CVE-2024-23652

CRITICAL10.0EPSS 5.7%

BuildKit vulnerable to possible host system access from mount stub cleaner

發布日:2024/1/31修改日:2026/2/4

描述

### Impact A malicious BuildKit frontend or Dockerfile using `RUN --mount` could trick the feature that removes empty files created for the mountpoints into removing a file outside the container, from the host system. ### Patches The issue has been fixed in v0.12.5 ### Workarounds Avoid using BuildKit frontend from an untrusted source or building an untrusted Dockerfile containing `RUN --mount` feature. ### References

受影響套件(2)

Go/github.com/moby/buildkitfrom 0, < 0.12.5
Go/github.com/moby/buildkitfrom 0, < 0.12.5

CVSS 分數

來源	版本	嚴重程度	向量
osv	CVSS 3.1	CRITICAL10.0	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:H

參考連結(5)

ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2024-23652
PATCHhttps://github.com/moby/buildkit
WEBhttps://github.com/moby/buildkit/pull/4603
WEBhttps://github.com/moby/buildkit/releases/tag/v0.12.5
WEBhttps://github.com/moby/buildkit/security/advisories/GHSA-4v98-7qmw-rqr8