CVE-2024-9341

EUVD-2024-3079

01.10.2024, 19:15

A flaw was found in Go. When FIPS mode is enabled on a system, container runtimes may incorrectly handle certain file paths due to improper validation in the containers/common Go library. This flaw allows an attacker to exploit symbolic links and trick the system into mounting sensitive host directories inside a container. This issue also allows attackers to access critical host files, bypassing the intended isolation between containers and the host system.

Link Following

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	5.4 MEDIUM	NETWORK	HIGH	LOW	CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:N
redhat	CNA	5.4 MEDIUM	NETWORK	HIGH	LOW	CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:N

Base Score

CVSS 3.x

EPSS Score

Percentile: 75%

Affected Products (NVD)

Vendor	Product	Version
containers	common	*
redhat	openshift_container_platform	4.12
redhat	openshift_container_platform	4.13
redhat	openshift_container_platform	4.14
redhat	openshift_container_platform	4.15
redhat	openshift_container_platform	4.16
redhat	openshift_container_platform	4.17
redhat	enterprise_linux	8.0
redhat	enterprise_linux	9.0

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

golang-github-containers-common

bookworm	no-dsa
bullseye	postponed
forky	0.66.0+ds2-3 fixed
sid	0.66.0+ds2-3 fixed
trixie	0.62.2+ds1-2 fixed

Ubuntu Releases

Ubuntu Product

Codename

golang-github-containers-common

focal	dne
jammy	needs-triage
noble	needs-triage
oracular	ignored
plucky	needs-triage
questing	needs-triage

Common Weakness Enumeration

CWE-59 - Improper Link Resolution Before File Access ('Link Following')
The software attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.

References

https://access.redhat.com/errata/RHSA-2024:10147

https://access.redhat.com/errata/RHSA-2024:10818

https://access.redhat.com/errata/RHSA-2024:7925

https://access.redhat.com/errata/RHSA-2024:8039

https://access.redhat.com/errata/RHSA-2024:8112

https://access.redhat.com/errata/RHSA-2024:8238

https://access.redhat.com/errata/RHSA-2024:8263

https://access.redhat.com/errata/RHSA-2024:8428

https://access.redhat.com/errata/RHSA-2024:8690

https://access.redhat.com/errata/RHSA-2024:8694

https://access.redhat.com/errata/RHSA-2024:8846

https://access.redhat.com/errata/RHSA-2024:9454

https://access.redhat.com/errata/RHSA-2024:9459

https://access.redhat.com/security/cve/CVE-2024-9341

https://bugzilla.redhat.com/show_bug.cgi?id=2315691

https://github.com/containers/common/blob/384f77532f67afc8a73d8e0c4adb0d195df57714/pkg/subscriptions/subscriptions.go#L169

https://github.com/containers/common/blob/384f77532f67afc8a73d8e0c4adb0d195df57714/pkg/subscriptions/subscriptions.go#L349