{"id":"CVE-2024-23652","summary":"BuildKit possible host system access from mount stub cleaner","details":"BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. A malicious BuildKit frontend or Dockerfile using RUN --mount could trick the feature that removes empty files created for the mountpoints into removing a file outside the container, from the host system. The issue has been fixed in v0.12.5. Workarounds include avoiding using BuildKit frontends from an untrusted source or building an untrusted Dockerfile containing RUN --mount feature.","aliases":["GHSA-4v98-7qmw-rqr8","GO-2024-2494"],"modified":"2026-04-02T09:59:59.465603Z","published":"2024-01-31T21:57:42.774Z","related":["CGA-hf9m-rh54-hc2x","SUSE-SU-2024:0586-1","SUSE-SU-2024:0586-2","SUSE-SU-2024:0587-1","SUSE-SU-2024:1469-1","SUSE-SU-2024:3120-1","SUSE-SU-2025:03540-1","SUSE-SU-2025:03545-1","SUSE-SU-2025:20056-1","SUSE-SU-2025:20107-1","openSUSE-SU-2024:13651-1","openSUSE-SU-2024:13689-1","openSUSE-SU-2024:14059-1","openSUSE-SU-2025:15589-1"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/23xxx/CVE-2024-23652.json","cwe_ids":["CWE-22"],"cna_assigner":"GitHub_M"},"references":[{"type":"WEB","url":"https://github.com/moby/buildkit/releases/tag/v0.12.5"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/23xxx/CVE-2024-23652.json"},{"type":"ADVISORY","url":"https://github.com/moby/buildkit/security/advisories/GHSA-4v98-7qmw-rqr8"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-23652"},{"type":"FIX","url":"https://github.com/moby/buildkit/pull/4603"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/moby/buildkit","events":[{"introduced":"0"},{"fixed":"bac3f2b673f3f9d33e79046008e7a38e856b3dc6"}]}],"versions":["dockerfile/0.9.0","dockerfile/0.9.0-experimental","dockerfile/1.0.0","dockerfile/1.0.0-experimental","dockerfile/1.0.1","dockerfile/1.0.1-experimental","dockerfile/1.0.2-experimental","dockerfile/1.1.0","dockerfile/1.1.0-experimental","dockerfile/1.1.1","dockerfile/1.1.1-experimental","dockerfile/1.1.2","dockerfile/1.1.2-experimental","dockerfile/1.1.3","dockerfile/1.1.3-experimental","dockerfile/1.1.4","dockerfile/1.1.4-experimental","dockerfile/1.1.5","dockerfile/1.1.5-experimental","dockerfile/1.1.6","dockerfile/1.1.6-experimental","dockerfile/1.1.6-rc1","dockerfile/1.1.6-rc1-experimental","dockerfile/1.1.7","dockerfile/1.1.7-experimental","dockerfile/1.10.0","dockerfile/1.10.0-labs","dockerfile/1.10.0-rc1","dockerfile/1.10.0-rc1-labs","dockerfile/1.11.0","dockerfile/1.11.0-labs","dockerfile/1.11.0-rc1","dockerfile/1.11.0-rc1-labs","dockerfile/1.11.0-rc2","dockerfile/1.11.0-rc2-labs","dockerfile/1.11.1","dockerfile/1.11.1-labs","dockerfile/1.12.0","dockerfile/1.12.0-labs","dockerfile/1.12.0-rc1","dockerfile/1.12.0-rc1-labs","dockerfile/1.12.1","dockerfile/1.12.1-labs","dockerfile/1.13.0","dockerfile/1.13.0-labs","dockerfile/1.13.0-rc1","dockerfile/1.13.0-rc1-labs","dockerfile/1.14.0","dockerfile/1.14.0-labs","dockerfile/1.14.0-rc1","dockerfile/1.14.0-rc1-labs","dockerfile/1.14.0-rc2","dockerfile/1.14.0-rc2-labs","dockerfile/1.14.0-rc3","dockerfile/1.14.0-rc3-labs","dockerfile/1.14.1","dockerfile/1.14.1-labs","dockerfile/1.15.0","dockerfile/1.15.0-labs","dockerfile/1.15.0-rc1","dockerfile/1.15.0-rc1-labs","dockerfile/1.15.0-rc2","dockerfile/1.15.0-rc2-labs","dockerfile/1.15.1","dockerfile/1.15.1-labs","dockerfile/1.16.0","dockerfile/1.16.0-labs","dockerfile/1.16.0-rc1","dockerfile/1.16.0-rc1-labs","dockerfile/1.16.0-rc2","dockerfile/1.16.0-rc2-labs","dockerfile/1.17.0","dockerfile/1.17.0-labs","dockerfile/1.17.0-rc1","dockerfile/1.17.0-rc1-labs","dockerfile/1.17.1","dockerfile/1.17.1-labs","dockerfile/1.18.0","dockerfile/1.18.0-labs","dockerfile/1.18.0-rc1","dockerfile/1.18.0-rc1-labs","dockerfile/1.18.0-rc2","dockerfile/1.18.0-rc2-labs","dockerfile/1.19.0","dockerfile/1.19.0-labs","dockerfile/1.19.0-rc1","dockerfile/1.19.0-rc1-labs","dockerfile/1.2.0","dockerfile/1.2.0-labs","dockerfile/1.2.0-rc1","dockerfile/1.2.0-rc1-labs","dockerfile/1.2.1","dockerfile/1.2.1-labs","dockerfile/1.20.0","dockerfile/1.20.0-labs","dockerfile/1.20.0-rc1","dockerfile/1.20.0-rc1-labs","dockerfile/1.21.0","dockerfile/1.21.0-labs","dockerfile/1.21.0-rc1","dockerfile/1.21.0-rc1-labs","dockerfile/1.22.0","dockerfile/1.22.0-labs","dockerfile/1.22.0-rc1","dockerfile/1.22.0-rc1-labs","dockerfile/1.22.0-rc2","dockerfile/1.22.0-rc2-labs","dockerfile/1.23.0","dockerfile/1.23.0-labs","dockerfile/1.23.0-rc1","dockerfile/1.23.0-rc1-labs","dockerfile/1.3.0","dockerfile/1.3.0-labs","dockerfile/1.3.0-rc1","dockerfile/1.3.0-rc1-labs","dockerfile/1.3.1","dockerfile/1.3.1-labs","dockerfile/1.4.0","dockerfile/1.4.0-labs","dockerfile/1.4.0-labs-rc1","dockerfile/1.4.0-labs-rc2","dockerfile/1.4.0-rc1","dockerfile/1.4.0-rc2","dockerfile/1.4.1","dockerfile/1.4.1-labs","dockerfile/1.4.2","dockerfile/1.4.2-labs","dockerfile/1.4.3","dockerfile/1.4.3-labs","dockerfile/1.5.0","dockerfile/1.5.0-labs","dockerfile/1.5.0-rc1","dockerfile/1.5.0-rc1-labs","dockerfile/1.5.0-rc2","dockerfile/1.5.0-rc2-labs","dockerfile/1.5.0-rc3","dockerfile/1.5.0-rc3-labs","dockerfile/1.5.1","dockerfile/1.5.1-labs","dockerfile/1.5.2","dockerfile/1.5.2-labs","dockerfile/1.6.0","dockerfile/1.6.0-labs","dockerfile/1.6.0-rc1","dockerfile/1.6.0-rc1-labs","dockerfile/1.6.0-rc2","dockerfile/1.6.0-rc2-labs","dockerfile/1.7.0","dockerfile/1.7.0-labs","dockerfile/1.7.0-rc1","dockerfile/1.7.0-rc1-labs","dockerfile/1.7.1","dockerfile/1.7.1-labs","dockerfile/1.8.0","dockerfile/1.8.0-labs","dockerfile/1.8.0-rc1","dockerfile/1.8.0-rc1-labs","dockerfile/1.8.0-rc2","dockerfile/1.8.0-rc2-labs","dockerfile/1.8.1","dockerfile/1.8.1-labs","dockerfile/1.9.0","dockerfile/1.9.0-labs","dockerfile/1.9.0-rc1","dockerfile/1.9.0-rc1-labs","dockerfile/1.9.0-rc2","dockerfile/1.9.0-rc2-labs","v0.10.0","v0.10.0-rc1","v0.10.0-rc2","v0.10.1","v0.10.2","v0.10.3","v0.10.4","v0.10.5","v0.10.6","v0.11.0","v0.11.0-rc1","v0.11.0-rc2","v0.11.0-rc3","v0.11.0-rc4","v0.11.1","v0.11.2","v0.11.3","v0.11.4","v0.11.5","v0.11.6","v0.12.0","v0.12.0-rc1","v0.12.0-rc2","v0.12.1","v0.12.2","v0.12.3","v0.12.4","v0.13.0","v0.13.0-beta1","v0.13.0-beta2","v0.13.0-beta3","v0.13.0-rc1","v0.13.0-rc2","v0.13.0-rc3","v0.13.1","v0.13.2","v0.14.0","v0.14.0-rc1","v0.14.0-rc2","v0.14.1","v0.15.0","v0.15.0-rc1","v0.15.0-rc2","v0.15.1","v0.15.2","v0.16.0","v0.16.0-rc1","v0.16.0-rc2","v0.17.0","v0.17.0-rc1","v0.17.0-rc2","v0.17.1","v0.17.2","v0.17.3","v0.18.0","v0.18.0-rc1","v0.18.0-rc2","v0.18.1","v0.18.2","v0.19.0","v0.19.0-rc1","v0.19.0-rc2","v0.19.0-rc3","v0.20.0","v0.20.0-rc1","v0.20.0-rc2","v0.20.0-rc3","v0.20.1","v0.20.2","v0.21.0","v0.21.0-rc1","v0.21.0-rc2","v0.21.1","v0.22.0","v0.22.0-rc1","v0.22.0-rc2","v0.23.0","v0.23.0-rc1","v0.23.0-rc2","v0.23.1","v0.23.2","v0.24.0","v0.24.0-rc1","v0.24.0-rc2","v0.25.0","v0.25.0-rc1","v0.25.1","v0.25.2","v0.26.0","v0.26.0-rc1","v0.26.0-rc2","v0.26.1","v0.26.2","v0.26.3","v0.27.0","v0.27.0-rc1","v0.27.0-rc2","v0.27.1","v0.28.0","v0.28.0-rc1","v0.28.0-rc2","v0.28.1","v0.29.0","v0.29.0-rc1","v0.3.0","v0.3.1","v0.3.2","v0.3.3","v0.4.0","v0.5.0","v0.5.1","v0.6.0","v0.6.1","v0.6.2","v0.6.3","v0.6.4","v0.7.0","v0.7.0-rc1","v0.7.1","v0.7.2","v0.8.0","v0.8.0-rc1","v0.8.0-rc2","v0.8.0-rc3","v0.8.1","v0.8.2","v0.8.3","v0.9.0","v0.9.0-rc1","v0.9.0-rc2","v0.9.1","v0.9.2","v0.9.3"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-23652.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:H"}]}