CVE-2024-11218

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2024-11218

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-11218.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2024-11218

Aliases

Downstream

BELL-CVE-2024-11218

DEBIAN-CVE-2024-11218

OESA-2025-2297

RHSA-2025:0830

RHSA-2025:0878

RHSA-2025:0922

RHSA-2025:0923

RHSA-2025:1186

RHSA-2025:1187

RHSA-2025:1188

RHSA-2025:1189

RHSA-2025:1207

RHSA-2025:1275

RHSA-2025:1295

RHSA-2025:1296

RHSA-2025:1372

RHSA-2025:1453

RHSA-2025:1713

RHSA-2025:1908

RHSA-2025:1910

RHSA-2025:1914

RHSA-2025:2443

RHSA-2025:2456

RHSA-2025:2703

RHSA-2025:2712

RLSA-2025:0922

RLSA-2025:0923

RLSA-2025:1372

SUSE-SU-2025:0267-1

SUSE-SU-2025:0297-1

SUSE-SU-2025:0301-1

SUSE-SU-2025:0319-1

SUSE-SU-2025:0320-1

SUSE-SU-2025:0382-1

SUSE-SU-2025:0775-1

SUSE-SU-2025:20143-1

SUSE-SU-2025:20279-1

UBUNTU-CVE-2024-11218

openSUSE-SU-2025:14689-1

openSUSE-SU-2025:14710-1

Related

Published

2025-01-22T05:15:08.903Z

Modified

2026-03-11T07:47:58.034681816Z

Severity

8.6 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

A vulnerability was found in podman build and buildah. This issue occurs in a container breakout by using --jobs=2 and a race condition when building a malicious Containerfile. SELinux might mitigate it, but even with SELinux on, it still allows the enumeration of files and directories on the host.

References

Affected packages

Git /

Affected ranges

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-11218.json"