CVE-2021-3602: An information disclosure flaw was found in Buildah, when building containers using chroot isolation. Running processes in container builds (e.g. Dockerfile…

CVE-2021-3602 Environment variable leakage in github.com/containers/buildah Environment variable leakage in github.com/containers/buildah The RunUsingChroot function unintentionally propagates environment variables from the current process to the child process.

CVE-2021-3602 [MEDIUM] CVE-2021-3602: An information disclosure flaw was found in Buildah, when building containers using chroot isolation An information disclosure flaw was found in Buildah, when building containers using chroot isolation. Running processes in container builds (e.g. Dockerfile RUN commands) can access environment variables from parent and grandparent processes. When run in a container in a CI/CD environment, environment variables may include sensitive information that was shared with the container in order to be used only by Buildah itself (e.g. container registry credentials).

CVE-2021-3602 [MEDIUM] Buildah processes using chroot isolation may leak environment values to intermediate processes Buildah processes using chroot isolation may leak environment values to intermediate processes ### Impact When running processes using "chroot" isolation, the process being run can examine the environment variables of its immediate parent and grandparent processes (CVE-2021-3602). This isolation type is often used when running `buildah` in unprivileged containers, and it is often used to do so in CI/CD environments. If sensitive information is exposed to the original `buildah` process through its environment, that information will unintentionally be shared with child processes which it starts as part of handling RUN instructions or during `buildah run`. The commands that `buildah` is instructed to run can read that information if they choose to. ### Patches Users should upgrade packages,

CVE-2021-3602 [MEDIUM] CWE-200 Buildah processes using chroot isolation may leak environment values to intermediate processes Buildah processes using chroot isolation may leak environment values to intermediate processes ### Impact When running processes using "chroot" isolation, the process being run can examine the environment variables of its immediate parent and grandparent processes (CVE-2021-3602). This isolation type is often used when running `buildah` in unprivileged containers, and it is often used to do so in CI/CD environments. If sensitive information is exposed to the original `buildah` process through its environment, that information will unintentionally be shared with child processes which it starts as part of handling RUN instructions or during `buildah run`. The commands that `buildah` is instructed to run can read that information if they choose to. ### Patches Users should upgrade packages,

CVE-2021-3602 [MEDIUM] CWE-212 An information disclosure flaw was found in Buildah when building containers using chroot isolation. Running processes in container builds (e.g. Dockerfile RUN commands) can access environment variabl An information disclosure flaw was found in Buildah when building containers using chroot isolation. Running processes in container builds (e.g. Dockerfile RUN commands) can access environment variables from parent and grandparent processes. When run in a container in a CI/CD environment environment variables may include sensitive information that was shared with the container in order to be used only by Buildah itself (e.g. container registry credentials). FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source li

CVE-2021-3602 [MEDIUM] CWE-200 buildah: Host environment variables leaked in build container when using chroot isolation buildah: Host environment variables leaked in build container when using chroot isolation An information disclosure flaw was found in Buildah, when building containers using chroot isolation. Running processes in container builds (e.g. Dockerfile RUN commands) can access environment variables from parent and grandparent processes. When run in a container in a CI/CD environment, environment variables may include sensitive information that was shared with the container in order to be used only by Buildah itself (e.g. container registry credentials). An information disclosure flaw was found in Buildah, when building containers using chroot isolation. Running processes in container builds (e.g. Dockerfile RUN commands) can access environment variables from parent and grandparent processes. W

CVE-2021-3602 [MEDIUM] CVE-2021-3602: golang-github-containers-buildah - An information disclosure flaw was found in Buildah, when building containers us... An information disclosure flaw was found in Buildah, when building containers using chroot isolation. Running processes in container builds (e.g. Dockerfile RUN commands) can access environment variables from parent and grandparent processes. When run in a container in a CI/CD environment, environment variables may include sensitive information that was shared with the container in order to be used only by Buildah itself (e.g. container registry credentials). Scope: local bookworm: resolved (fixed in 1.22.3+ds1-1) bullseye: open forky: resolved (fixed in 1.22.3+ds1-1) sid: resolved (fixed in 1.22.3+ds1-1) trixie: resolved (fixed in 1.22.3+ds1-1)

CVE-2022-3602 7th November– Threat Intelligence Report Latest Publications CPR Podcast Channel AI Research Web 3.0 Security Intelligence Reports ThreatCloud AI Threat Intelligence & Research Zero Day Protection Sandblast File Analysis About Us SUBSCRIBE 2026 2025 2024 2023 2022 2021 2020 2019 2018 2017 2016 ## 7th November– Threat Intelligence Report For the latest discoveries in cyber research for the week of 7th November, please download our Threat Intelligence Bulletin . Top Attacks and Breaches Two European automotive companies were hit by ransomware – The German multinational group Continental was hit by LockBit ransomware gang and the breached data has been published on Lockbit’s leak site. Italian company Landi Renzo was breached by Hive. Check Point Harmony Endpoint, Anti-Bot and Threat Emulation provide pro