Vulnerabilities > CVE-2024-9675

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

buildah-project

redhat

NVD

Published: 2024-10-09

Updated: 2025-04-10

Summary

A vulnerability was found in Buildah. Cache mounts do not properly validate that user-specified paths for the cache are within our cache directory, allowing a `RUN` instruction in a Container file to mount an arbitrary directory from the host (read/write) into the container as long as those files can be accessed by the user running Buildah.

Vulnerable Configurations

Part	Description	Count
Application	Buildah_Project Buildah Project Buildah -	1
Application	Redhat Redhat Openshift Container Platform 4.13 Redhat Openshift Container Platform 4.14 Redhat Openshift Container Platform 4.16 Redhat Openshift Container Platform 4.17 Redhat Openshift Container Platform 4.15	5
OS	Redhat Redhat Enterprise Linux 8.0 Redhat Enterprise Linux 9.0 Redhat Enterprise Linux Server AUS 8.6 Redhat Enterprise Linux Server AUS 9.2 Redhat Enterprise Linux Server AUS 9.4 Redhat Enterprise Linux Server TUS 8.6 Redhat Enterprise Linux Server TUS 8.8 Redhat Enterprise Linux EUS 9.0 Redhat Enterprise Linux EUS 8.8 Redhat Enterprise Linux EUS 9.2 Redhat Enterprise Linux EUS 9.4 Redhat Enterprise Linux FOR Power Little Endian EUS 9.2_Ppc64Le Redhat Enterprise Linux FOR Power Little Endian EUS 8.8_Ppc64Le Redhat Enterprise Linux FOR Power Little Endian EUS 9.0_Ppc64Le Redhat Enterprise Linux FOR Power Little Endian EUS 9.4_Ppc64Le Redhat Enterprise Linux FOR IBM Z Systems EUS 8.8_S390X Redhat Enterprise Linux FOR IBM Z Systems EUS 9.0_S390X Redhat Enterprise Linux FOR IBM Z Systems EUS 9.2_S390X Redhat Enterprise Linux FOR IBM Z Systems EUS 9.4_S390X Redhat Enterprise Linux FOR ARM 64 EUS 9.2_Aarch64 Redhat Enterprise Linux FOR ARM 64 EUS 8.8_Aarch64 Redhat Enterprise Linux FOR ARM 64 EUS 9.4_Aarch64 Redhat Enterprise Linux FOR ARM 64 EUS 9.0_Aarch64 Redhat Enterprise Linux Server FOR Power Little Endian Update Services FOR SAP Solutions 9.2_Ppc64Le Redhat Enterprise Linux Server FOR Power Little Endian Update Services FOR SAP Solutions 8.6_Ppc64Le Redhat Enterprise Linux Server FOR Power Little Endian Update Services FOR SAP Solutions 8.8_Ppc64Le Redhat Enterprise Linux Server FOR Power Little Endian Update Services FOR SAP Solutions 9.4_Ppc64Le Redhat Enterprise Linux Server FOR Power Little Endian Update Services FOR SAP Solutions 9.0_Ppc64Le Redhat Enterprise Linux FOR Power Little Endian 8.0_Ppc64Le Redhat Enterprise Linux FOR Power Little Endian 9.0_Ppc64Le Redhat Enterprise Linux FOR ARM 64 9.0_Aarch64 Redhat Enterprise Linux FOR ARM 64 8.0_Aarch64 Redhat Enterprise Linux FOR IBM Z Systems 8.0_S390X Redhat Enterprise Linux FOR IBM Z Systems 9.0_S390X Redhat Enterprise Linux Update Services FOR SAP Solutions 8.6 Redhat Enterprise Linux Update Services FOR SAP Solutions 8.8 Redhat Enterprise Linux Update Services FOR SAP Solutions 9.0 Redhat Enterprise Linux Update Services FOR SAP Solutions 9.2 Redhat Enterprise Linux Update Services FOR SAP Solutions 9.4	39

Vulnerabilities > CVE-2024-9675 {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"CVE-2024-9675"}]}

Summary

Vulnerable Configurations

References

Vulnerabilities > CVE-2024-9675