OpenCVE

A vulnerability was found in Buildah. Cache mounts do not properly validate that user-specified paths for the cache are within our cache directory, allowing a `RUN` instruction in a Container file to mount an arbitrary directory from the host (read/write) into the container as long as those files can be accessed by the user running Buildah.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Redhat	Enterprise Linux Ocp Tools Openshift Quay Rhel Aus Rhel E4s Rhel Eus Rhel Tus

No data.

Package	CPE	Advisory	Released Date
Red Hat Enterprise Linux 8
container-tools:rhel8-8100020241023085649.afee755d	cpe:/a:redhat:enterprise_linux:8	RHSA-2024:8846	2024-11-05T00:00:00Z
Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support
container-tools:rhel8-8060020241028154646.3b538bd8	cpe:/a:redhat:rhel_aus:8.6	RHSA-2024:8703	2024-10-31T00:00:00Z
Red Hat Enterprise Linux 8.6 Telecommunications Update Service
container-tools:rhel8-8060020241028154646.3b538bd8	cpe:/a:redhat:rhel_tus:8.6	RHSA-2024:8703	2024-10-31T00:00:00Z
Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions
container-tools:rhel8-8060020241028154646.3b538bd8	cpe:/a:redhat:rhel_e4s:8.6	RHSA-2024:8703	2024-10-31T00:00:00Z
Red Hat Enterprise Linux 8.8 Extended Update Support
container-tools:rhel8-8080020241025064551.0f77c1b7	cpe:/a:redhat:rhel_eus:8.8	RHSA-2024:8707	2024-10-31T00:00:00Z
Red Hat Enterprise Linux 9
buildah-2:1.33.10-1.el9_4	cpe:/a:redhat:enterprise_linux:9	RHSA-2024:8563	2024-10-29T00:00:00Z
podman-4:4.9.4-16.el9_4	cpe:/a:redhat:enterprise_linux:9	RHSA-2024:9051	2024-11-11T00:00:00Z
podman-4:5.2.2-9.el9_5	cpe:/a:redhat:enterprise_linux:9	RHSA-2024:9454	2024-11-12T00:00:00Z
buildah-2:1.37.5-1.el9_5	cpe:/a:redhat:enterprise_linux:9	RHSA-2024:9459	2024-11-12T00:00:00Z
Red Hat Enterprise Linux 9.0 Extended Update Support
buildah-1:1.26.8-2.el9_0	cpe:/a:redhat:rhel_eus:9.0	RHSA-2024:8675	2024-10-30T00:00:00Z
podman-2:4.2.0-5.el9_0.2	cpe:/a:redhat:rhel_eus:9.0	RHSA-2024:8679	2024-10-30T00:00:00Z
Red Hat Enterprise Linux 9.2 Extended Update Support
buildah-1:1.29.4-1.el9_2	cpe:/a:redhat:rhel_eus:9.2	RHSA-2024:8708	2024-10-31T00:00:00Z
podman-2:4.4.1-21.el9_2	cpe:/a:redhat:rhel_eus:9.2	RHSA-2024:8709	2024-10-31T00:00:00Z
Red Hat OpenShift Container Platform 4.13
podman-3:4.4.1-15.rhaos4.13.el8	cpe:/a:redhat:openshift:4.13::el8	RHSA-2024:8690	2024-11-06T00:00:00Z
Red Hat OpenShift Container Platform 4.14
podman-3:4.4.1-21.rhaos4.14.el9	cpe:/a:redhat:openshift:4.14::el8	RHSA-2024:8700	2024-11-08T00:00:00Z
Red Hat OpenShift Container Platform 4.15
podman-3:4.4.1-32.rhaos4.15.el9	cpe:/a:redhat:openshift:4.15::el8	RHSA-2024:8994	2024-11-13T00:00:00Z
Red Hat OpenShift Container Platform 4.16
podman-4:4.9.4-14.rhaos4.16.el9	cpe:/a:redhat:openshift:4.16::el8	RHSA-2024:8686	2024-11-06T00:00:00Z
Red Hat OpenShift Container Platform 4.17
podman-5:5.2.2-1.rhaos4.17.el9	cpe:/a:redhat:openshift:4.17::el8	RHSA-2024:8984	2024-11-13T00:00:00Z

References

Link	Providers
https://access.redhat.com/errata/RHSA-2024:8563
https://access.redhat.com/errata/RHSA-2024:8675
https://access.redhat.com/errata/RHSA-2024:8679
https://access.redhat.com/errata/RHSA-2024:8686
https://access.redhat.com/errata/RHSA-2024:8690
https://access.redhat.com/errata/RHSA-2024:8700
https://access.redhat.com/errata/RHSA-2024:8703
https://access.redhat.com/errata/RHSA-2024:8707
https://access.redhat.com/errata/RHSA-2024:8708
https://access.redhat.com/errata/RHSA-2024:8709
https://access.redhat.com/errata/RHSA-2024:8846
https://access.redhat.com/errata/RHSA-2024:8984
https://access.redhat.com/errata/RHSA-2024:9051
https://access.redhat.com/errata/RHSA-2024:9454
https://access.redhat.com/errata/RHSA-2024:9459
https://access.redhat.com/security/cve/CVE-2024-9675
https://bugzilla.redhat.com/show_bug.cgi?id=2317458
https://nvd.nist.gov/vuln/detail/CVE-2024-9675
https://www.cve.org/CVERecord?id=CVE-2024-9675

History

Sat, 16 Nov 2024 02:45:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:/a:redhat:openshift:4.15::el8

Wed, 13 Nov 2024 08:00:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:/a:redhat:openshift:4.17::el8 cpe:/a:redhat:openshift:4.17::el9
References		https://access.redhat.com/errata/RHSA-2024:8984

Tue, 12 Nov 2024 17:45:00 +0000

Type	Values Removed	Values Added
References		https://access.redhat.com/errata/RHSA-2024:9454 https://access.redhat.com/errata/RHSA-2024:9459

Mon, 11 Nov 2024 17:00:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:/a:redhat:openshift:4.14::el9
References		https://access.redhat.com/errata/RHSA-2024:8700 https://access.redhat.com/errata/RHSA-2024:9051

Sat, 09 Nov 2024 02:30:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:/a:redhat:openshift:4.14::el8

Wed, 06 Nov 2024 20:00:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:/a:redhat:openshift:4.13::el8 cpe:/a:redhat:openshift:4.13::el9
References		https://access.redhat.com/errata/RHSA-2024:8690

Wed, 06 Nov 2024 10:15:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:/a:redhat:openshift:4.16::el8 cpe:/a:redhat:openshift:4.16::el9
References		https://access.redhat.com/errata/RHSA-2024:8686

Wed, 06 Nov 2024 02:15:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:/a:redhat:enterprise_linux:8

Tue, 05 Nov 2024 08:15:00 +0000

Type	Values Removed	Values Added
CPEs	~~cpe:/o:redhat:enterprise_linux:8~~	cpe:/a:redhat:enterprise_linux:8::appstream
References		https://access.redhat.com/errata/RHSA-2024:8846

Fri, 01 Nov 2024 02:30:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:/a:redhat:rhel_aus:8.6 cpe:/a:redhat:rhel_e4s:8.6 cpe:/a:redhat:rhel_eus:8.8 cpe:/a:redhat:rhel_eus:9.2 cpe:/a:redhat:rhel_tus:8.6

Thu, 31 Oct 2024 16:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat rhel Aus Redhat rhel E4s Redhat rhel Tus
CPEs		cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_eus:8.8::appstream cpe:/a:redhat:rhel_eus:9.2::appstream cpe:/a:redhat:rhel_tus:8.6::appstream
Vendors & Products		Redhat rhel Aus Redhat rhel E4s Redhat rhel Tus
References		https://access.redhat.com/errata/RHSA-2024:8703 https://access.redhat.com/errata/RHSA-2024:8707 https://access.redhat.com/errata/RHSA-2024:8708 https://access.redhat.com/errata/RHSA-2024:8709

Thu, 31 Oct 2024 02:15:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:/a:redhat:rhel_eus:9.0

Wed, 30 Oct 2024 23:00:00 +0000

Type	Values Removed	Values Added
References		https://access.redhat.com/errata/RHSA-2024:8679

Wed, 30 Oct 2024 17:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat rhel Eus
CPEs		cpe:/a:redhat:rhel_eus:9.0::appstream
Vendors & Products		Redhat rhel Eus
References		https://access.redhat.com/errata/RHSA-2024:8675

Wed, 30 Oct 2024 06:45:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:/a:redhat:enterprise_linux:9::appstream
References		https://access.redhat.com/errata/RHSA-2024:8563

Wed, 30 Oct 2024 02:30:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:/a:redhat:enterprise_linux:9

Wed, 16 Oct 2024 02:30:00 +0000

Type	Values Removed	Values Added
Metrics	threat_severity `Moderate`	threat_severity `Important`

Wed, 09 Oct 2024 17:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Wed, 09 Oct 2024 14:45:00 +0000

Type	Values Removed	Values Added
Description	No description is available for this CVE.	A vulnerability was found in Buildah. Cache mounts do not properly validate that user-specified paths for the cache are within our cache directory, allowing a `RUN` instruction in a Container file to mount an arbitrary directory from the host (read/write) into the container as long as those files can be accessed by the user running Buildah.
Title	buildah: Buildah allows arbitrary directory mount	Buildah: buildah allows arbitrary directory mount
First Time appeared		Redhat Redhat enterprise Linux Redhat ocp Tools Redhat openshift Redhat quay
CPEs		cpe:/a:redhat:ocp_tools cpe:/a:redhat:openshift:4 cpe:/a:redhat:quay:3 cpe:/o:redhat:enterprise_linux:7 cpe:/o:redhat:enterprise_linux:8 cpe:/o:redhat:enterprise_linux:9
Vendors & Products		Redhat Redhat enterprise Linux Redhat ocp Tools Redhat openshift Redhat quay
References		https://access.redhat.com/security/cve/CVE-2024-9675 https://bugzilla.redhat.com/show_bug.cgi?id=2317458

Wed, 09 Oct 2024 13:30:00 +0000

Type	Values Removed	Values Added
Description		No description is available for this CVE.
Title		buildah: Buildah allows arbitrary directory mount
Weaknesses		CWE-22
References		https://nvd.nist.gov/vuln/detail/CVE-2024-9675 https://www.cve.org/CVERecord?id=CVE-2024-9675
Metrics	threat_severity `None`	cvssV3_1 `{'score': 4.4, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N'}` threat_severity `Moderate`

MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2024-10-09T14:32:11.922Z

Updated: 2024-11-13T14:46:40.225Z

Reserved: 2024-10-09T02:47:50.357Z

Link: CVE-2024-9675

Vulnrichment

Updated: 2024-10-09T16:24:30.988Z

NVD

Status : Awaiting Analysis

Published: 2024-10-09T15:15:17.837

Modified: 2024-11-13T08:15:03.170

Link: CVE-2024-9675

Redhat

Severity : Important

Publid Date: 2024-10-09T00:00:00Z

Links: CVE-2024-9675 - Bugzilla

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object