CVE-2024-23651
CVSS 3.1 Score 7.4 of 10 (high)
Details
Summary
CVE-2024-23651 is a vulnerability affecting BuildKit, a toolkit used for converting source code into build artifacts. This issue arises when two malicious build steps run in parallel and share the same cache mounts with overlapping subpaths. As a result, a race condition occurs, granting unauthorized access to files from the host system to the build container. The latest version, v0.12.5, includes a fix for this vulnerability. Users can also implement workarounds by avoiding the use of untrusted BuildKit frontends or building untrusted Dockerfiles without the --mount=type=cache,source=... options.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.