CVE-2024-9675

Published: Oct 9, 2024Modified: Aug 25, 2025

4.4

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

Exploitability: 1.8 / Impact: 2.5

Source: NVD

Description

A vulnerability was found in Buildah. Cache mounts do not properly validate that user-specified paths for the cache are within our cache directory, allowing a `RUN` instruction in a Container file to mount an arbitrary directory from the host (read/write) into the container as long as those files can be accessed by the user running Buildah.

Affected (45)

1 product

13 products

Enterprise Linux For Arm 64

Enterprise Linux For Arm 64 Eus

Enterprise Linux For Ibm Z Systems

Enterprise Linux For Ibm Z Systems Eus

Enterprise Linux For Power Little Endian

Enterprise Linux For Power Little Endian Eus

Enterprise Linux Server Aus

Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions

Enterprise Linux Server Tus

Enterprise Linux Update Services For Sap Solutions

Openshift Container Platform

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Buildah Project Buildah	All versions

Configuration B

44 vulnerable

Vulnerable Software	Affected Versions
Redhat Enterprise Linux	Version 8.0
Redhat Enterprise Linux	Version 9.0
Redhat Enterprise Linux Eus	Version 8.8
Redhat Enterprise Linux Eus	Version 9.0
Redhat Enterprise Linux Eus	Version 9.2
Redhat Enterprise Linux Eus	Version 9.4
Redhat Enterprise Linux For Arm 64	Version 8.0_aarch64
Redhat Enterprise Linux For Arm 64	Version 9.0_aarch64
Redhat Enterprise Linux For Arm 64 Eus	Version 8.8_aarch64
Redhat Enterprise Linux For Arm 64 Eus	Version 9.0_aarch64
Redhat Enterprise Linux For Arm 64 Eus	Version 9.2_aarch64
Redhat Enterprise Linux For Arm 64 Eus	Version 9.4_aarch64
Redhat Enterprise Linux For Ibm Z Systems	Version 8.0_s390x
Redhat Enterprise Linux For Ibm Z Systems	Version 9.0_s390x
Redhat Enterprise Linux For Ibm Z Systems Eus	Version 8.8_s390x
Redhat Enterprise Linux For Ibm Z Systems Eus	Version 9.0_s390x
Redhat Enterprise Linux For Ibm Z Systems Eus	Version 9.2_s390x
Redhat Enterprise Linux For Ibm Z Systems Eus	Version 9.4_s390x
Redhat Enterprise Linux For Power Little Endian	Version 8.0_ppc64le
Redhat Enterprise Linux For Power Little Endian	Version 9.0_ppc64le
Redhat Enterprise Linux For Power Little Endian Eus	Version 8.8_ppc64le
Redhat Enterprise Linux For Power Little Endian Eus	Version 9.0_ppc64le
Redhat Enterprise Linux For Power Little Endian Eus	Version 9.2_ppc64le
Redhat Enterprise Linux For Power Little Endian Eus	Version 9.4_ppc64le
Redhat Enterprise Linux Server Aus	Version 8.6
Redhat Enterprise Linux Server Aus	Version 9.2
Redhat Enterprise Linux Server Aus	Version 9.4
Redhat Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions	Version 8.6_ppc64le
Redhat Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions	Version 8.8_ppc64le
Redhat Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions	Version 9.0_ppc64le
Redhat Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions	Version 9.2_ppc64le
Redhat Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions	Version 9.4_ppc64le
Redhat Enterprise Linux Server Tus	Version 8.6
Redhat Enterprise Linux Server Tus	Version 8.8
Redhat Enterprise Linux Update Services For Sap Solutions	Version 8.6
Redhat Enterprise Linux Update Services For Sap Solutions	Version 8.8
Redhat Enterprise Linux Update Services For Sap Solutions	Version 9.0
Redhat Enterprise Linux Update Services For Sap Solutions	Version 9.2
Redhat Enterprise Linux Update Services For Sap Solutions	Version 9.4
Redhat Openshift Container Platform	Version 4.13
Redhat Openshift Container Platform	Version 4.14
Redhat Openshift Container Platform	Version 4.15
Redhat Openshift Container Platform	Version 4.16
Redhat Openshift Container Platform	Version 4.17