A flaw was found in Buildah (and subsequently Podman Build) which allows containers to mount arbitrary locations on the host filesystem into build containers. A malicious Containerfile can use a dummy image with a symbolic link to the root filesystem as a mount source and cause the mount operation to mount the host root filesystem inside the RUN step. The commands inside the RUN step will then have read-write access to the host filesystem, allowing for full container escape at build time.
References
Link Providers
https://access.redhat.com/errata/RHSA-2024:2049 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:2055 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:2064 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:2066 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:2077 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:2084 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:2089 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:2090 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:2097 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:2098 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:2548 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:2645 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:2669 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:2672 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:2784 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:2877 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:3254 cve-icon cve-icon
https://access.redhat.com/security/cve/CVE-2024-1753 cve-icon cve-icon
https://bugzilla.redhat.com/show_bug.cgi?id=2265513 cve-icon cve-icon
https://github.com/containers/buildah/security/advisories/GHSA-pmf3-c36m-g5cf cve-icon cve-icon cve-icon
https://github.com/containers/podman/security/advisories/GHSA-874v-pj72-92f3 cve-icon cve-icon cve-icon
https://lists.fedoraproject.org/archives/list/[email protected]/message/FCRZVUDOFM5CPREQKBEU2VK2QK62PSBP/ cve-icon
https://lists.fedoraproject.org/archives/list/[email protected]/message/KOYMVMQ7RWMDTSKQTBO734BE3WQPI2AJ/ cve-icon
https://lists.fedoraproject.org/archives/list/[email protected]/message/ZVBSVZGVABPYIHK5HZM472NPGWMI7WXH/ cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2024-1753 cve-icon
https://pkg.go.dev/vuln/GO-2024-2658 cve-icon cve-icon cve-icon
https://www.cve.org/CVERecord?id=CVE-2024-1753 cve-icon
History

Tue, 26 Nov 2024 20:15:00 +0000

Type Values Removed Values Added
References

Sun, 24 Nov 2024 14:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-269

Fri, 22 Nov 2024 16:00:00 +0000

Type Values Removed Values Added
Weaknesses CWE-59

Fri, 22 Nov 2024 12:00:00 +0000


Wed, 06 Nov 2024 15:15:00 +0000


cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2024-03-18T14:23:44.213Z

Updated: 2024-11-26T19:55:15.725Z

Reserved: 2024-02-22T14:42:20.623Z

Link: CVE-2024-1753

cve-icon Vulnrichment

Updated: 2024-08-01T18:48:22.005Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-03-18T15:15:41.170

Modified: 2024-11-26T20:15:26.237

Link: CVE-2024-1753

cve-icon Redhat

Severity : Important

Publid Date: 2024-03-18T00:00:00Z

Links: CVE-2024-1753 - Bugzilla