CVE-2024-1753

Aliases:GHSA-874v-pj72-92f3GHSA-pmf3-c36m-g5cfGO-2024-2658
Advisory lineage Upstream: 0 Downstream: 36
Deferred
Published: 18 Mar 2024, 14:23
Last modified:04 Mar 2026, 04:16

Vulnerability Summary

Overall Risk (default)
medium
34/100
CVSS Score
8.6 HIGH
v3.1 (cve.org)
EPSS Score
0.08% LOW
0% probability +0.01%
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

18 Mar 2024, 14:23
Published
Vulnerability first disclosed
04 Mar 2026, 04:16
Last Modified
Vulnerability information updated

Description

A flaw was found in Buildah (and subsequently Podman Build) which allows containers to mount arbitrary locations on the host filesystem into build containers. A malicious Containerfile can use a dummy image with a symbolic link to the root filesystem as a mount source and cause the mount operation to mount the host root filesystem inside the RUN step. The commands inside the RUN step will then have read-write access to the host filesystem, allowing for full container escape at build time.

CVSS Metrics

  • v4.0MEDIUMScore: 6.3CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H
  • v3.1HIGHScore: 8.6CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

EPSS Trends

Current EPSS score: 0.08% Percentile: 23%

Techniques & Countermeasures

  • CWE-59Improper Link Resolution Before File Access ('Link Following')

    The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.

Affected Systems

  • github.com/containersbuildah

    ≥ 1.35.0, < 1.35.1 | ≥ 1.34.0, < 1.34.3 | ≥ 1.33.0, < 1.33.7 | ≥ 1.25.0, < 1.27.4 | ≥ 1.24.0, < 1.24.7 | ≥ 1.28.0, < 1.29.3 | ≥ 1.30.0, < 1.31.5 | ≥ 1.32.0, < 1.32.3 | < 1.35.1

  • github.com/containers/podmanv4

    < 4.9.4

  • github.com/containers/podmanv5

    < 5.0.1

References (34)