CVE-2024-9675

A vulnerability was found in Buildah. Cache mounts do not properly validate that user-specified paths for the cache are within our cache directory, allowing a `RUN` instruction in a Container file to mount an arbitrary directory from the host (read/write) into the container as long as those files can be accessed by the user running Buildah.
Path Traversal
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
redhatCNA
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 21%
VendorProductVersion
buildah_projectbuildah
-
redhatopenshift_container_platform
4.13
redhatopenshift_container_platform
4.14
redhatopenshift_container_platform
4.15
redhatopenshift_container_platform
4.16
redhatopenshift_container_platform
4.17
redhatenterprise_linux
8.0
redhatenterprise_linux
9.0
redhatenterprise_linux_eus
8.8
redhatenterprise_linux_eus
9.0
redhatenterprise_linux_eus
9.2
redhatenterprise_linux_eus
9.4
redhatenterprise_linux_for_arm_64
8.0_aarch64:_aarch64
redhatenterprise_linux_for_arm_64
9.0_aarch64:_aarch64
redhatenterprise_linux_for_arm_64_eus
8.8_aarch64:_aarch64
redhatenterprise_linux_for_arm_64_eus
9.0_aarch64:_aarch64
redhatenterprise_linux_for_arm_64_eus
9.2_aarch64:_aarch64
redhatenterprise_linux_for_arm_64_eus
9.4_aarch64:_aarch64
redhatenterprise_linux_for_ibm_z_systems
8.0_s390x:_s390x
redhatenterprise_linux_for_ibm_z_systems
9.0_s390x:_s390x
redhatenterprise_linux_for_ibm_z_systems_eus
8.8_s390x:_s390x
redhatenterprise_linux_for_ibm_z_systems_eus
9.0_s390x:_s390x
redhatenterprise_linux_for_ibm_z_systems_eus
9.2_s390x:_s390x
redhatenterprise_linux_for_ibm_z_systems_eus
9.4_s390x:_s390x
redhatenterprise_linux_for_power_little_endian
8.0_ppc64le:_ppc64le
redhatenterprise_linux_for_power_little_endian
9.0_ppc64le:_ppc64le
redhatenterprise_linux_for_power_little_endian_eus
8.8_ppc64le:_ppc64le
redhatenterprise_linux_for_power_little_endian_eus
9.0_ppc64le:_ppc64le
redhatenterprise_linux_for_power_little_endian_eus
9.2_ppc64le:_ppc64le
redhatenterprise_linux_for_power_little_endian_eus
9.4_ppc64le:_ppc64le
redhatenterprise_linux_server_aus
8.6
redhatenterprise_linux_server_aus
9.2
redhatenterprise_linux_server_aus
9.4
redhatenterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions
8.6_ppc64le:_ppc64le
redhatenterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions
8.8_ppc64le:_ppc64le
redhatenterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions
9.0_ppc64le:_ppc64le
redhatenterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions
9.2_ppc64le:_ppc64le
redhatenterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions
9.4_ppc64le:_ppc64le
redhatenterprise_linux_server_tus
8.6
redhatenterprise_linux_server_tus
8.8
redhatenterprise_linux_update_services_for_sap_solutions
8.6
redhatenterprise_linux_update_services_for_sap_solutions
8.8
redhatenterprise_linux_update_services_for_sap_solutions
9.0
redhatenterprise_linux_update_services_for_sap_solutions
9.2
redhatenterprise_linux_update_services_for_sap_solutions
9.4
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
golang-github-containers-buildah
bullseye
postponed
bookworm
no-dsa
sid
1.39.3+ds1-1
fixed
trixie
1.39.3+ds1-1
fixed
Common Weakness Enumeration
References
https://access.redhat.com/errata/RHSA-2024:8563
https://access.redhat.com/errata/RHSA-2024:8675
https://access.redhat.com/errata/RHSA-2024:8679
https://access.redhat.com/errata/RHSA-2024:8686
https://access.redhat.com/errata/RHSA-2024:8690
https://access.redhat.com/errata/RHSA-2024:8700
https://access.redhat.com/errata/RHSA-2024:8703
https://access.redhat.com/errata/RHSA-2024:8707
https://access.redhat.com/errata/RHSA-2024:8708
https://access.redhat.com/errata/RHSA-2024:8709
https://access.redhat.com/errata/RHSA-2024:8846
https://access.redhat.com/errata/RHSA-2024:8984
https://access.redhat.com/errata/RHSA-2024:8994
https://access.redhat.com/errata/RHSA-2024:9051
https://access.redhat.com/errata/RHSA-2024:9454
https://access.redhat.com/errata/RHSA-2024:9459
https://access.redhat.com/errata/RHSA-2025:2445
https://access.redhat.com/errata/RHSA-2025:2449
https://access.redhat.com/errata/RHSA-2025:2454
https://access.redhat.com/errata/RHSA-2025:2701
https://access.redhat.com/errata/RHSA-2025:2710
https://access.redhat.com/errata/RHSA-2025:3301
https://access.redhat.com/errata/RHSA-2025:3573
https://access.redhat.com/security/cve/CVE-2024-9675
https://bugzilla.redhat.com/show_bug.cgi?id=2317458