{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2024-5154", "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "state": "PUBLISHED", "assignerShortName": "redhat", "dateReserved": "2024-05-20T20:46:53.974Z", "datePublished": "2024-06-12T08:51:43.565Z", "dateUpdated": "2025-11-20T08:19:11.952Z"}, "containers": {"cna": {"title": "Cri-o: malicious container can create symlink on host", "metrics": [{"other": {"content": {"value": "Important", "namespace": "https://access.redhat.com/security/updates/classification/"}, "type": "Red Hat severity rating"}}, {"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N", "version": "3.1"}, "format": "CVSS"}], "descriptions": [{"lang": "en", "value": "A flaw was found in cri-o. A malicious container can create a symbolic link to arbitrary files on the host via directory traversal (\u201c../\u201c). This flaw allows the container to read and write to arbitrary files on the host system."}], "affected": [{"versions": [{"status": "affected", "version": "1.30.0", "lessThan": "1.30.1", "versionType": "semver"}, {"status": "affected", "version": "1.29.4", "lessThan": "1.29.5", "versionType": "semver"}, {"status": "affected", "version": "1.28.6", "lessThan": "1.28.7", "versionType": "semver"}], "packageName": "cri-o", "collectionURL": "https://github.com/cri-o/cri-o", "defaultStatus": "unaffected"}, {"vendor": "Red Hat", "product": "Red Hat OpenShift Container Platform 4.12", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "cri-o", "defaultStatus": "affected", "versions": [{"version": "0:1.25.5-21.2.rhaos4.12.gita3eb75f.el8", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:openshift:4.12::el8"]}, {"vendor": "Red Hat", "product": "Red Hat OpenShift Container Platform 4.13", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "cri-o", "defaultStatus": "affected", "versions": [{"version": "0:1.26.5-18.2.rhaos4.13.git2e90133.el8", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:openshift:4.13::el9", "cpe:/a:redhat:openshift:4.13::el8"]}, {"vendor": "Red Hat", "product": "Red Hat OpenShift Container Platform 4.14", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "cri-o", "defaultStatus": "affected", "versions": [{"version": "0:1.27.7-3.rhaos4.14.git674563e.el9", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:openshift:4.14::el8", "cpe:/a:redhat:openshift:4.14::el9"]}, {"vendor": "Red Hat", "product": "Red Hat OpenShift Container Platform 4.15", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "cri-o", "defaultStatus": "affected", "versions": [{"version": "0:1.28.7-2.rhaos4.15.git111aec5.el9", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:openshift:4.15::el9", "cpe:/a:redhat:openshift:4.15::el8"]}, {"vendor": "Red Hat", "product": "Red Hat OpenShift Container Platform 4.16", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "cri-o", "defaultStatus": "affected", "versions": [{"version": "0:1.29.5-7.rhaos4.16.git7db4ada.el8", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:openshift:4.16::el8", "cpe:/a:redhat:openshift:4.16::el9"]}, {"vendor": "Red Hat", "product": "Red Hat OpenShift Container Platform 4.16", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "kernel", "defaultStatus": "affected", "versions": [{"version": "0:5.14.0-427.24.1.el9_4", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:openshift:4.16::el8", "cpe:/a:redhat:openshift:4.16::el9"]}, {"vendor": "Red Hat", "product": "Red Hat OpenShift Container Platform 4.16", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "openshift", "defaultStatus": "affected", "versions": [{"version": "0:4.16.0-202406191607.p0.g58452d8.assembly.stream.el8", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:openshift:4.16::el8", "cpe:/a:redhat:openshift:4.16::el9"]}, {"vendor": "Red Hat", "product": "Red Hat OpenShift Container Platform 4.17", "collectionURL": "https://catalog.redhat.com/software/containers/", "packageName": "rhcos", "defaultStatus": "affected", "versions": [{"version": "417.94.202412040832-0", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:openshift:4.17::el9"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "container-tools:rhel8/podman", "defaultStatus": "unaffected", "cpes": ["cpe:/o:redhat:enterprise_linux:8"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "conmon", "defaultStatus": "unaffected", "cpes": ["cpe:/o:redhat:enterprise_linux:9"]}, {"vendor": "Red Hat", "product": "Red Hat OpenShift Container Platform 3.11", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "cri-o", "defaultStatus": "unknown", "cpes": ["cpe:/a:redhat:openshift:3.11"]}], "references": [{"url": "https://access.redhat.com/errata/RHSA-2024:10818", "name": "RHSA-2024:10818", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2024:3676", "name": "RHSA-2024:3676", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2024:3700", "name": "RHSA-2024:3700", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2024:4008", "name": "RHSA-2024:4008", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2024:4159", "name": "RHSA-2024:4159", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2024:4486", "name": "RHSA-2024:4486", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/security/cve/CVE-2024-5154", "tags": ["vdb-entry", "x_refsource_REDHAT"]}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2280190", "name": "RHBZ#2280190", "tags": ["issue-tracking", "x_refsource_REDHAT"]}, {"url": "https://github.com/cri-o/cri-o/security/advisories/GHSA-j9hf-98c3-wrm8"}], "datePublic": "2024-05-27T18:00:00.000Z", "problemTypes": [{"descriptions": [{"cweId": "CWE-22", "description": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", "lang": "en", "type": "CWE"}]}], "x_redhatCweChain": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", "workarounds": [{"lang": "en", "value": "There is no mitigation available for this vulnerability, a package update is required."}], "timeline": [{"lang": "en", "time": "2024-05-10T00:00:00+00:00", "value": "Reported to Red Hat."}, {"lang": "en", "time": "2024-05-27T18:00:00+00:00", "value": "Made public."}], "credits": [{"lang": "en", "value": "Red Hat would like to thank Erik Sj\u00f6lund (erik.sjolund@gmail.com) for reporting this issue."}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2025-11-20T08:19:11.952Z"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-07-13T20:15:38.501353Z", "id": "CVE-2024-5154", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-13T20:15:45.221Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T21:03:11.031Z"}, "title": "CVE Program Container", "references": [{"url": "https://access.redhat.com/errata/RHSA-2024:3676", "name": "RHSA-2024:3676", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"]}, {"url": "https://access.redhat.com/errata/RHSA-2024:3700", "name": "RHSA-2024:3700", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"]}, {"url": "https://access.redhat.com/errata/RHSA-2024:4008", "name": "RHSA-2024:4008", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"]}, {"url": "https://access.redhat.com/errata/RHSA-2024:4486", "name": "RHSA-2024:4486", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"]}, {"url": "https://access.redhat.com/security/cve/CVE-2024-5154", "tags": ["vdb-entry", "x_refsource_REDHAT", "x_transferred"]}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2280190", "name": "RHBZ#2280190", "tags": ["issue-tracking", "x_refsource_REDHAT", "x_transferred"]}, {"url": "https://github.com/cri-o/cri-o/security/advisories/GHSA-j9hf-98c3-wrm8", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://access.redhat.com/errata/RHSA-2024:3676", "name": "RHSA-2024:3676", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"]}, {"url": "https://access.redhat.com/errata/RHSA-2024:3700", "name": "RHSA-2024:3700", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"]}, {"url": "https://access.redhat.com/errata/RHSA-2024:4008", "name": "RHSA-2024:4008", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"]}, {"url": "https://access.redhat.com/errata/RHSA-2024:4486", "name": "RHSA-2024:4486", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"]}, {"url": "https://access.redhat.com/security/cve/CVE-2024-5154", "tags": ["vdb-entry", "x_refsource_REDHAT", "x_transferred"]}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2280190", "name": "RHBZ#2280190", "tags": ["issue-tracking", "x_refsource_REDHAT", "x_transferred"]}, {"url": "https://github.com/cri-o/cri-o/security/advisories/GHSA-j9hf-98c3-wrm8", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T21:03:11.031Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-5154", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-07-13T20:15:38.501353Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-13T20:15:42.950Z"}}], "cna": {"title": "Cri-o: malicious container can create symlink on host", "credits": [{"lang": "en", "value": "Red Hat would like to thank Erik Sj\u00f6lund (erik.sjolund@gmail.com) for reporting this issue."}], "metrics": [{"other": {"type": "Red Hat severity rating", "content": {"value": "Important", "namespace": "https://access.redhat.com/security/updates/classification/"}}}, {"format": "CVSS", "cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 8.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}}], "affected": [{"versions": [{"status": "affected", "version": "1.30.0", "lessThan": "1.30.1", "versionType": "semver"}, {"status": "affected", "version": "1.29.4", "lessThan": "1.29.5", "versionType": "semver"}, {"status": "affected", "version": "1.28.6", "lessThan": "1.28.7", "versionType": "semver"}], "packageName": "cri-o", "collectionURL": "https://github.com/cri-o/cri-o", "defaultStatus": "unaffected"}, {"cpes": ["cpe:/a:redhat:openshift:4.12::el8"], "vendor": "Red Hat", "product": "Red Hat OpenShift Container Platform 4.12", "versions": [{"status": "unaffected", "version": "0:1.25.5-21.2.rhaos4.12.gita3eb75f.el8", "lessThan": "*", "versionType": "rpm"}], "packageName": "cri-o", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:openshift:4.13::el9", "cpe:/a:redhat:openshift:4.13::el8"], "vendor": "Red Hat", "product": "Red Hat OpenShift Container Platform 4.13", "versions": [{"status": "unaffected", "version": "0:1.26.5-18.2.rhaos4.13.git2e90133.el8", "lessThan": "*", "versionType": "rpm"}], "packageName": "cri-o", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:openshift:4.14::el8", "cpe:/a:redhat:openshift:4.14::el9"], "vendor": "Red Hat", "product": "Red Hat OpenShift Container Platform 4.14", "versions": [{"status": "unaffected", "version": "0:1.27.7-3.rhaos4.14.git674563e.el9", "lessThan": "*", "versionType": "rpm"}], "packageName": "cri-o", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:openshift:4.15::el9", "cpe:/a:redhat:openshift:4.15::el8"], "vendor": "Red Hat", "product": "Red Hat OpenShift Container Platform 4.15", "versions": [{"status": "unaffected", "version": "0:1.28.7-2.rhaos4.15.git111aec5.el9", "lessThan": "*", "versionType": "rpm"}], "packageName": "cri-o", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:openshift:4.16::el8", "cpe:/a:redhat:openshift:4.16::el9"], "vendor": "Red Hat", "product": "Red Hat OpenShift Container Platform 4.16", "versions": [{"status": "unaffected", "version": "0:1.29.5-7.rhaos4.16.git7db4ada.el8", "lessThan": "*", "versionType": "rpm"}], "packageName": "cri-o", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:openshift:4.16::el8", "cpe:/a:redhat:openshift:4.16::el9"], "vendor": "Red Hat", "product": "Red Hat OpenShift Container Platform 4.16", "versions": [{"status": "unaffected", "version": "0:5.14.0-427.24.1.el9_4", "lessThan": "*", "versionType": "rpm"}], "packageName": "kernel", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:openshift:4.16::el8", "cpe:/a:redhat:openshift:4.16::el9"], "vendor": "Red Hat", "product": "Red Hat OpenShift Container Platform 4.16", "versions": [{"status": "unaffected", "version": "0:4.16.0-202406191607.p0.g58452d8.assembly.stream.el8", "lessThan": "*", "versionType": "rpm"}], "packageName": "openshift", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:openshift:4.17::el9"], "vendor": "Red Hat", "product": "Red Hat OpenShift Container Platform 4.17", "versions": [{"status": "unaffected", "version": "417.94.202412040832-0", "lessThan": "*", "versionType": "rpm"}], "packageName": "rhcos", "collectionURL": "https://catalog.redhat.com/software/containers/", "defaultStatus": "affected"}, {"cpes": ["cpe:/o:redhat:enterprise_linux:8"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8", "packageName": "container-tools:rhel8/podman", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "unaffected"}, {"cpes": ["cpe:/o:redhat:enterprise_linux:9"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9", "packageName": "conmon", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "unaffected"}, {"cpes": ["cpe:/a:redhat:openshift:3.11"], "vendor": "Red Hat", "product": "Red Hat OpenShift Container Platform 3.11", "packageName": "cri-o", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "unknown"}], "timeline": [{"lang": "en", "time": "2024-05-10T00:00:00+00:00", "value": "Reported to Red Hat."}, {"lang": "en", "time": "2024-05-27T18:00:00+00:00", "value": "Made public."}], "datePublic": "2024-05-27T18:00:00.000Z", "references": [{"url": "https://access.redhat.com/errata/RHSA-2024:10818", "name": "RHSA-2024:10818", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2024:3676", "name": "RHSA-2024:3676", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2024:3700", "name": "RHSA-2024:3700", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2024:4008", "name": "RHSA-2024:4008", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2024:4159", "name": "RHSA-2024:4159", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2024:4486", "name": "RHSA-2024:4486", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/security/cve/CVE-2024-5154", "tags": ["vdb-entry", "x_refsource_REDHAT"]}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2280190", "name": "RHBZ#2280190", "tags": ["issue-tracking", "x_refsource_REDHAT"]}, {"url": "https://github.com/cri-o/cri-o/security/advisories/GHSA-j9hf-98c3-wrm8"}], "workarounds": [{"lang": "en", "value": "There is no mitigation available for this vulnerability, a package update is required."}], "descriptions": [{"lang": "en", "value": "A flaw was found in cri-o. A malicious container can create a symbolic link to arbitrary files on the host via directory traversal (\u201c../\u201c). This flaw allows the container to read and write to arbitrary files on the host system."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-22", "description": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"}]}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2025-11-20T08:19:11.952Z"}, "x_redhatCweChain": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"}}, "cveMetadata": {"cveId": "CVE-2024-5154", "state": "PUBLISHED", "dateUpdated": "2025-11-20T08:19:11.952Z", "dateReserved": "2024-05-20T20:46:53.974Z", "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "datePublished": "2024-06-12T08:51:43.565Z", "assignerShortName": "redhat"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:kubernetes:cri-o:1.28.6:*:*:*:*:*:*:*", "matchCriteriaId": "5B2B5E94-63E3-4389-9E60-42C1994261BB", "vulnerable": true}, {"criteria": "cpe:2.3:a:kubernetes:cri-o:1.29.4:*:*:*:*:*:*:*", "matchCriteriaId": "14FB1E55-19A8-4938-8D0B-C5A4F6251023", "vulnerable": true}, {"criteria": "cpe:2.3:a:kubernetes:cri-o:1.30.0:*:*:*:*:*:*:*", "matchCriteriaId": "AC775014-0A15-4E70-A968-AAD7181254E6", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*", "matchCriteriaId": "2F87326E-0B56-4356-A889-73D026DB1D4B", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "932D137F-528B-4526-9A89-CD59FA1AB0FE", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform:4.12:*:*:*:*:*:*:*", "matchCriteriaId": "40449571-22F8-44FA-B57B-B43F71AB25E2", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform:4.13:*:*:*:*:*:*:*", "matchCriteriaId": "1FFF1D51-ABA8-4E54-B81C-A88C8A5E4842", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform:4.14:*:*:*:*:*:*:*", "matchCriteriaId": "486B3F69-1551-4F8B-B25B-A5864248811B", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform:4.15:*:*:*:*:*:*:*", "matchCriteriaId": "4716808D-67EB-4E14-9910-B248A500FAFA", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943", "vulnerable": false}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A flaw was found in cri-o. A malicious container can create a symbolic link to arbitrary files on the host via directory traversal (\u201c../\u201c). This flaw allows the container to read and write to arbitrary files on the host system."}, {"lang": "es", "value": "Se encontr\u00f3 un defecto en cri-o. Un contenedor malicioso puede crear un enlace simb\u00f3lico que apunte a un directorio o archivo arbitrario en el host mediante el directory traversal (\u201c../\u201d). Esta falla permite que el contenedor lea y escriba en archivos arbitrarios en el sistema host."}], "id": "CVE-2024-5154", "lastModified": "2025-06-23T14:15:26.073", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 1.7, "impactScore": 5.8, "source": "secalert@redhat.com", "type": "Secondary"}]}, "published": "2024-06-12T09:15:19.973", "references": [{"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2024:10818"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "https://access.redhat.com/errata/RHSA-2024:3676"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "https://access.redhat.com/errata/RHSA-2024:3700"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "https://access.redhat.com/errata/RHSA-2024:4008"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2024:4159"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "https://access.redhat.com/errata/RHSA-2024:4486"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "https://access.redhat.com/security/cve/CVE-2024-5154"}, {"source": "secalert@redhat.com", "tags": ["Issue Tracking"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2280190"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "https://github.com/cri-o/cri-o/security/advisories/GHSA-j9hf-98c3-wrm8"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://access.redhat.com/errata/RHSA-2024:3676"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://access.redhat.com/errata/RHSA-2024:3700"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://access.redhat.com/errata/RHSA-2024:4008"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://access.redhat.com/errata/RHSA-2024:4486"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://access.redhat.com/security/cve/CVE-2024-5154"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2280190"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://github.com/cri-o/cri-o/security/advisories/GHSA-j9hf-98c3-wrm8"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "secalert@redhat.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-22"}], "source": "nvd@nist.gov", "type": "Secondary"}]}

{"acknowledgement": "Red Hat would like to thank Erik Sj\u00f6lund (erik.sjolund@gmail.com) for reporting this issue.", "affected_release": [{"advisory": "RHSA-2024:4008", "cpe": "cpe:/a:redhat:openshift:4.12::el8", "package": "cri-o-0:1.25.5-21.2.rhaos4.12.gita3eb75f.el8", "product_name": "Red Hat OpenShift Container Platform 4.12", "release_date": "2024-06-27T00:00:00Z"}, {"advisory": "RHSA-2024:4486", "cpe": "cpe:/a:redhat:openshift:4.13::el8", "package": "cri-o-0:1.26.5-18.2.rhaos4.13.git2e90133.el8", "product_name": "Red Hat OpenShift Container Platform 4.13", "release_date": "2024-07-17T00:00:00Z"}, {"advisory": "RHSA-2024:3700", "cpe": "cpe:/a:redhat:openshift:4.14::el8", "package": "cri-o-0:1.27.7-3.rhaos4.14.git674563e.el9", "product_name": "Red Hat OpenShift Container Platform 4.14", "release_date": "2024-06-13T00:00:00Z"}, {"advisory": "RHSA-2024:3676", "cpe": "cpe:/a:redhat:openshift:4.15::el8", "package": "cri-o-0:1.28.7-2.rhaos4.15.git111aec5.el8", "product_name": "Red Hat OpenShift Container Platform 4.15", "release_date": "2024-06-11T00:00:00Z"}, {"advisory": "RHSA-2024:4159", "cpe": "cpe:/a:redhat:openshift:4.16::el8", "package": "cri-o-0:1.29.5-7.rhaos4.16.git7db4ada.el9", "product_name": "Red Hat OpenShift Container Platform 4.16", "release_date": "2024-07-03T00:00:00Z"}, {"advisory": "RHSA-2024:4159", "cpe": "cpe:/a:redhat:openshift:4.16::el8", "package": "kernel-0:5.14.0-427.24.1.el9_4", "product_name": "Red Hat OpenShift Container Platform 4.16", "release_date": "2024-07-03T00:00:00Z"}, {"advisory": "RHSA-2024:4159", "cpe": "cpe:/a:redhat:openshift:4.16::el8", "package": "openshift-0:4.16.0-202406191607.p0.g58452d8.assembly.stream.el9", "product_name": "Red Hat OpenShift Container Platform 4.16", "release_date": "2024-07-03T00:00:00Z"}, {"advisory": "RHSA-2024:10818", "cpe": "cpe:/a:redhat:openshift:4.17::el9", "package": "rhcos-417.94.202412040832-0", "product_name": "Red Hat OpenShift Container Platform 4.17", "release_date": "2024-12-11T00:00:00Z"}], "bugzilla": {"description": "cri-o: malicious container can create symlink on host", "id": "2280190", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2280190"}, "csaw": false, "cvss3": {"cvss3_base_score": "8.1", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N", "status": "verified"}, "cwe": "CWE-22", "details": ["A flaw was found in cri-o. A malicious container can create a symbolic link to arbitrary files on the host via directory traversal (\u201c../\u201c). This flaw allows the container to read and write to arbitrary files on the host system.", "A flaw was found in cri-o. A malicious container can create a symbolic link to arbitrary files on the host via directory traversal (\u201c../\u201c). This flaw allows the container to read and write to arbitrary files on the host system."], "mitigation": {"lang": "en:us", "value": "There is no mitigation available for this vulnerability, a package update is required."}, "name": "CVE-2024-5154", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "container-tools:rhel8/podman", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "conmon", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/a:redhat:openshift:3.11", "fix_state": "Out of support scope", "package_name": "cri-o", "product_name": "Red Hat OpenShift Container Platform 3.11"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Affected", "package_name": "rhcos", "product_name": "Red Hat OpenShift Container Platform 4"}], "public_date": "2024-05-27T18:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-5154\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-5154\nhttps://github.com/cri-o/cri-o/security/advisories/GHSA-j9hf-98c3-wrm8"], "statement": "Red Hat OpenShift Container Platform (OCP) includes the vulnerable cri-o library, however it does not load untrusted container, therefore impact is reduced to Important.", "threat_severity": "Important"}

{}