#VU86037 Path traversal in BuildKit - CVE-2024-23652


Vulnerability identifier: #VU86037

Vulnerability risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2024-23652

CWE-ID: CWE-22

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
BuildKit
Universal components / Libraries / Software for developers

Vendor: Moby project

Description

The vulnerability allows a remote attacker to perform directory traversal attacks.

The vulnerability exists due to input validation error when processing directory traversal sequences within BuildKit frontend or Dockerfile using RUN --mount. A remote attacker can send a specially crafted HTTP request and read arbitrary files on the system.

Mitigation
Install update from vendor's website.

Vulnerable software versions

BuildKit: 0.3.0 - 0.12.4

External links
https://github.com/moby/buildkit/security/advisories/GHSA-4v98-7qmw-rqr8
https://github.com/moby/buildkit/pull/4603
https://github.com/moby/buildkit/releases/tag/v0.12.5

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Anolis OS update for buildkit
Multiple vulnerabilities in Dell PowerStore T Family
Multiple vulnerabilities in Dell PowerStore X
Gentoo update for Docker
Multiple vulnerabilities in IBM watsonx.data
SUSE update for buildah, docker
Multiple vulnerabilities in IBM Concert
Multiple vulnerabilities in IBM Concert Software
SUSE update for docker
SUSE update for docker