{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-9676", "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "state": "PUBLISHED", "assignerShortName": "redhat", "dateReserved": "2024-10-09T03:02:48.802Z", "datePublished": "2024-10-15T15:27:33.665Z", "dateUpdated": "2025-09-25T07:53:20.692Z"}, "containers": {"cna": {"title": "Podman: buildah: cri-o: symlink traversal vulnerability in the containers/storage library can cause denial of service (dos)", "metrics": [{"other": {"content": {"value": "Moderate", "namespace": "https://access.redhat.com/security/updates/classification/"}, "type": "Red Hat severity rating"}}, {"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "format": "CVSS"}], "descriptions": [{"lang": "en", "value": "A vulnerability was found in Podman, Buildah, and CRI-O. A symlink traversal vulnerability in the containers/storage library can cause Podman, Buildah, and CRI-O to hang and result in a denial of service via OOM kill when running a malicious image using an automatically assigned user namespace (`--userns=auto` in Podman and Buildah). The containers/storage library will read /etc/passwd inside the container, but does not properly validate if that file is a symlink, which can be used to cause the library to read an arbitrary file on the host."}], "affected": [{"versions": [{"status": "affected", "version": "0", "lessThan": "1.55.1", "versionType": "semver"}], "packageName": "containers/storage", "collectionURL": "https://github.com/containers/storage/", "defaultStatus": "unaffected"}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "container-tools:rhel8", "defaultStatus": "affected", "versions": [{"version": "8100020241101101019.afee755d", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:enterprise_linux:8::appstream"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "podman", "defaultStatus": "affected", "versions": [{"version": "4:4.9.4-16.el9_4", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:enterprise_linux:9::appstream"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "podman", "defaultStatus": "affected", "versions": [{"version": "4:5.2.2-9.el9_5", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:enterprise_linux:9::appstream"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "buildah", "defaultStatus": "affected", "versions": [{"version": "2:1.37.5-1.el9_5", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:enterprise_linux:9::appstream"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9.4 Extended Update Support", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "buildah", "defaultStatus": "affected", "versions": [{"version": "2:1.33.11-1.el9_4", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:rhel_eus:9.4::appstream"]}, {"vendor": "Red Hat", "product": "Red Hat OpenShift Container Platform 4.12", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "cri-o", "defaultStatus": "affected", "versions": [{"version": "0:1.25.5-30.rhaos4.12.git53dc492.el8", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:openshift:4.12::el9", "cpe:/a:redhat:openshift_ironic:4.12::el9", "cpe:/a:redhat:openshift:4.12::el8"]}, {"vendor": "Red Hat", "product": "Red Hat OpenShift Container Platform 4.13", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "cri-o", "defaultStatus": "affected", "versions": [{"version": "0:1.26.5-26.rhaos4.13.giteb3d487.el8", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:openshift:4.13::el8", "cpe:/a:redhat:openshift:4.13::el9"]}, {"vendor": "Red Hat", "product": "Red Hat OpenShift Container Platform 4.14", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "cri-o", "defaultStatus": "affected", "versions": [{"version": "0:1.27.8-12.rhaos4.14.git7597c43.el8", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:openshift:4.14::el8", "cpe:/a:redhat:openshift:4.14::el9"]}, {"vendor": "Red Hat", "product": "Red Hat OpenShift Container Platform 4.14", "collectionURL": "https://catalog.redhat.com/software/containers/", "packageName": "openshift4/ose-docker-builder", "defaultStatus": "affected", "versions": [{"version": "v4.14.0-202503060906.p0.gb03f3f5.assembly.stream.el8", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:openshift:4.14::el8", "cpe:/a:redhat:openshift:4.14::el9"]}, {"vendor": "Red Hat", "product": "Red Hat OpenShift Container Platform 4.15", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "cri-o", "defaultStatus": "affected", "versions": [{"version": "0:1.28.11-5.rhaos4.15.git35a2431.el9", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:openshift:4.15::el8", "cpe:/a:redhat:openshift:4.15::el9"]}, {"vendor": "Red Hat", "product": "Red Hat OpenShift Container Platform 4.15", "collectionURL": "https://catalog.redhat.com/software/containers/", "packageName": "openshift4/ose-docker-builder", "defaultStatus": "affected", "versions": [{"version": "v4.15.0-202503060734.p0.gbc0b789.assembly.stream.el8", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:openshift:4.15::el8", "cpe:/a:redhat:openshift:4.15::el9"]}, {"vendor": "Red Hat", "product": "Red Hat OpenShift Container Platform 4.16", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "cri-o", "defaultStatus": "affected", "versions": [{"version": "0:1.29.9-6.rhaos4.16.gite7bd45a.el8", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:openshift:4.16::el9", "cpe:/a:redhat:openshift_ironic:4.16::el9", "cpe:/a:redhat:openshift:4.16::el8"]}, {"vendor": "Red Hat", "product": "Red Hat OpenShift Container Platform 4.16", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "podman", "defaultStatus": "affected", "versions": [{"version": "4:4.9.4-12.rhaos4.16.el8", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:openshift:4.16::el9", "cpe:/a:redhat:openshift:4.16::el8"]}, {"vendor": "Red Hat", "product": "Red Hat OpenShift Container Platform 4.16", "collectionURL": "https://catalog.redhat.com/software/containers/", "packageName": "openshift4/ose-docker-builder-rhel9", "defaultStatus": "affected", "versions": [{"version": "v4.16.0-202503121138.p0.g31c3c26.assembly.stream.el9", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:openshift:4.16::el9"]}, {"vendor": "Red Hat", "product": "Red Hat OpenShift Container Platform 4.17", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "cri-o", "defaultStatus": "affected", "versions": [{"version": "0:1.30.6-6.rhaos4.17.git6ac6e96.el9", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:openshift:4.17::el8", "cpe:/a:redhat:openshift:4.17::el9"]}, {"vendor": "Red Hat", "product": "Red Hat OpenShift Container Platform 4.17", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "podman", "defaultStatus": "affected", "versions": [{"version": "5:5.2.2-1.rhaos4.17.el9", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:openshift:4.17::el8", "cpe:/a:redhat:openshift:4.17::el9"]}, {"vendor": "Red Hat", "product": "Red Hat OpenShift Container Platform 4.17", "collectionURL": "https://catalog.redhat.com/software/containers/", "packageName": "openshift4/ose-docker-builder-rhel9", "defaultStatus": "affected", "versions": [{"version": "v4.17.0-202501281204.p0.ga753153.assembly.stream.el9", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:openshift:4.17::el9"]}, {"vendor": "Red Hat", "product": "OpenShift Developer Tools and Services", "collectionURL": "https://catalog.redhat.com/software/containers/", "packageName": "jenkins-agent-base-rhel9-container", "defaultStatus": "affected", "cpes": ["cpe:/a:redhat:ocp_tools"]}, {"vendor": "Red Hat", "product": "OpenShift Developer Tools and Services", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "ocp-tools-4/jenkins-agent-base-rhel8", "defaultStatus": "affected", "cpes": ["cpe:/a:redhat:ocp_tools"]}, {"vendor": "Red Hat", "product": "OpenShift Developer Tools and Services", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "ocp-tools-4/jenkins-rhel8", "defaultStatus": "affected", "cpes": ["cpe:/a:redhat:ocp_tools"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 10", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "buildah", "defaultStatus": "affected", "cpes": ["cpe:/o:redhat:enterprise_linux:10"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 10", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "podman", "defaultStatus": "affected", "cpes": ["cpe:/o:redhat:enterprise_linux:10"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 10", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "skopeo", "defaultStatus": "unaffected", "cpes": ["cpe:/o:redhat:enterprise_linux:10"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "conmon", "defaultStatus": "unaffected", "cpes": ["cpe:/o:redhat:enterprise_linux:9"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "skopeo", "defaultStatus": "affected", "cpes": ["cpe:/o:redhat:enterprise_linux:9"]}, {"vendor": "Red Hat", "product": "Red Hat OpenShift Container Platform 4", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "buildah", "defaultStatus": "unaffected", "cpes": ["cpe:/a:redhat:openshift:4"]}, {"vendor": "Red Hat", "product": "Red Hat OpenShift Container Platform 4", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "conmon", "defaultStatus": "unaffected", "cpes": ["cpe:/a:redhat:openshift:4"]}, {"vendor": "Red Hat", "product": "Red Hat OpenShift Container Platform 4", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "skopeo", "defaultStatus": "affected", "cpes": ["cpe:/a:redhat:openshift:4"]}, {"vendor": "Red Hat", "product": "Red Hat Quay 3", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "quay/quay-builder-rhel8", "defaultStatus": "affected", "cpes": ["cpe:/a:redhat:quay:3"]}], "references": [{"url": "https://access.redhat.com/errata/RHSA-2024:10289", "name": "RHSA-2024:10289", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2024:8418", "name": "RHSA-2024:8418", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2024:8428", "name": "RHSA-2024:8428", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2024:8437", "name": "RHSA-2024:8437", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2024:8686", "name": "RHSA-2024:8686", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2024:8690", "name": "RHSA-2024:8690", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2024:8694", "name": "RHSA-2024:8694", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2024:8700", "name": "RHSA-2024:8700", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2024:8984", "name": "RHSA-2024:8984", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2024:9051", "name": "RHSA-2024:9051", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2024:9454", "name": "RHSA-2024:9454", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2024:9459", "name": "RHSA-2024:9459", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2024:9926", "name": "RHSA-2024:9926", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:0876", "name": "RHSA-2025:0876", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:2454", "name": "RHSA-2025:2454", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:2710", "name": "RHSA-2025:2710", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:3301", "name": "RHSA-2025:3301", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/security/cve/CVE-2024-9676", "tags": ["vdb-entry", "x_refsource_REDHAT"]}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2317467", "name": "RHBZ#2317467", "tags": ["issue-tracking", "x_refsource_REDHAT"]}, {"url": "https://github.com/advisories/GHSA-wq2p-5pc6-wpgf"}], "datePublic": "2024-10-15T15:00:00.000Z", "problemTypes": [{"descriptions": [{"cweId": "CWE-22", "description": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", "lang": "en", "type": "CWE"}]}], "x_redhatCweChain": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", "workarounds": [{"lang": "en", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}], "timeline": [{"lang": "en", "time": "2024-10-09T02:59:07.708000+00:00", "value": "Reported to Red Hat."}, {"lang": "en", "time": "2024-10-15T15:00:00+00:00", "value": "Made public."}], "credits": [{"lang": "en", "value": "Red Hat would like to thank Erik Sj\u00f6lund (Upstream) for reporting this issue."}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2025-09-25T07:53:20.692Z"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-10-15T15:45:48.644647Z", "id": "CVE-2024-9676", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-15T15:46:17.963Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-9676", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-10-15T15:45:48.644647Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-15T15:46:12.616Z"}}], "cna": {"title": "Podman: buildah: cri-o: symlink traversal vulnerability in the containers/storage library can cause denial of service (dos)", "credits": [{"lang": "en", "value": "Red Hat would like to thank Erik Sj\u00f6lund (Upstream) for reporting this issue."}], "metrics": [{"other": {"type": "Red Hat severity rating", "content": {"value": "Moderate", "namespace": "https://access.redhat.com/security/updates/classification/"}}}, {"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}}], "affected": [{"versions": [{"status": "affected", "version": "0", "lessThan": "1.55.1", "versionType": "semver"}], "packageName": "containers/storage", "collectionURL": "https://github.com/containers/storage/", "defaultStatus": "unaffected"}, {"cpes": ["cpe:/a:redhat:enterprise_linux:8::appstream"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8", "versions": [{"status": "unaffected", "version": "8100020241101101019.afee755d", "lessThan": "*", "versionType": "rpm"}], "packageName": "container-tools:rhel8", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:enterprise_linux:9::appstream"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9", "versions": [{"status": "unaffected", "version": "4:4.9.4-16.el9_4", "lessThan": "*", "versionType": "rpm"}], "packageName": "podman", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:enterprise_linux:9::appstream"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9", "versions": [{"status": "unaffected", "version": "4:5.2.2-9.el9_5", "lessThan": "*", "versionType": "rpm"}], "packageName": "podman", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:enterprise_linux:9::appstream"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9", "versions": [{"status": "unaffected", "version": "2:1.37.5-1.el9_5", "lessThan": "*", "versionType": "rpm"}], "packageName": "buildah", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:rhel_eus:9.4::appstream"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9.4 Extended Update Support", "versions": [{"status": "unaffected", "version": "2:1.33.11-1.el9_4", "lessThan": "*", "versionType": "rpm"}], "packageName": "buildah", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:openshift:4.12::el9", "cpe:/a:redhat:openshift_ironic:4.12::el9", "cpe:/a:redhat:openshift:4.12::el8"], "vendor": "Red Hat", "product": "Red Hat OpenShift Container Platform 4.12", "versions": [{"status": "unaffected", "version": "0:1.25.5-30.rhaos4.12.git53dc492.el8", "lessThan": "*", "versionType": "rpm"}], "packageName": "cri-o", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:openshift:4.13::el8", "cpe:/a:redhat:openshift:4.13::el9"], "vendor": "Red Hat", "product": "Red Hat OpenShift Container Platform 4.13", "versions": [{"status": "unaffected", "version": "0:1.26.5-26.rhaos4.13.giteb3d487.el8", "lessThan": "*", "versionType": "rpm"}], "packageName": "cri-o", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:openshift:4.14::el8", "cpe:/a:redhat:openshift:4.14::el9"], "vendor": "Red Hat", "product": "Red Hat OpenShift Container Platform 4.14", "versions": [{"status": "unaffected", "version": "0:1.27.8-12.rhaos4.14.git7597c43.el8", "lessThan": "*", "versionType": "rpm"}], "packageName": "cri-o", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:openshift:4.14::el8", "cpe:/a:redhat:openshift:4.14::el9"], "vendor": "Red Hat", "product": "Red Hat OpenShift Container Platform 4.14", "versions": [{"status": "unaffected", "version": "v4.14.0-202503060906.p0.gb03f3f5.assembly.stream.el8", "lessThan": "*", "versionType": "rpm"}], "packageName": "openshift4/ose-docker-builder", "collectionURL": "https://catalog.redhat.com/software/containers/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:openshift:4.15::el8", "cpe:/a:redhat:openshift:4.15::el9"], "vendor": "Red Hat", "product": "Red Hat OpenShift Container Platform 4.15", "versions": [{"status": "unaffected", "version": "0:1.28.11-5.rhaos4.15.git35a2431.el9", "lessThan": "*", "versionType": "rpm"}], "packageName": "cri-o", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:openshift:4.15::el8", "cpe:/a:redhat:openshift:4.15::el9"], "vendor": "Red Hat", "product": "Red Hat OpenShift Container Platform 4.15", "versions": [{"status": "unaffected", "version": "v4.15.0-202503060734.p0.gbc0b789.assembly.stream.el8", "lessThan": "*", "versionType": "rpm"}], "packageName": "openshift4/ose-docker-builder", "collectionURL": "https://catalog.redhat.com/software/containers/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:openshift:4.16::el9", "cpe:/a:redhat:openshift_ironic:4.16::el9", "cpe:/a:redhat:openshift:4.16::el8"], "vendor": "Red Hat", "product": "Red Hat OpenShift Container Platform 4.16", "versions": [{"status": "unaffected", "version": "0:1.29.9-6.rhaos4.16.gite7bd45a.el8", "lessThan": "*", "versionType": "rpm"}], "packageName": "cri-o", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:openshift:4.16::el9", "cpe:/a:redhat:openshift:4.16::el8"], "vendor": "Red Hat", "product": "Red Hat OpenShift Container Platform 4.16", "versions": [{"status": "unaffected", "version": "4:4.9.4-12.rhaos4.16.el8", "lessThan": "*", "versionType": "rpm"}], "packageName": "podman", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:openshift:4.16::el9"], "vendor": "Red Hat", "product": "Red Hat OpenShift Container Platform 4.16", "versions": [{"status": "unaffected", "version": "v4.16.0-202503121138.p0.g31c3c26.assembly.stream.el9", "lessThan": "*", "versionType": "rpm"}], "packageName": "openshift4/ose-docker-builder-rhel9", "collectionURL": "https://catalog.redhat.com/software/containers/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:openshift:4.17::el8", "cpe:/a:redhat:openshift:4.17::el9"], "vendor": "Red Hat", "product": "Red Hat OpenShift Container Platform 4.17", "versions": [{"status": "unaffected", "version": "0:1.30.6-6.rhaos4.17.git6ac6e96.el9", "lessThan": "*", "versionType": "rpm"}], "packageName": "cri-o", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:openshift:4.17::el8", "cpe:/a:redhat:openshift:4.17::el9"], "vendor": "Red Hat", "product": "Red Hat OpenShift Container Platform 4.17", "versions": [{"status": "unaffected", "version": "5:5.2.2-1.rhaos4.17.el9", "lessThan": "*", "versionType": "rpm"}], "packageName": "podman", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:openshift:4.17::el9"], "vendor": "Red Hat", "product": "Red Hat OpenShift Container Platform 4.17", "versions": [{"status": "unaffected", "version": "v4.17.0-202501281204.p0.ga753153.assembly.stream.el9", "lessThan": "*", "versionType": "rpm"}], "packageName": "openshift4/ose-docker-builder-rhel9", "collectionURL": "https://catalog.redhat.com/software/containers/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:ocp_tools"], "vendor": "Red Hat", "product": "OpenShift Developer Tools and Services", "packageName": "jenkins-agent-base-rhel9-container", "collectionURL": "https://catalog.redhat.com/software/containers/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:ocp_tools"], "vendor": "Red Hat", "product": "OpenShift Developer Tools and Services", "packageName": "ocp-tools-4/jenkins-agent-base-rhel8", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:ocp_tools"], "vendor": "Red Hat", "product": "OpenShift Developer Tools and Services", "packageName": "ocp-tools-4/jenkins-rhel8", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/o:redhat:enterprise_linux:10"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 10", "packageName": "buildah", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/o:redhat:enterprise_linux:10"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 10", "packageName": "podman", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/o:redhat:enterprise_linux:10"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 10", "packageName": "skopeo", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "unaffected"}, {"cpes": ["cpe:/o:redhat:enterprise_linux:9"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9", "packageName": "conmon", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "unaffected"}, {"cpes": ["cpe:/o:redhat:enterprise_linux:9"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9", "packageName": "skopeo", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:openshift:4"], "vendor": "Red Hat", "product": "Red Hat OpenShift Container Platform 4", "packageName": "buildah", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "unaffected"}, {"cpes": ["cpe:/a:redhat:openshift:4"], "vendor": "Red Hat", "product": "Red Hat OpenShift Container Platform 4", "packageName": "conmon", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "unaffected"}, {"cpes": ["cpe:/a:redhat:openshift:4"], "vendor": "Red Hat", "product": "Red Hat OpenShift Container Platform 4", "packageName": "skopeo", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:quay:3"], "vendor": "Red Hat", "product": "Red Hat Quay 3", "packageName": "quay/quay-builder-rhel8", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}], "timeline": [{"lang": "en", "time": "2024-10-09T02:59:07.708000+00:00", "value": "Reported to Red Hat."}, {"lang": "en", "time": "2024-10-15T15:00:00+00:00", "value": "Made public."}], "datePublic": "2024-10-15T15:00:00.000Z", "references": [{"url": "https://access.redhat.com/errata/RHSA-2024:10289", "name": "RHSA-2024:10289", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2024:8418", "name": "RHSA-2024:8418", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2024:8428", "name": "RHSA-2024:8428", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2024:8437", "name": "RHSA-2024:8437", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2024:8686", "name": "RHSA-2024:8686", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2024:8690", "name": "RHSA-2024:8690", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2024:8694", "name": "RHSA-2024:8694", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2024:8700", "name": "RHSA-2024:8700", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2024:8984", "name": "RHSA-2024:8984", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2024:9051", "name": "RHSA-2024:9051", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2024:9454", "name": "RHSA-2024:9454", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2024:9459", "name": "RHSA-2024:9459", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2024:9926", "name": "RHSA-2024:9926", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:0876", "name": "RHSA-2025:0876", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:2454", "name": "RHSA-2025:2454", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:2710", "name": "RHSA-2025:2710", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:3301", "name": "RHSA-2025:3301", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/security/cve/CVE-2024-9676", "tags": ["vdb-entry", "x_refsource_REDHAT"]}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2317467", "name": "RHBZ#2317467", "tags": ["issue-tracking", "x_refsource_REDHAT"]}, {"url": "https://github.com/advisories/GHSA-wq2p-5pc6-wpgf"}], "workarounds": [{"lang": "en", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}], "descriptions": [{"lang": "en", "value": "A vulnerability was found in Podman, Buildah, and CRI-O. A symlink traversal vulnerability in the containers/storage library can cause Podman, Buildah, and CRI-O to hang and result in a denial of service via OOM kill when running a malicious image using an automatically assigned user namespace (`--userns=auto` in Podman and Buildah). The containers/storage library will read /etc/passwd inside the container, but does not properly validate if that file is a symlink, which can be used to cause the library to read an arbitrary file on the host."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-22", "description": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"}]}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2025-09-25T07:53:20.692Z"}, "x_redhatCweChain": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"}}, "cveMetadata": {"cveId": "CVE-2024-9676", "state": "PUBLISHED", "dateUpdated": "2025-09-25T07:53:20.692Z", "dateReserved": "2024-10-09T03:02:48.802Z", "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "datePublished": "2024-10-15T15:27:33.665Z", "assignerShortName": "redhat"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:redhat:openshift_container_platform:4.12:*:*:*:*:*:*:*", "matchCriteriaId": "40449571-22F8-44FA-B57B-B43F71AB25E2", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform:4.13:*:*:*:*:*:*:*", "matchCriteriaId": "1FFF1D51-ABA8-4E54-B81C-A88C8A5E4842", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform:4.14:*:*:*:*:*:*:*", "matchCriteriaId": "486B3F69-1551-4F8B-B25B-A5864248811B", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform:4.15:*:*:*:*:*:*:*", "matchCriteriaId": "4716808D-67EB-4E14-9910-B248A500FAFA", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform:4.16:*:*:*:*:*:*:*", "matchCriteriaId": "0EBB38E1-4161-402D-8A37-74D92891AAC5", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform:4.17:*:*:*:*:*:*:*", "matchCriteriaId": "F4B66318-326A-43E4-AF14-015768296E4E", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_arm64:4.12:*:*:*:*:*:*:*", "matchCriteriaId": "E52D8667-D64B-4E4D-972F-089A2D834C34", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_arm64:4.13:*:*:*:*:*:*:*", "matchCriteriaId": "226AD7DB-D8CB-45A3-97AE-3FE79774133E", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_arm64:4.14:*:*:*:*:*:*:*", "matchCriteriaId": "1B361729-2847-4FE1-9503-BF9FA81307C5", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_arm64:4.15:*:*:*:*:*:*:*", "matchCriteriaId": "FA5959A2-F48B-449B-89AD-ECDE9E5418E6", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_arm64:4.16:*:*:*:*:*:*:*", "matchCriteriaId": "D3056B67-E5C4-40A0-86BF-1D9E6637B13F", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_ibm_z:4.12:*:*:*:*:*:*:*", "matchCriteriaId": "352D5845-975E-4B7F-A44D-4F99D43450BC", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_ibm_z:4.13:*:*:*:*:*:*:*", "matchCriteriaId": "08B9C7A4-4D65-4771-B92D-914C9C9A6C4A", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_ibm_z:4.14:*:*:*:*:*:*:*", "matchCriteriaId": "99ADC66F-3B19-4767-B876-67BA1C8D195B", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_ibm_z:4.15:*:*:*:*:*:*:*", "matchCriteriaId": "E4F24706-3DF4-49D0-870D-39D4FC02CF4A", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_ibm_z:4.16:*:*:*:*:*:*:*", "matchCriteriaId": "F1C47559-7265-4185-84B5-D8D2B177E08A", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_linuxone:4.12:*:*:*:*:*:*:*", "matchCriteriaId": "1E5E9340-DD85-4B10-9A1D-9021C95229A9", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_linuxone:4.13:*:*:*:*:*:*:*", "matchCriteriaId": "BDD2E6ED-9BDE-404B-AD0D-F78D69B13B34", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_linuxone:4.14:*:*:*:*:*:*:*", "matchCriteriaId": "065C13FF-588E-42F5-B3C9-3302082E6524", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_linuxone:4.15:*:*:*:*:*:*:*", "matchCriteriaId": "C1E0DF9A-C358-48A0-911F-0A17E1982E4B", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_linuxone:4.16:*:*:*:*:*:*:*", "matchCriteriaId": "ABEED453-F241-4841-A5AE-8BFFA587119F", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_power:4.12:*:*:*:*:*:*:*", "matchCriteriaId": "2127E592-F973-4244-9793-680736EC5313", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_power:4.13:*:*:*:*:*:*:*", "matchCriteriaId": "8FF27781-22D9-4283-959D-951C76429EF5", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_power:4.14:*:*:*:*:*:*:*", "matchCriteriaId": "F68F84F5-7671-4778-AE48-5CF243B62D88", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_power:4.15:*:*:*:*:*:*:*", "matchCriteriaId": "33D2A2D4-A006-422D-AA0C-8E764FB104C5", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_power:4.16:*:*:*:*:*:*:*", "matchCriteriaId": "0EC48A26-5827-4EC0-BE90-EA25F0A9B56C", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:9.4:*:*:*:*:*:*:*", "matchCriteriaId": "B03506D7-0FCD-47B7-90F6-DDEEB5C5A733", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_arm_64:9.0_aarch64:*:*:*:*:*:*:*", "matchCriteriaId": "2F7DAD7C-9369-4A87-A1D0-4208D3AF0CDC", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:9.4_aarch64:*:*:*:*:*:*:*", "matchCriteriaId": "01363FFA-F7A6-43FC-8D47-E67F95410095", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:9.0_s390x:*:*:*:*:*:*:*", "matchCriteriaId": "FB056B47-1F45-4CE4-81F6-872F66C24C29", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:9.4_s390x:*:*:*:*:*:*:*", "matchCriteriaId": "F843B777-5C64-4CAE-80D6-89DC2C9515B1", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:9.0_ppc64le:*:*:*:*:*:*:*", "matchCriteriaId": "E07C1C58-0E5F-4B56-9B8D-5DE67DB00F79", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.4_ppc64le:*:*:*:*:*:*:*", "matchCriteriaId": "FC3CBA5D-9E5D-4C46-B37E-7BB35BE8DADB", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:9.4:*:*:*:*:*:*:*", "matchCriteriaId": "39D345D3-108A-4551-A112-5EE51991411A", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:9.4_ppc64le:*:*:*:*:*:*:*", "matchCriteriaId": "3C30F155-DF7D-4195-92D9-A5B80407228D", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability was found in Podman, Buildah, and CRI-O. A symlink traversal vulnerability in the containers/storage library can cause Podman, Buildah, and CRI-O to hang and result in a denial of service via OOM kill when running a malicious image using an automatically assigned user namespace (`--userns=auto` in Podman and Buildah). The containers/storage library will read /etc/passwd inside the container, but does not properly validate if that file is a symlink, which can be used to cause the library to read an arbitrary file on the host."}, {"lang": "es", "value": "Se encontr\u00f3 una vulnerabilidad en Podman, Buildah y CRI-O. Una vulnerabilidad de cruce de enlaces simb\u00f3licos en la librer\u00eda de contenedores/almacenamiento puede hacer que Podman, Buildah y CRI-O se bloqueen y generen una denegaci\u00f3n de servicio mediante la eliminaci\u00f3n de OOM al ejecutar una imagen maliciosa utilizando un espacio de nombres de usuario asignado autom\u00e1ticamente (`--userns=auto` en Podman y Buildah). La librer\u00eda de contenedores/almacenamiento leer\u00e1 /etc/passwd dentro del contenedor, pero no validar\u00e1 correctamente si ese archivo es un enlace simb\u00f3lico, lo que se puede utilizar para hacer que la librer\u00eda lea un archivo arbitrario en el host."}], "id": "CVE-2024-9676", "lastModified": "2025-04-03T02:15:19.877", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "secalert@redhat.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-10-15T16:15:06.933", "references": [{"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2024:10289"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "https://access.redhat.com/errata/RHSA-2024:8418"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "https://access.redhat.com/errata/RHSA-2024:8428"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "https://access.redhat.com/errata/RHSA-2024:8437"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "https://access.redhat.com/errata/RHSA-2024:8686"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "https://access.redhat.com/errata/RHSA-2024:8690"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "https://access.redhat.com/errata/RHSA-2024:8694"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "https://access.redhat.com/errata/RHSA-2024:8700"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "https://access.redhat.com/errata/RHSA-2024:8984"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "https://access.redhat.com/errata/RHSA-2024:9051"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "https://access.redhat.com/errata/RHSA-2024:9454"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "https://access.redhat.com/errata/RHSA-2024:9459"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "https://access.redhat.com/errata/RHSA-2024:9926"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2025:0876"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2025:2454"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2025:2710"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2025:3301"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "https://access.redhat.com/security/cve/CVE-2024-9676"}, {"source": "secalert@redhat.com", "tags": ["Issue Tracking"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2317467"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "https://github.com/advisories/GHSA-wq2p-5pc6-wpgf"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "secalert@redhat.com", "type": "Secondary"}]}

{"acknowledgement": "Red Hat would like to thank Erik Sj\u00f6lund (Upstream) for reporting this issue.", "affected_release": [{"advisory": "RHSA-2024:10289", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "container-tools:rhel8-8100020241101101019.afee755d", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2024-11-26T00:00:00Z"}, {"advisory": "RHSA-2024:9051", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "podman-4:4.9.4-16.el9_4", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-11-11T00:00:00Z"}, {"advisory": "RHSA-2024:9454", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "podman-4:5.2.2-9.el9_5", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-11-12T00:00:00Z"}, {"advisory": "RHSA-2024:9459", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "buildah-2:1.37.5-1.el9_5", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-11-12T00:00:00Z"}, {"advisory": "RHSA-2024:9926", "cpe": "cpe:/a:redhat:rhel_eus:9.4", "package": "buildah-2:1.33.11-1.el9_4", "product_name": "Red Hat Enterprise Linux 9.4 Extended Update Support", "release_date": "2024-11-19T00:00:00Z"}, {"advisory": "RHSA-2024:8694", "cpe": "cpe:/a:redhat:openshift:4.12::el8", "package": "cri-o-0:1.25.5-30.rhaos4.12.git53dc492.el8", "product_name": "Red Hat OpenShift Container Platform 4.12", "release_date": "2024-11-07T00:00:00Z"}, {"advisory": "RHSA-2024:8690", "cpe": "cpe:/a:redhat:openshift:4.13::el8", "package": "cri-o-0:1.26.5-26.rhaos4.13.giteb3d487.el8", "product_name": "Red Hat OpenShift Container Platform 4.13", "release_date": "2024-11-06T00:00:00Z"}, {"advisory": "RHSA-2024:8700", "cpe": "cpe:/a:redhat:openshift:4.14::el8", "package": "cri-o-0:1.27.8-12.rhaos4.14.git7597c43.el9", "product_name": "Red Hat OpenShift Container Platform 4.14", "release_date": "2024-11-08T00:00:00Z"}, {"advisory": "RHSA-2025:2710", "cpe": "cpe:/a:redhat:openshift:4.14::el8", "package": "openshift4/ose-docker-builder:v4.14.0-202503060906.p0.gb03f3f5.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.14", "release_date": "2025-03-19T00:00:00Z"}, {"advisory": "RHSA-2024:8428", "cpe": "cpe:/a:redhat:openshift:4.15::el8", "package": "cri-o-0:1.28.11-5.rhaos4.15.git35a2431.el9", "product_name": "Red Hat OpenShift Container Platform 4.15", "release_date": "2024-10-31T00:00:00Z"}, {"advisory": "RHSA-2025:2454", "cpe": "cpe:/a:redhat:openshift:4.15::el8", "package": "openshift4/ose-docker-builder:v4.15.0-202503060734.p0.gbc0b789.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.15", "release_date": "2025-03-13T00:00:00Z"}, {"advisory": "RHSA-2024:8418", "cpe": "cpe:/a:redhat:openshift:4.16::el8", "package": "cri-o-0:1.29.9-6.rhaos4.16.gite7bd45a.el8", "product_name": "Red Hat OpenShift Container Platform 4.16", "release_date": "2024-10-30T00:00:00Z"}, {"advisory": "RHSA-2024:8686", "cpe": "cpe:/a:redhat:openshift:4.16::el8", "package": "podman-4:4.9.4-12.rhaos4.16.el8", "product_name": "Red Hat OpenShift Container Platform 4.16", "release_date": "2024-11-06T00:00:00Z"}, {"advisory": "RHSA-2025:3301", "cpe": "cpe:/a:redhat:openshift:4.16::el9", "package": "openshift4/ose-docker-builder-rhel9:v4.16.0-202503121138.p0.g31c3c26.assembly.stream.el9", "product_name": "Red Hat OpenShift Container Platform 4.16", "release_date": "2025-04-03T00:00:00Z"}, {"advisory": "RHSA-2024:8437", "cpe": "cpe:/a:redhat:openshift:4.17::el8", "package": "cri-o-0:1.30.6-6.rhaos4.17.git6ac6e96.el8", "product_name": "Red Hat OpenShift Container Platform 4.17", "release_date": "2024-10-29T00:00:00Z"}, {"advisory": "RHSA-2024:8984", "cpe": "cpe:/a:redhat:openshift:4.17::el8", "package": "podman-5:5.2.2-1.rhaos4.17.el8", "product_name": "Red Hat OpenShift Container Platform 4.17", "release_date": "2024-11-13T00:00:00Z"}, {"advisory": "RHSA-2025:0876", "cpe": "cpe:/a:redhat:openshift:4.17::el9", "package": "openshift4/ose-docker-builder-rhel9:v4.17.0-202501281204.p0.ga753153.assembly.stream.el9", "product_name": "Red Hat OpenShift Container Platform 4.17", "release_date": "2025-02-05T00:00:00Z"}], "bugzilla": {"description": "Podman: Buildah: CRI-O: symlink traversal vulnerability in the containers/storage library can cause Denial of Service (DoS)", "id": "2317467", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2317467"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.5", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "verified"}, "cwe": "CWE-22", "details": ["A vulnerability was found in Podman, Buildah, and CRI-O. A symlink traversal vulnerability in the containers/storage library can cause Podman, Buildah, and CRI-O to hang and result in a denial of service via OOM kill when running a malicious image using an automatically assigned user namespace (`--userns=auto` in Podman and Buildah). The containers/storage library will read /etc/passwd inside the container, but does not properly validate if that file is a symlink, which can be used to cause the library to read an arbitrary file on the host.", "A vulnerability was found in Podman, Buildah, and CRI-O. A symlink traversal vulnerability in the containers/storage library can cause Podman, Buildah, and CRI-O to hang and result in a denial of service via OOM kill when running a malicious image using an automatically assigned user namespace (`--userns=auto` in Podman and Buildah). The containers/storage library will read /etc/passwd inside the container, but does not properly validate if that file is a symlink, which can be used to cause the library to read an arbitrary file on the host."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2024-9676", "package_state": [{"cpe": "cpe:/a:redhat:ocp_tools", "fix_state": "Fix deferred", "package_name": "jenkins-agent-base-rhel9-container", "product_name": "OpenShift Developer Tools and Services"}, {"cpe": "cpe:/a:redhat:ocp_tools", "fix_state": "Fix deferred", "package_name": "ocp-tools-4/jenkins-agent-base-rhel8", "product_name": "OpenShift Developer Tools and Services"}, {"cpe": "cpe:/a:redhat:ocp_tools", "fix_state": "Fix deferred", "package_name": "ocp-tools-4/jenkins-rhel8", "product_name": "OpenShift Developer Tools and Services"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Affected", "package_name": "buildah", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Affected", "package_name": "podman", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "skopeo", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "conmon", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "skopeo", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Not affected", "package_name": "buildah", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Not affected", "package_name": "conmon", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Affected", "package_name": "skopeo", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:quay:3", "fix_state": "Affected", "package_name": "quay/quay-builder-rhel8", "product_name": "Red Hat Quay 3"}], "public_date": "2024-10-15T15:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-9676\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-9676\nhttps://github.com/advisories/GHSA-wq2p-5pc6-wpgf"], "threat_severity": "Moderate"}