VulnerableCode Package Details - pkg:rpm/redhat/buildah@1:1.31.3-1?arch=el9

Search for packages

Vulnerability	Summary	Fixed by
VCID-3brf-dmwm-qkgj Aliases: CVE-2023-25173 GHSA-hmfx-3pcx-653p	Supplementary groups are not set up properly in github.com/containerd/containerd ### Impact A bug was found in containerd where supplementary groups are not set up properly inside a container. If an attacker has direct access to a container and manipulates their supplementary group access, they may be able to use supplementary group access to bypass primary group restrictions in some cases, potentially gaining access to sensitive information or gaining the ability to execute code in that container. Downstream applications that use the containerd client library may be affected as well. ### Patches This bug has been fixed in containerd v1.6.18 and v.1.5.18. Users should update to these versions and recreate containers to resolve this issue. Users who rely on a downstream application that uses containerd's client library should check that application for a separate advisory and instructions. ### Workarounds Ensure that the `"USER $USERNAME"` Dockerfile instruction is not used. Instead, set the container entrypoint to a value similar to `ENTRYPOINT ["su", "-", "user"]` to allow `su` to properly set up supplementary groups. ### References - https://www.benthamsgaze.org/2022/08/22/vulnerability-in-linux-containers-investigation-and-mitigation/ - Docker/Moby: CVE-2022-36109, fixed in Docker 20.10.18 - CRI-O: CVE-2022-2995, fixed in CRI-O 1.25.0 - Podman: CVE-2022-2989, fixed in Podman 3.0.1 and 4.2.0 - Buildah: CVE-2022-2990, fixed in Buildah 1.27.1 Note that CVE IDs apply to a particular implementation, even if an issue is common. ### For more information If you have any questions or comments about this advisory: * Open an issue in [containerd](https://github.com/containerd/containerd/issues/new/choose) * Email us at [security@containerd.io](mailto:security@containerd.io) To report a security issue in containerd: * [Report a new vulnerability](https://github.com/containerd/containerd/security/advisories/new) * Email us at [security@containerd.io](mailto:security@containerd.io)	There are no reported fixed by versions.
VCID-4ufj-v5z1-huec Aliases: CVE-2023-24534	Multiple vulnerabilities have been discovered in Go, the worst of which could lead to remote code execution.	There are no reported fixed by versions.
VCID-a473-9skg-tkbn Aliases: CVE-2023-24540	Multiple vulnerabilities have been discovered in Go, the worst of which could lead to information leakage or a denial of service.	There are no reported fixed by versions.
VCID-b9yc-jqye-afan Aliases: CVE-2023-24536	Multiple vulnerabilities have been discovered in Go, the worst of which could lead to remote code execution.	There are no reported fixed by versions.
VCID-e44x-a9xm-6ke9 Aliases: CVE-2022-41724	Multiple vulnerabilities have been discovered in Go, the worst of which could lead to remote code execution.	There are no reported fixed by versions.
VCID-evjj-hwvm-fbca Aliases: CVE-2023-24538	Multiple vulnerabilities have been discovered in Go, the worst of which could lead to remote code execution.	There are no reported fixed by versions.
VCID-jbd8-1tkr-4bb2 Aliases: CVE-2023-29400	Multiple vulnerabilities have been discovered in Go, the worst of which could lead to information leakage or a denial of service.	There are no reported fixed by versions.
VCID-rh89-8td9-tudk Aliases: CVE-2023-29406	Multiple vulnerabilities have been discovered in Go, the worst of which could lead to remote code execution.	There are no reported fixed by versions.
VCID-sdd3-35ng-g7a3 Aliases: CVE-2022-41723 GHSA-vvpx-j8f3-3w6h	golang.org/x/net vulnerable to Uncontrolled Resource Consumption A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.	There are no reported fixed by versions.
VCID-uvxd-979q-ybdy Aliases: CVE-2023-24539	Multiple vulnerabilities have been discovered in Go, the worst of which could lead to information leakage or a denial of service.	There are no reported fixed by versions.
VCID-zg2y-sb18-p3ah Aliases: CVE-2022-41725	Multiple vulnerabilities have been discovered in Go, the worst of which could lead to remote code execution.	There are no reported fixed by versions.

Vulnerability

Summary

Fixed by

VCID-3brf-dmwm-qkgj
Aliases:
CVE-2023-25173
GHSA-hmfx-3pcx-653p

Supplementary groups are not set up properly in github.com/containerd/containerd ### Impact A bug was found in containerd where supplementary groups are not set up properly inside a container. If an attacker has direct access to a container and manipulates their supplementary group access, they may be able to use supplementary group access to bypass primary group restrictions in some cases, potentially gaining access to sensitive information or gaining the ability to execute code in that container. Downstream applications that use the containerd client library may be affected as well. ### Patches This bug has been fixed in containerd v1.6.18 and v.1.5.18. Users should update to these versions and recreate containers to resolve this issue. Users who rely on a downstream application that uses containerd's client library should check that application for a separate advisory and instructions. ### Workarounds Ensure that the `"USER $USERNAME"` Dockerfile instruction is not used. Instead, set the container entrypoint to a value similar to `ENTRYPOINT ["su", "-", "user"]` to allow `su` to properly set up supplementary groups. ### References - https://www.benthamsgaze.org/2022/08/22/vulnerability-in-linux-containers-investigation-and-mitigation/ - Docker/Moby: CVE-2022-36109, fixed in Docker 20.10.18 - CRI-O: CVE-2022-2995, fixed in CRI-O 1.25.0 - Podman: CVE-2022-2989, fixed in Podman 3.0.1 and 4.2.0 - Buildah: CVE-2022-2990, fixed in Buildah 1.27.1 Note that CVE IDs apply to a particular implementation, even if an issue is common. ### For more information If you have any questions or comments about this advisory: * Open an issue in [containerd](https://github.com/containerd/containerd/issues/new/choose) * Email us at [security@containerd.io](mailto:security@containerd.io) To report a security issue in containerd: * [Report a new vulnerability](https://github.com/containerd/containerd/security/advisories/new) * Email us at [security@containerd.io](mailto:security@containerd.io)