 2025 02:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:/a:redhat:enterprise_linux:8::appstream | |
References |
|
Thu, 13 Feb 2025 01:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:/a:redhat:enterprise_linux:9 cpe:/a:redhat:rhel_aus:8.6 cpe:/a:redhat:rhel_e4s:8.6 cpe:/a:redhat:rhel_e4s:9.0 cpe:/a:redhat:rhel_eus:8.8 cpe:/a:redhat:rhel_eus:9.2 cpe:/a:redhat:rhel_eus:9.4 cpe:/a:redhat:rhel_tus:8.6 |
Wed, 12 Feb 2025 18:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Tue, 11 Feb 2025 12:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
Tue, 11 Feb 2025 11:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:/a:redhat:rhel_eus:9.2::appstream | |
References |
|
Tue, 11 Feb 2025 08:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:/a:redhat:rhel_eus:8.8::appstream | |
References |
|
Mon, 10 Feb 2025 16:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Redhat rhel Aus
Redhat rhel Tus |
|
CPEs | cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream |
|
Vendors & Products |
Redhat rhel Aus
Redhat rhel Tus |
|
References |
|
Mon, 10 Feb 2025 06:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Redhat openshift Ironic
|
|
CPEs | cpe:/a:redhat:openshift:4.16::el8 cpe:/a:redhat:openshift:4.16::el9 cpe:/a:redhat:openshift_ironic:4.16::el9 |
|
Vendors & Products |
Redhat openshift Ironic
|
|
References |
|
Mon, 10 Feb 2025 06:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
Mon, 10 Feb 2025 02:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Redhat rhel Eus
|
|
CPEs | cpe:/a:redhat:rhel_eus:9.4::appstream | |
Vendors & Products |
Redhat rhel Eus
|
|
References |
|
Mon, 10 Feb 2025 01:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Redhat rhel E4s
|
|
CPEs | cpe:/a:redhat:rhel_e4s:9.0::appstream | |
Vendors & Products |
Redhat rhel E4s
|
|
References |
|
Thu, 06 Feb 2025 09:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:/a:redhat:openshift:4.17::el8 cpe:/a:redhat:openshift:4.17::el9 |
|
References |
|
Tue, 04 Feb 2025 09:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | ||
References |
|
Tue, 04 Feb 2025 01:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:/a:redhat:enterprise_linux:9::appstream | |
References |
|
Wed, 22 Jan 2025 13:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
| |
Metrics |
threat_severity
|
threat_severity
|
Wed, 22 Jan 2025 05:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A vulnerability was found in `podman build` and `buildah.` This issue occurs in a container breakout by using --jobs=2 and a race condition when building a malicious Containerfile. SELinux might mitigate it, but even with SELinux on, it still allows the enumeration of files and directories on the host. | |
Title | Podman: buildah: container breakout by using --jobs=2 and a race condition when building a malicious containerfile | |
First Time appeared |
Redhat
Redhat enterprise Linux Redhat openshift |
|
Weaknesses | CWE-269 | |
CPEs | cpe:/a:redhat:openshift:4 cpe:/o:redhat:enterprise_linux:8 cpe:/o:redhat:enterprise_linux:9 |
|
Vendors & Products |
Redhat
Redhat enterprise Linux Redhat openshift |
|
References |
| |
Metrics |
cvssV3_1
|

Status: PUBLISHED
Assigner: redhat
Published:
Updated: 2025-09-25T19:24:49.384Z
Reserved: 2024-11-14T13:11:49.476Z
Link: CVE-2024-11218

Updated: 2025-02-12T17:08:18.179Z

Status : Awaiting Analysis
Published: 2025-01-22T05:15:08.903
Modified: 2025-04-16T19:15:50.680
Link: CVE-2024-11218


No data.