Closed
Description
Name: ~podman, ~containers-common
CVEs: CVE-2024-11218
CVSSs: 8.6
Action Needed: update to podman >= 5.3.2, containers-common: TBD
Summary: A vulnerability was found in podman build and buildah. This issue occurs in a container breakout by using --jobs=2 and a race condition when building a malicious Containerfile. SELinux might mitigate it, but even with SELinux on, it still allows the enumeration of files and directories on the host.
See also https://bugzilla.redhat.com/show_bug.cgi?id=2326231.
refmap.gentoo: TBD
Metadata
Metadata
Assignees
Type
Projects
Status
Implemented