CVE ID:	CVE-2024-1753
Description:	A flaw was found in Buildah (and subsequently Podman Build) which allows containers to mount arbitrary locations on the host filesystem into build containers. A malicious Containerfile can use a dummy image with a symbolic link to the root filesystem as a mount source and cause the mount operation to mount the host root filesystem inside the RUN step. The commands inside the RUN step will then have read-write access to the host filesystem, allowing for full container escape at build time.
Test IDs:	1.3.6.1.4.1.25623.1.1.4.2024.1142.1   1.3.6.1.4.1.25623.1.1.18.2.2024.1143.1   1.3.6.1.4.1.25623.1.0.856054   1.3.6.1.4.1.25623.1.1.4.2024.3186.1   1.3.6.1.4.1.25623.1.1.4.2024.1145.1   1.3.6.1.4.1.25623.1.1.18.2.2024.3151.1   1.3.6.1.4.1.25623.1.0.886328   1.3.6.1.4.1.25623.1.0.856457   1.3.6.1.4.1.25623.1.0.856418   1.3.6.1.4.1.25623.1.0.856055   1.3.6.1.4.1.25623.1.0.856048   1.3.6.1.4.1.25623.1.1.9.2024.10010032102390983   1.3.6.1.4.1.25623.1.0.886330   1.3.6.1.4.1.25623.1.1.4.2024.1144.1   1.3.6.1.4.1.25623.1.0.886332   1.3.6.1.4.1.25623.1.1.4.2024.3120.1   1.3.6.1.4.1.25623.1.1.4.2024.1059.1   1.3.6.1.4.1.25623.1.1.4.2024.1058.1   1.3.6.1.4.1.25623.1.0.856042
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2024-1753 RHBZ#2265513 https://bugzilla.redhat.com/show_bug.cgi?id=2265513 RHSA-2024:2049 https://access.redhat.com/errata/RHSA-2024:2049 RHSA-2024:2055 https://access.redhat.com/errata/RHSA-2024:2055 RHSA-2024:2064 https://access.redhat.com/errata/RHSA-2024:2064 RHSA-2024:2066 https://access.redhat.com/errata/RHSA-2024:2066 RHSA-2024:2077 https://access.redhat.com/errata/RHSA-2024:2077 RHSA-2024:2084 https://access.redhat.com/errata/RHSA-2024:2084 RHSA-2024:2089 https://access.redhat.com/errata/RHSA-2024:2089 RHSA-2024:2090 https://access.redhat.com/errata/RHSA-2024:2090 RHSA-2024:2097 https://access.redhat.com/errata/RHSA-2024:2097 RHSA-2024:2098 https://access.redhat.com/errata/RHSA-2024:2098 RHSA-2024:2548 https://access.redhat.com/errata/RHSA-2024:2548 RHSA-2024:2645 https://access.redhat.com/errata/RHSA-2024:2645 RHSA-2024:2669 https://access.redhat.com/errata/RHSA-2024:2669 RHSA-2024:2672 https://access.redhat.com/errata/RHSA-2024:2672 RHSA-2024:2784 https://access.redhat.com/errata/RHSA-2024:2784 RHSA-2024:2877 https://access.redhat.com/errata/RHSA-2024:2877 RHSA-2024:3254 https://access.redhat.com/errata/RHSA-2024:3254 https://access.redhat.com/security/cve/CVE-2024-1753 https://access.redhat.com/security/cve/CVE-2024-1753 https://github.com/containers/buildah/security/advisories/GHSA-pmf3-c36m-g5cf https://github.com/containers/buildah/security/advisories/GHSA-pmf3-c36m-g5cf https://github.com/containers/podman/security/advisories/GHSA-874v-pj72-92f3 https://github.com/containers/podman/security/advisories/GHSA-874v-pj72-92f3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FCRZVUDOFM5CPREQKBEU2VK2QK62PSBP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FCRZVUDOFM5CPREQKBEU2VK2QK62PSBP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KOYMVMQ7RWMDTSKQTBO734BE3WQPI2AJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KOYMVMQ7RWMDTSKQTBO734BE3WQPI2AJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZVBSVZGVABPYIHK5HZM472NPGWMI7WXH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZVBSVZGVABPYIHK5HZM472NPGWMI7WXH/