MidnightBSD

Advisories for buildah_project

CVE-2019-10214 MEDIUM

The containers/image library used by the container tools Podman, Buildah, and Skopeo in Red Hat Enterprise Linux version 8 and CRI-O in OpenShift Container Platform, does not enforce TLS connections to the container registry authorization service. An attacker could use this vulnerability to launch a MiTM attack and steal login credentials or bearer tokens.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.9 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N 2.2 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-522,CWE-522,

Products Affected

Vendor Product Version
redhat enterprise_linux 8.0
buildah_project buildah -
opensuse leap 15.1
libpod_project libpod -
skopeo_project skopeo -
redhat openshift_container_platform 4.1
CVE-2020-10696 HIGH

A path traversal flaw was found in Buildah in versions before 1.14.5. This flaw allows an attacker to trick a user into building a malicious container image hosted on an HTTP(s) server and then write files to the user's system anywhere that the user has permissions.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9
secalert@redhat.com 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-22,CWE-22,

Products Affected

Vendor Product Version
redhat openshift_container_platform 3.11
redhat enterprise_linux 8.0
redhat enterprise_linux 7.0
buildah_project buildah *
CVE-2021-3602 LOW

An information disclosure flaw was found in Buildah, when building containers using chroot isolation. Running processes in container builds (e.g. Dockerfile RUN commands) can access environment variables from parent and grandparent processes. When run in a container in a CI/CD environment, environment variables may include sensitive information that was shared with the container in order to be used only by Buildah itself (e.g. container registry credentials).

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

CVSS 2.0

Severity: LOW

Problem Type: CWE-200,CWE-212,

Products Affected

Vendor Product Version
redhat enterprise_linux 8.0
redhat enterprise_linux_for_ibm_z_systems 8.0
buildah_project buildah *
redhat enterprise_linux_for_power_little_endian 8.0
CVE-2022-27651 MEDIUM

A flaw was found in buildah where containers were incorrectly started with non-empty default permissions. A bug was found in Moby (Docker Engine) where containers were incorrectly started with non-empty inheritable Linux process capabilities, enabling an attacker with access to programs with inheritable file capabilities to elevate those capabilities to the permitted set when execve(2) runs. This has the potential to impact confidentiality and integrity.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.8 MEDIUM CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N 1.6 5.2

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-276,CWE-276,

Products Affected

Vendor Product Version
fedoraproject fedora 35
redhat enterprise_linux 8.0
redhat enterprise_linux 7.0
buildah_project buildah *
fedoraproject fedora 34
fedoraproject fedora 36
CVE-2022-2990

An incorrect handling of the supplementary groups in the Buildah container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to execute a binary code in that container.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.1 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N 1.8 5.2

Products Affected

Vendor Product Version
redhat enterprise_linux 8.0
redhat openshift_container_platform 4.0
redhat enterprise_linux 7.0
buildah_project buildah *
redhat enterprise_linux 9.0
CVE-2024-9675

A vulnerability was found in Buildah. Cache mounts do not properly validate that user-specified paths for the cache are within our cache directory, allowing a `RUN` instruction in a Container file to mount an arbitrary directory from the host (read/write) into the container as long as those files can be accessed by the user running Buildah.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
secalert@redhat.com 4.4 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N 1.8 2.5

Products Affected

Vendor Product Version
redhat enterprise_linux_server_aus 9.4
redhat enterprise_linux_eus 8.8
redhat enterprise_linux_for_arm_64_eus 8.8_aarch64
redhat enterprise_linux_for_power_little_endian 8.0_ppc64le
redhat enterprise_linux_for_arm_64_eus 9.4_aarch64
redhat enterprise_linux_server_tus 8.6
redhat enterprise_linux_for_ibm_z_systems_eus 9.0_s390x
redhat enterprise_linux_server_aus 9.2
redhat enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions 8.6_ppc64le
redhat enterprise_linux_eus 9.2
redhat enterprise_linux_for_arm_64 8.0_aarch64
redhat enterprise_linux_server_tus 8.8
redhat enterprise_linux_for_power_little_endian_eus 8.8_ppc64le
redhat enterprise_linux_for_power_little_endian_eus 9.2_ppc64le
redhat openshift_container_platform 4.13
redhat enterprise_linux_for_ibm_z_systems_eus 9.4_s390x
redhat openshift_container_platform 4.14
redhat openshift_container_platform 4.15
redhat enterprise_linux 8.0
buildah_project buildah -
redhat enterprise_linux_server_aus 8.6
redhat enterprise_linux_for_power_little_endian 9.0_ppc64le
redhat enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions 8.8_ppc64le
redhat openshift_container_platform 4.16
redhat enterprise_linux_for_ibm_z_systems 9.0_s390x
redhat enterprise_linux_for_arm_64_eus 9.0_aarch64
redhat enterprise_linux_update_services_for_sap_solutions 8.6
redhat enterprise_linux_eus 9.4
redhat enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions 9.0_ppc64le
redhat enterprise_linux_for_arm_64_eus 9.2_aarch64
redhat enterprise_linux_for_power_little_endian_eus 9.0_ppc64le
redhat enterprise_linux_for_arm_64 9.0_aarch64
redhat enterprise_linux_update_services_for_sap_solutions 9.0
redhat enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions 9.4_ppc64le
redhat enterprise_linux_eus 9.0
redhat enterprise_linux_for_ibm_z_systems_eus 8.8_s390x
redhat enterprise_linux_update_services_for_sap_solutions 8.8
redhat enterprise_linux_update_services_for_sap_solutions 9.2
redhat openshift_container_platform 4.17
redhat enterprise_linux_for_ibm_z_systems 8.0_s390x
redhat enterprise_linux 9.0
redhat enterprise_linux_for_power_little_endian_eus 9.4_ppc64le
redhat enterprise_linux_update_services_for_sap_solutions 9.4
redhat enterprise_linux_for_ibm_z_systems_eus 9.2_s390x
redhat enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions 9.2_ppc64le