Buildah allows build breakout using malicious Containerfiles and concurrent builds

Description

Impact

With careful use of the --mount flag in RUN instructions in Containerfiles, and by using either multi-stage builds with use of concurrently-executing build stages (e.g., using the --jobs CLI flag) or multiple separate but concurrently-executing builds, a malicious Containerfile can be used to expose content from the build host to the command being run using the RUN instruction. This can be used to read or write contents using the privileges of the process which is performing the build. When that process is a root-owned podman system service which is provided for use by unprivileged users, this includes the ability to read and write contents which the client should not be allowed to read and write, including setuid executables in locations where they can be later accessed by unprivileged users.

Patches

Patches have been merged to the main branch, and will be added to upcoming releases on the release-1.38, release-1.37, release-1.35, and release-1.33 branches.

This addressed a number of Jira cards, but primarily https://issues.redhat.com/browse/RHEL-67616 and https://issues.redhat.com/browse/RHEL-67618, which were then vendored into Podman and backported into olde rbranches.

Workarounds

Mandatory access controls should limit the access of the process performing the build, on systems where they are enabled.

Basic information

Type
reviewed
Severity
high
Advisory on GitHub
Open advisory ↗
Repository advisory
Open repository advisory ↗
Source code
Browse source ↗
Published (advisory)
2025-01-21 21:22:49 UTC
Updated
2025-10-02 15:37:14 UTC
GitHub reviewed
2025-01-21 21:22:49 UTC
NVD published
2025-01-22

EPSS Score

Score Percentile
0.17% 37.81%

CVSS Scores

Base score Version Severity Vector
8.6 3.1
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H Click to expand
Attack vector (AV:L)
They already need access on the box, or another person has to do something wrong; it’s not a remote drive-by.
Attack complexity (AC:L)
Once they can reach the bug, pulling it off is straightforward—no weird race conditions or rare setup.
Privileges required (PR:N)
No account or special rights needed—anonymous or random user is enough.
User interaction (UI:R)
A real person has to do something—click, install, enable—otherwise it doesn’t land.
Scope (S:C)
Breaking this can reach past the original component and bite other resources—bigger blast radius.
Confidentiality (C:H)
Serious risk that confidential data gets exposed in a big way.
Integrity (I:H)
They could widely tamper with or forge data—trust in the data is badly hurt.
Availability (A:H)
Could take the service down hard or make it unusable for people who depend on it.

Identifiers

CWEs

CWE id Name
CWE-269 Improper Privilege Management

Credits

  • eriksjolund (reporter)

Affected packages (4)

Vulnerable version ranges and first patched releases as published by GitHub.

Ecosystem Package Vulnerable range First patched Vulnerable functions
go github.com/containers/buildah >= 1.38.0, < 1.38.1 1.38.1
go github.com/containers/buildah >= 1.37.0, < 1.37.6 1.37.6
go github.com/containers/buildah >= 1.35.0, < 1.35.5 1.35.5
go github.com/containers/buildah < 1.33.12 1.33.12

References

cvelogic Threat Intelligence