CVE-2024-11218
Published: 22 January 2025
Description
A vulnerability was found in `podman build` and `buildah.` This issue occurs in a container breakout by using --jobs=2 and a race condition when building a malicious Containerfile. SELinux might mitigate it, but even with SELinux on, it still allows the enumeration of files and directories on the host.
Security Summary
CVE-2024-11218 is a vulnerability affecting the `podman build` and `buildah` commands. It enables a container breakout through a race condition triggered by specifying the --jobs=2 option when building a malicious Containerfile. SELinux may provide partial mitigation, but the flaw still permits enumeration of files and directories on the host even when SELinux is enabled. Published on 2025-01-22, the vulnerability carries a CVSS v3.1 base score of 8.6 (AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H) and maps to CWE-269.
A local attacker with no privileges can exploit this issue by tricking a user into executing `podman build` or `buildah` on a crafted Containerfile with the --jobs=2 flag, requiring user interaction. Successful exploitation leads to a container breakout with high-impact consequences across confidentiality, integrity, and availability, including the ability to enumerate host files and directories despite SELinux protections.
Red Hat has issued patches via multiple errata addressing this vulnerability, including RHSA-2025:0830, RHSA-2025:0878, RHSA-2025:0922, RHSA-2025:0923, and RHSA-2025:1186. Security practitioners should review and apply these updates to affected systems running vulnerable versions of podman or buildah.
Details
- CWE(s)