ГлавнаяУязвимости → CVE-2024-9675
7.8высокая

CVE-2024-9675

→ есть в БДУ: BDU:2024-09320 (на русском)
Описание (на английском; русское — в БДУ выше)

A vulnerability was found in Buildah. Cache mounts do not properly validate that user-specified paths for the cache are within our cache directory, allowing a `RUN` instruction in a Container file to mount an arbitrary directory from the host (read/write) into the container as long as those files can be accessed by the user running Buildah.

Затрагиваемое ПО
Buildah project BuildahRedhat Openshift container platformRedhat Enterprise linuxRedhat Enterprise linux eusRedhat Enterprise linux for arm 64Redhat Enterprise linux for arm 64 eusRedhat Enterprise linux for ibm z systemsRedhat Enterprise linux for ibm z systems eusRedhat Enterprise linux for power little endianRedhat Enterprise linux for power little endian eusRedhat Enterprise linux server ausRedhat Enterprise linux server for power little endian update services for sap solutionsRedhat Enterprise linux server tusRedhat Enterprise linux update services for sap solutions
CVSS
Балл7.8 — высокая
ВекторCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Источники
https://access.redhat.com/errata/RHSA-2024:8563https://access.redhat.com/errata/RHSA-2024:8675https://access.redhat.com/errata/RHSA-2024:8679https://access.redhat.com/errata/RHSA-2024:8686https://access.redhat.com/errata/RHSA-2024:8690https://access.redhat.com/errata/RHSA-2024:8700https://access.redhat.com/errata/RHSA-2024:8703https://access.redhat.com/errata/RHSA-2024:8707