CVE-2024-11218

Опубликовано: 22 янв. 2025

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS3: 8.6

Описание

A vulnerability was found in podman build and buildah. This issue occurs in a container breakout by using --jobs=2 and a race condition when building a malicious Containerfile. SELinux might mitigate it, but even with SELinux on, it still allows the enumeration of files and directories on the host.

Релиз	Статус	Примечание
devel	needs-triage
esm-infra/focal	DNE
focal	DNE
jammy	DNE
noble	DNE
oracular	DNE
plucky	needs-triage
upstream	needs-triage

Показывать по

Ссылки на источники

EPSS

Процентиль: 4%

0.00022

Низкий

8.6 High

CVSS3

Связанные уязвимости

CVE-2024-11218

CVSS3: 8.6

redhat

5 месяцев назад

A vulnerability was found in `podman build` and `buildah.` This issue occurs in a container breakout by using --jobs=2 and a race condition when building a malicious Containerfile. SELinux might mitigate it, but even with SELinux on, it still allows the enumeration of files and directories on the host.

CVE-2024-11218

CVSS3: 8.6

nvd

5 месяцев назад

CVE-2024-11218

CVSS3: 8.6

debian

5 месяцев назад

A vulnerability was found in `podman build` and `buildah.` This issue ...

SUSE-SU-2025:0382-1

suse-cvrf

4 месяца назад

Security update for podman

SUSE-SU-2025:0301-1

suse-cvrf

5 месяцев назад

Security update for buildah

EPSS

Процентиль: 4%

0.00022

Низкий

8.6 High

CVSS3

CVE-2024-11218

Описание

Пакет podman

Ссылки на источники

Связанные уязвимости