CVE-2024-9676

A vulnerability was found in Podman, Buildah, and CRI-O. A symlink traversal vulnerability in the containers/storage library can cause Podman, Buildah, and CRI-O to hang and result in a denial of service via OOM kill when running a malicious image using an automatically assigned user namespace (`--userns=auto` in Podman and Buildah). The containers/storage library will read /etc/passwd inside the container, but does not properly validate if that file is a symlink, which can be used to cause the library to read an arbitrary file on the host.

CVSS v3 6.5 MEDIUM

6.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://access.redhat.com/errata/RHSA-2024:10289
https://access.redhat.com/errata/RHSA-2024:8418	Vendor Advisory
https://access.redhat.com/errata/RHSA-2024:8428	Vendor Advisory
https://access.redhat.com/errata/RHSA-2024:8437	Vendor Advisory
https://access.redhat.com/errata/RHSA-2024:8686	Vendor Advisory
https://access.redhat.com/errata/RHSA-2024:8690	Vendor Advisory
https://access.redhat.com/errata/RHSA-2024:8694	Vendor Advisory
https://access.redhat.com/errata/RHSA-2024:8700	Vendor Advisory
https://access.redhat.com/errata/RHSA-2024:8984	Vendor Advisory
https://access.redhat.com/errata/RHSA-2024:9051	Vendor Advisory
https://access.redhat.com/errata/RHSA-2024:9454	Vendor Advisory
https://access.redhat.com/errata/RHSA-2024:9459	Vendor Advisory
https://access.redhat.com/errata/RHSA-2024:9926	Vendor Advisory
https://access.redhat.com/errata/RHSA-2025:0876
https://access.redhat.com/errata/RHSA-2025:2454
https://access.redhat.com/errata/RHSA-2025:2710
https://access.redhat.com/errata/RHSA-2025:3301
https://access.redhat.com/security/cve/CVE-2024-9676	Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2317467	Issue Tracking
https://github.com/advisories/GHSA-wq2p-5pc6-wpgf	Third Party Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:redhat:openshift_container_platform:4.12:::::::*
	cpe:2.3:a:redhat:openshift_container_platform:4.13:::::::*
	cpe:2.3:a:redhat:openshift_container_platform:4.14:::::::*
	cpe:2.3:a:redhat:openshift_container_platform:4.15:::::::*
	cpe:2.3:a:redhat:openshift_container_platform:4.16:::::::*
	cpe:2.3:a:redhat:openshift_container_platform:4.17:::::::*
	cpe:2.3:a:redhat:openshift_container_platform_for_arm64:4.12:::::::*
	cpe:2.3:a:redhat:openshift_container_platform_for_arm64:4.13:::::::*
	cpe:2.3:a:redhat:openshift_container_platform_for_arm64:4.14:::::::*
	cpe:2.3:a:redhat:openshift_container_platform_for_arm64:4.15:::::::*
	cpe:2.3:a:redhat:openshift_container_platform_for_arm64:4.16:::::::*
	cpe:2.3:a:redhat:openshift_container_platform_for_ibm_z:4.12:::::::*
	cpe:2.3:a:redhat:openshift_container_platform_for_ibm_z:4.13:::::::*
	cpe:2.3:a:redhat:openshift_container_platform_for_ibm_z:4.14:::::::*
	cpe:2.3:a:redhat:openshift_container_platform_for_ibm_z:4.15:::::::*
	cpe:2.3:a:redhat:openshift_container_platform_for_ibm_z:4.16:::::::*
	cpe:2.3:a:redhat:openshift_container_platform_for_linuxone:4.12:::::::*
	cpe:2.3:a:redhat:openshift_container_platform_for_linuxone:4.13:::::::*
	cpe:2.3:a:redhat:openshift_container_platform_for_linuxone:4.14:::::::*
	cpe:2.3:a:redhat:openshift_container_platform_for_linuxone:4.15:::::::*
	cpe:2.3:a:redhat:openshift_container_platform_for_linuxone:4.16:::::::*
	cpe:2.3:a:redhat:openshift_container_platform_for_power:4.12:::::::*
	cpe:2.3:a:redhat:openshift_container_platform_for_power:4.13:::::::*
	cpe:2.3:a:redhat:openshift_container_platform_for_power:4.14:::::::*
	cpe:2.3:a:redhat:openshift_container_platform_for_power:4.15:::::::*
	cpe:2.3:a:redhat:openshift_container_platform_for_power:4.16:::::::*
	cpe:2.3:o:redhat:enterprise_linux:9.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_eus:9.4:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_arm_64:9.0_aarch64:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:9.4_aarch64:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:9.0_s390x:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:9.4_s390x:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:9.0_ppc64le:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.4_ppc64le:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_aus:9.4:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:9.4_ppc64le:::::::*

History

03 Apr 2025, 02:15

Type	Values Removed	Values Added
References		() https://access.redhat.com/errata/RHSA-2025:3301 -

20 Mar 2025, 00:15

Type	Values Removed	Values Added
References		() https://access.redhat.com/errata/RHSA-2025:2710 -

13 Mar 2025, 22:15

Type	Values Removed	Values Added
References		() https://access.redhat.com/errata/RHSA-2025:2454 -

07 Feb 2025, 05:15

Type	Values Removed	Values Added
References		() https://access.redhat.com/errata/RHSA-2025:0876 -

Information

Published : 2024-10-15 16:15

Updated : 2025-04-03 02:15

NVD link : CVE-2024-9676

Mitre link : CVE-2024-9676

CVE.ORG link : CVE-2024-9676

JSON object : View

Products Affected

redhat

openshift_container_platform_for_linuxone
openshift_container_platform_for_arm64
enterprise_linux_server_aus
enterprise_linux_for_arm_64
openshift_container_platform_for_ibm_z
enterprise_linux_for_arm_64_eus
enterprise_linux_for_power_little_endian
enterprise_linux_eus
enterprise_linux
enterprise_linux_for_power_little_endian_eus
enterprise_linux_for_ibm_z_systems
openshift_container_platform_for_power
enterprise_linux_for_ibm_z_systems_eus
openshift_container_platform
enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions

CWE

CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

6.5 /10