podman-4.9.4-16.el9_4
エラータID: AXSA:2024-8979:10
リリース日:
2024/11/12 Tuesday - 10:39
題名:
podman-4.9.4-16.el9_4
影響のあるチャネル:
MIRACLE LINUX 9 for x86_64
Severity:
High
Description:
以下項目について対処しました。
[Security Fix]
- podman および buildah の Dockerfile の RUN --mount
コマンドの bind-propagation オプションには、入力値の
チェック処理の不備に起因して任意のパラメーターを引き
渡せてしまうの問題があるため、ローカルの攻撃者により、
細工された Dockerfile の実行を介して、SELinux の保護
を迂回し、不正なディレクトリのマウントや、ディレクトリ
内のファイルの改ざんを可能とする脆弱性が存在します。
(CVE-2024-9407)
- Buildah のキャッシュマウント機能には、指定したパス
がキャッシュディレクトリ内にあるかどうかを適切に検証
しない問題があるため、ローカルの攻撃者により、
Dockerfile の RUN 命令を用いてホスト上の任意の
ディレクトリのマウントを可能とする脆弱性が存在します。
(CVE-2024-9675)
- Podman、Buildah、および CRI-O が利用している Go
の containers/storage ライブラリには、シンボリック
リンクトラバーサル攻撃を許容してしまう問題があるため、
リモートの攻撃者により、自動的に割り当てられるユーザー
名前空間を持つように細工されたコンテナイメージの実行
を介して、任意のファイルの読み取り、およびサービス
拒否攻撃 (メモリ枯渇) を可能とする脆弱性が存在します。
(CVE-2024-9676)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2024-9407
A vulnerability exists in the bind-propagation option of the Dockerfile RUN --mount instruction. The system does not properly validate the input passed to this option, allowing users to pass arbitrary parameters to the mount instruction. This issue can be exploited to mount sensitive directories from the host into a container during the build process and, in some cases, modify the contents of those mounted files. Even if SELinux is used, this vulnerability can bypass its protection by allowing the source directory to be relabeled to give the container access to host files.
A vulnerability exists in the bind-propagation option of the Dockerfile RUN --mount instruction. The system does not properly validate the input passed to this option, allowing users to pass arbitrary parameters to the mount instruction. This issue can be exploited to mount sensitive directories from the host into a container during the build process and, in some cases, modify the contents of those mounted files. Even if SELinux is used, this vulnerability can bypass its protection by allowing the source directory to be relabeled to give the container access to host files.
CVE-2024-9675
A vulnerability was found in Buildah. Cache mounts do not properly validate that user-specified paths for the cache are within our cache directory, allowing a `RUN` instruction in a Container file to mount an arbitrary directory from the host (read/write) into the container as long as those files can be accessed by the user running Buildah.
A vulnerability was found in Buildah. Cache mounts do not properly validate that user-specified paths for the cache are within our cache directory, allowing a `RUN` instruction in a Container file to mount an arbitrary directory from the host (read/write) into the container as long as those files can be accessed by the user running Buildah.
CVE-2024-9676
A vulnerability was found in Podman, Buildah, and CRI-O. A symlink traversal vulnerability in the containers/storage library can cause Podman, Buildah, and CRI-O to hang and result in a denial of service via OOM kill when running a malicious image using an automatically assigned user namespace (`--userns=auto` in Podman and Buildah). The containers/storage library will read /etc/passwd inside the container, but does not properly validate if that file is a symlink, which can be used to cause the library to read an arbitrary file on the host.
A vulnerability was found in Podman, Buildah, and CRI-O. A symlink traversal vulnerability in the containers/storage library can cause Podman, Buildah, and CRI-O to hang and result in a denial of service via OOM kill when running a malicious image using an automatically assigned user namespace (`--userns=auto` in Podman and Buildah). The containers/storage library will read /etc/passwd inside the container, but does not properly validate if that file is a symlink, which can be used to cause the library to read an arbitrary file on the host.
追加情報:
N/A
ダウンロード:
SRPMS
- podman-4.9.4-16.el9_4.src.rpm
MD5: 311ee6790485c1e5e1913f46592c16f5
SHA-256: 2520893d5db3577ca3be8fb483a58cbaa2f2d9fea4a6458bf61a253a89ac35f1
Size: 22.76 MB
Asianux Server 9 for x86_64
- podman-4.9.4-16.el9_4.x86_64.rpm
MD5: 57f89903c0ab3f649b456e9f9831d298
SHA-256: 2d1574b4a30b665308875c090159e0cacb62865ce5f15944f61074acf5c6be33
Size: 15.56 MB - podman-docker-4.9.4-16.el9_4.noarch.rpm
MD5: e13a05eaec173f083147296b7321e672
SHA-256: 6a6b10781c563b46fb806c5e4daf9156aebd6e3c605d3a915995bfec8571a7e8
Size: 106.39 kB - podman-plugins-4.9.4-16.el9_4.x86_64.rpm
MD5: 548db912bbaafafe1be543153c5b6d78
SHA-256: 6fc014623329d409ece22c808183f5fbe021e3b488510da97f6357819126ff0d
Size: 1.28 MB - podman-remote-4.9.4-16.el9_4.x86_64.rpm
MD5: cf22de916a23df629d2bd88a883a6dbe
SHA-256: d21d589231577bcc288b90d2afaeca97fde1f9baa56aef2a7259198e3c978c44
Size: 10.25 MB - podman-tests-4.9.4-16.el9_4.x86_64.rpm
MD5: 9534c1cbab03a6fd0306874d06c749ed
SHA-256: e7e54d4ec26725e2a97efb8a1ba90ab5a36b73dbff296f4acb19cb08317887f0
Size: 211.12 kB
English