FeedlyFeedly
CVEsCVEs
Threat IntelligenceThreat Intelligence
Threat IntelligenceThreat Intelligence
Log in
ChangelogChangelog
ChangelogChangelog
Log in
Log in
Start Free Trial
Start Free Trial
FeedlyFeedly
CVEsCVEs
Threat IntelligenceThreat Intelligence
Threat IntelligenceThreat Intelligence
Log in
ChangelogChangelog
ChangelogChangelog
Log in
Log in
Start Free Trial
Start Free Trial

CVE-2024-9341

Improper Link Resolution Before File Access ('Link Following') (CWE-59)

Published: Oct 1, 2024 / Updated: 49d ago

010
CVSS 5.4EPSS 0.07%Medium
CVE info copied to clipboard

A flaw was found in Go. When FIPS mode is enabled on a system, container runtimes may incorrectly handle certain file paths due to improper validation in the containers/common Go library. This flaw allows an attacker to exploit symbolic links and trick the system into mounting sensitive host directories inside a container. This issue also allows attackers to access critical host files, bypassing the intended isolation between containers and the host system.

CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:N

Timeline

Vendor Advisory

RedHat CVE advisory released a security advisory (CVE-2024-9341).

Oct 1, 2024 at 4:15 PM
CVSS

A CVSS base score of 5.4 has been assigned.

Oct 1, 2024 at 4:15 PM / redhat-cve-advisories
First Article

Feedly found the first article mentioning CVE-2024-9341. See article

Oct 1, 2024 at 4:15 PM / Red Hat CVE Database
CVSS Estimate

Feedly estimated the CVSS score as HIGH

Oct 1, 2024 at 4:15 PM
CVSS Estimate

Feedly estimated the CVSS score as MEDIUM

Oct 1, 2024 at 7:00 PM
CVE Assignment

NVD published the first details for CVE-2024-9341

Oct 1, 2024 at 7:15 PM
Vendor Advisory

GitHub Advisories released a security advisory.

Oct 1, 2024 at 9:31 PM
Detection in Vulnerability Scanners

Detection for the vulnerability has been added to Qualys (6246593)

Oct 2, 2024 at 7:53 AM
Detection in Vulnerability Scanners

Detection for the vulnerability has been added to Qualys (6246591)

Oct 2, 2024 at 7:53 AM
Static CVE Timeline Graph

Affected Systems

Redhat/openshift_container_platform
+null more

Patches

bugzilla.redhat.com
+null more

Links to Mitre Att&cks

T1547.009: Shortcut Modification
+null more

Attack Patterns

CAPEC-132: Symlink Attack
+null more

References

Multiple vulnerabilities in Red Hat OpenShift Container Platform 4.12
Security feed from CyberSecurity Help / 12d
The vulnerability exists due to NULL pointer dereference within the rpcrdma_ep_create() function in net/sunrpc/xprtrdma/verbs.c. A local user can perform a denial of service (DoS) attack. The vulnerability exists due to NULL pointer dereference within the TEMP_TO_REG() and w83793_detect_subclients() functions in drivers/hwmon/w83793.c. A local user can perform a denial of service (DoS) attack.
Multiple vulnerabilities in Red Hat OpenShift Container Platform 4.14
Security feed from CyberSecurity Help / 27d
The vulnerability allows a local user to perform a denial of service (DoS) attack. The vulnerability exists due to NULL pointer dereference within the w83792d_detect_subclients() function in drivers/hwmon/w83792d.c. A local user can perform a denial of service (DoS) attack.

News

KRB5, Python, Libvirt, and more updates for AlmaLinux
Linux Compatible / 22h
The virt:rhel module contains packageswhich provide user-space components used to run virtual machines using KVM.The packages also provide APIs for managing and interacting with the virtualized systems. Full details, updated packages, references, and other related information: https://errata.almalinux.org/9/ALSA-2024-9452.html
SUSE update for buildah
Security feed from CyberSecurity Help / 1d
This flaw allows an attacker to exploit symbolic links and trick the system into mounting sensitive host directories inside a container. This issue can be exploited to mount sensitive directories from the host into a container during the build process and,
ALINUX3-SA-2024:0241: container-tools:rhel8 security update (Important)
Alibaba Cloud Linux 3 Security Advisories / 1d
Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2024-9341: A flaw was found in Go. When FIPS mode is enabled on a system, container runtimes may incorrectly handle certain file paths due to improper validation in the containers/common Go library. This flaw allows an attacker to exploit symbolic links and trick the system into mounting sensitive host directories inside a container. This issue also allows attackers to access critical host files, bypassing the intended isolation between containers and the host system. CVE-2024-9407: A vulnerability exists in the bind-propagation option of the Dockerfile RUN --mount instruction. The system does not properly validate the input passed to this option, allowing users to pass arbitrary parameters to the mount instruction. This issue can be exploited to mount sensitive directories from the host into a container during the build process and, in some cases, modify the contents of those mounted files.
SUSE SLES15 Security Update : buildah (SUSE-SU-2024:3988-1)
Newest Plugins from Tenable / 4d
The remote SUSE Linux SLES15 / SLES_SAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3988-1 advisory. The remote SUSE host is missing one or more security updates.
suse_linux SUSE-SU-2024:3988-1: SUSE SLES15 : Security update for buildah (Important) (SUSE-SU-2024:3988-1)
In Progress Plugin Pipeline from Tenable / 4d
Development Last Updated: 11/15/2024 CVEs: CVE-2024-9407 , CVE-2024-9676 , CVE-2024-9675 , CVE-2024-9341
See 112 more articles and social media posts

CVSS V3.1

Attack Vector:Network
Attack Complexity:High
Privileges Required:Low
User Interaction:Required
Scope:Unchanged
Confidentiality:High
Integrity:Low
Availability Impact:None

Categories

CVSS 5.4(34618)CWE-59(1181)

Be the first to know about critical vulnerabilities

Collect, analyze, and share vulnerability reports faster using AI

Feedly Threat Intelligence30-day free trial