Описание
Security update for buildah
This update for buildah fixes the following issues:
- CVE-2024-9675: Fixed arbitrary cache directory mount (bsc#1231499)
Список пакетов
SUSE Linux Enterprise Module for Containers 15 SP5
buildah-1.35.4-150500.3.16.1
SUSE Linux Enterprise Module for Containers 15 SP6
buildah-1.35.4-150500.3.16.1
openSUSE Leap 15.5
buildah-1.35.4-150500.3.16.1
openSUSE Leap 15.6
buildah-1.35.4-150500.3.16.1
Ссылки
- Link for SUSE-SU-2024:3728-1
- E-Mail link for SUSE-SU-2024:3728-1
- SUSE Security Ratings
- SUSE Bug 1231499
- SUSE CVE CVE-2024-9675 page
Описание
A vulnerability was found in Buildah. Cache mounts do not properly validate that user-specified paths for the cache are within our cache directory, allowing a `RUN` instruction in a Container file to mount an arbitrary directory from the host (read/write) into the container as long as those files can be accessed by the user running Buildah.
Затронутые продукты
SUSE Linux Enterprise Module for Containers 15 SP5:buildah-1.35.4-150500.3.16.1
SUSE Linux Enterprise Module for Containers 15 SP6:buildah-1.35.4-150500.3.16.1
openSUSE Leap 15.5:buildah-1.35.4-150500.3.16.1
openSUSE Leap 15.6:buildah-1.35.4-150500.3.16.1
Ссылки
- CVE-2024-9675
- SUSE Bug 1231499