- Description
- A vulnerability was found in `podman build` and `buildah.` This issue occurs in a container breakout by using --jobs=2 and a race condition when building a malicious Containerfile. SELinux might mitigate it, but even with SELinux on, it still allows the enumeration of files and directories on the host.
- Source
- secalert@redhat.com
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 8.6
- Impact score
- 6
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
- Severity
- HIGH
- secalert@redhat.com
- CWE-269
- Hype score
- Not currently trending
Threat Alert: Podman and Buildah Vulnerable to Container Breakout - CVE-2024-11218 CVE-2024-11218 Severity: 🔴 High Maturity: 💢 Emerging Learn more: https://t.co/aGYBhYcUmL #CyberSecurity #ThreatIntel #InfoSec
@fletch_ai
28 Jan 2025
8 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Podman and Buildah Vulnerable to Container Breakout – CVE-2024-11218 https://t.co/FNQM5fa1so
@Dinosn
27 Jan 2025
1934 Impressions
7 Retweets
9 Likes
4 Bookmarks
0 Replies
0 Quotes
CVE-2024-11218 (CVSS:8.6, HIGH) is Awaiting Analysis. A vulnerability was found in `podman build` and `buildah.` This issue occurs in a container breakout by using --jobs=2 a..https://t.co/301OX9KNVF #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre
@cracbot
27 Jan 2025
18 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Podman及びBuildahにコンテナブレイクアウトの脆弱性。CVE-2024-11218はCVSSスコア8.6で、競合状態に起因。悪性コンテナファイルを-jobs=2でビルドした際に発現し、RUN命令中の-mountからホストのコンテンツにアクセス可能。 https://t.co/xlBuT3Hca2
@__kokumoto
27 Jan 2025
1485 Impressions
4 Retweets
8 Likes
4 Bookmarks
0 Replies
1 Quote