A vulnerability was found in Podman, Buildah, and CRI-O. A symlink traversal vulnerability in the containers/storage library can cause Podman, Buildah, and CRI-O to hang and result in a denial of service via OOM kill when running a malicious image using an automatically assigned user namespace (`--userns=auto` in Podman and Buildah). The containers/storage library will read /etc/passwd inside the container, but does not properly validate if that file is a symlink, which can be used to cause the library to read an arbitrary file on the host.
History

Wed, 27 Nov 2024 02:30:00 +0000

Type Values Removed Values Added
CPEs cpe:/a:redhat:enterprise_linux:8

Tue, 26 Nov 2024 08:45:00 +0000

Type Values Removed Values Added
CPEs cpe:/o:redhat:enterprise_linux:8 cpe:/a:redhat:enterprise_linux:8::appstream
References

Mon, 25 Nov 2024 20:45:00 +0000

Type Values Removed Values Added
First Time appeared Redhat enterprise Linux Eus
Redhat enterprise Linux For Arm 64
Redhat enterprise Linux For Arm 64 Eus
Redhat enterprise Linux For Ibm Z Systems
Redhat enterprise Linux For Ibm Z Systems Eus
Redhat enterprise Linux For Power Little Endian
Redhat enterprise Linux For Power Little Endian Eus
Redhat enterprise Linux Server Aus
Redhat enterprise Linux Server For Power Little Endian Update Services For Sap Solutions
Redhat openshift Container Platform
Redhat openshift Container Platform For Arm64
Redhat openshift Container Platform For Ibm Z
Redhat openshift Container Platform For Linuxone
Redhat openshift Container Platform For Power
CPEs cpe:2.3:a:redhat:openshift_container_platform:4.12:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform:4.13:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform:4.14:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform:4.15:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform:4.16:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform:4.17:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform_for_arm64:4.12:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform_for_arm64:4.13:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform_for_arm64:4.14:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform_for_arm64:4.15:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform_for_arm64:4.16:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform_for_ibm_z:4.12:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform_for_ibm_z:4.13:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform_for_ibm_z:4.14:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform_for_ibm_z:4.15:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform_for_ibm_z:4.16:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform_for_linuxone:4.12:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform_for_linuxone:4.13:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform_for_linuxone:4.14:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform_for_linuxone:4.15:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform_for_linuxone:4.16:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform_for_power:4.12:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform_for_power:4.13:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform_for_power:4.14:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform_for_power:4.15:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform_for_power:4.16:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:9.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64:9.0_aarch64:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:9.4_aarch64:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:9.0_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:9.4_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:9.0_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.4_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:9.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:9.4_ppc64le:*:*:*:*:*:*:*
Vendors & Products Redhat enterprise Linux Eus
Redhat enterprise Linux For Arm 64
Redhat enterprise Linux For Arm 64 Eus
Redhat enterprise Linux For Ibm Z Systems
Redhat enterprise Linux For Ibm Z Systems Eus
Redhat enterprise Linux For Power Little Endian
Redhat enterprise Linux For Power Little Endian Eus
Redhat enterprise Linux Server Aus
Redhat enterprise Linux Server For Power Little Endian Update Services For Sap Solutions
Redhat openshift Container Platform
Redhat openshift Container Platform For Arm64
Redhat openshift Container Platform For Ibm Z
Redhat openshift Container Platform For Linuxone
Redhat openshift Container Platform For Power

Sun, 24 Nov 2024 19:45:00 +0000

Type Values Removed Values Added
CPEs cpe:/a:redhat:rhel_eus:9.4::appstream
References

Fri, 22 Nov 2024 15:45:00 +0000

Type Values Removed Values Added
First Time appeared Redhat rhel Eus
CPEs cpe:/a:redhat:rhel_eus:9.4
Vendors & Products Redhat rhel Eus

Wed, 13 Nov 2024 08:00:00 +0000

Type Values Removed Values Added
References

Tue, 12 Nov 2024 17:45:00 +0000


Tue, 12 Nov 2024 02:15:00 +0000

Type Values Removed Values Added
CPEs cpe:/a:redhat:enterprise_linux:9

Mon, 11 Nov 2024 17:30:00 +0000

Type Values Removed Values Added
CPEs cpe:/a:redhat:enterprise_linux:9::appstream
cpe:/a:redhat:openshift:4.14::el9
References

Sat, 09 Nov 2024 02:30:00 +0000

Type Values Removed Values Added
CPEs cpe:/a:redhat:openshift:4.14::el8

Thu, 07 Nov 2024 08:00:00 +0000

Type Values Removed Values Added
CPEs cpe:/a:redhat:openshift:4.12::el8
cpe:/a:redhat:openshift:4.12::el9
cpe:/a:redhat:openshift_ironic:4.12::el9
References

Wed, 06 Nov 2024 20:00:00 +0000

Type Values Removed Values Added
CPEs cpe:/a:redhat:openshift:4.13::el8
cpe:/a:redhat:openshift:4.13::el9
References

Wed, 06 Nov 2024 10:15:00 +0000

Type Values Removed Values Added
References

Thu, 31 Oct 2024 05:15:00 +0000

Type Values Removed Values Added
CPEs cpe:/a:redhat:openshift:4.15::el8
cpe:/a:redhat:openshift:4.15::el9
References

Wed, 30 Oct 2024 08:45:00 +0000

Type Values Removed Values Added
First Time appeared Redhat openshift Ironic
CPEs cpe:/a:redhat:openshift:4.16::el8
cpe:/a:redhat:openshift:4.16::el9
cpe:/a:redhat:openshift:4.17::el9
cpe:/a:redhat:openshift_ironic:4.16::el9
Vendors & Products Redhat openshift Ironic
References

Wed, 30 Oct 2024 02:30:00 +0000

Type Values Removed Values Added
CPEs cpe:/a:redhat:openshift:4.17::el8

Wed, 16 Oct 2024 23:00:00 +0000

Type Values Removed Values Added
CPEs cpe:/o:redhat:enterprise_linux:7

Wed, 16 Oct 2024 01:15:00 +0000

Type Values Removed Values Added
References
Metrics threat_severity

None

threat_severity

Moderate


Tue, 15 Oct 2024 21:15:00 +0000

Type Values Removed Values Added
References

Tue, 15 Oct 2024 16:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Tue, 15 Oct 2024 15:45:00 +0000

Type Values Removed Values Added
Description A vulnerability was found in Podman, Buildah, and CRI-O. A symlink traversal vulnerability in the containers/storage library can cause Podman, Buildah, and CRI-O to hang and result in a denial of service via OOM kill when running a malicious image using an automatically assigned user namespace (`--userns=auto` in Podman and Buildah). The containers/storage library will read /etc/passwd inside the container, but does not properly validate if that file is a symlink, which can be used to cause the library to read an arbitrary file on the host.
Title Podman: buildah: cri-o: symlink traversal vulnerability in the containers/storage library can cause denial of service (dos)
First Time appeared Redhat
Redhat enterprise Linux
Redhat ocp Tools
Redhat openshift
Redhat quay
Weaknesses CWE-22
CPEs cpe:/a:redhat:ocp_tools
cpe:/a:redhat:openshift:4
cpe:/a:redhat:quay:3
cpe:/o:redhat:enterprise_linux:7
cpe:/o:redhat:enterprise_linux:8
cpe:/o:redhat:enterprise_linux:9
Vendors & Products Redhat
Redhat enterprise Linux
Redhat ocp Tools
Redhat openshift
Redhat quay
References
Metrics cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}


cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2024-10-15T15:27:33.665Z

Updated: 2024-12-17T20:32:00.506Z

Reserved: 2024-10-09T03:02:48.802Z

Link: CVE-2024-9676

cve-icon Vulnrichment

Updated: 2024-10-15T15:46:12.616Z

cve-icon NVD

Status : Modified

Published: 2024-10-15T16:15:06.933

Modified: 2024-11-26T09:15:06.820

Link: CVE-2024-9676

cve-icon Redhat

Severity : Moderate

Publid Date: 2024-10-15T15:00:00Z

Links: CVE-2024-9676 - Bugzilla