CVE-2024-23651

SOURCE - github

Summary

### Impact Two malicious build steps running in parallel sharing the same cache mounts with subpaths could cause a race condition that can lead to files from the host system being accessible to the build container. ### Patches The issue has been fixed in v0.12.5 ### Workarounds Avoid using BuildKit frontend from an untrusted source or building an untrusted Dockerfile containing cache mounts with --mount=type=cache,source=... options. ### References https://www.openwall.com/lists/oss-security/2019/05/28/1

Common Weakness Enumeration (CWE)

SOURCE - nist

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

SOURCE - github

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

SOURCE - redhat

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')


nist

CREATED


UPDATED



EXPLOITABILITY SCORE

2.2


EXPLOITS FOUND
-

COMMON WEAKNESS ENUMERATION (CWE)

CVSS SCORE

7.4high

github

CREATED


UPDATED



EXPLOITABILITY SCORE

2.2


EXPLOITS FOUND
-

COMMON WEAKNESS ENUMERATION (CWE)

CVSS SCORE

8.7high

alpine

CREATED


UPDATED



EXPLOITABILITY SCORE

-


EXPLOITS FOUND
-

COMMON WEAKNESS ENUMERATION (CWE)-
RATING UNAVAILABLE FROM SOURCE

ubuntu

CREATED


UPDATED



EXPLOITABILITY SCORE

2.2


EXPLOITS FOUND
-

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

7.4medium

redhat

CREATED


UPDATED



EXPLOITABILITY SCORE

1.1


EXPLOITS FOUND
-

COMMON WEAKNESS ENUMERATION (CWE)

CVSS SCORE

7.5high

chainguard

CREATED


UPDATED


SOURCE ID

CVE-2024-23651


EXPLOITABILITY SCORE

-


EXPLOITS FOUND
-

COMMON WEAKNESS ENUMERATION (CWE)-
RATING UNAVAILABLE FROM SOURCE

wolfi

CREATED


UPDATED


SOURCE ID

CVE-2024-23651


EXPLOITABILITY SCORE

-


EXPLOITS FOUND
-

COMMON WEAKNESS ENUMERATION (CWE)-
RATING UNAVAILABLE FROM SOURCE