CVE-2024-1753

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-1753

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-1753.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2024-1753

Aliases

Downstream

BELL-CVE-2024-1753

DEBIAN-CVE-2024-1753

OESA-2025-1059

RHSA-2024:2049

RHSA-2024:2055

RHSA-2024:2064

RHSA-2024:2066

RHSA-2024:2077

RHSA-2024:2084

RHSA-2024:2089

RHSA-2024:2090

RHSA-2024:2097

RHSA-2024:2098

RHSA-2024:2548

RHSA-2024:2645

RHSA-2024:2669

RHSA-2024:2672

RHSA-2024:2784

RHSA-2024:2877

RHSA-2024:3254

SUSE-SU-2024:1058-1

SUSE-SU-2024:1059-1

SUSE-SU-2024:1142-1

SUSE-SU-2024:1143-1

SUSE-SU-2024:1144-1

SUSE-SU-2024:1145-1

SUSE-SU-2024:1146-1

SUSE-SU-2024:3120-1

SUSE-SU-2024:3151-1

SUSE-SU-2024:3186-1

SUSE-SU-2025:0267-1

SUSE-SU-2025:0775-1

UBUNTU-CVE-2024-1753

openSUSE-SU-2024:13784-1

openSUSE-SU-2024:13826-1

Related

Published

2024-03-18T15:15:41Z

Modified

2025-08-09T20:01:27Z

Summary

[none]

Details

A flaw was found in Buildah (and subsequently Podman Build) which allows containers to mount arbitrary locations on the host filesystem into build containers. A malicious Containerfile can use a dummy image with a symbolic link to the root filesystem as a mount source and cause the mount operation to mount the host root filesystem inside the RUN step. The commands inside the RUN step will then have read-write access to the host filesystem, allowing for full container escape at build time.

References

Affected packages