CVE-2024-23650
published 2024-01-31CVE-2024-23650: BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. A malicious BuildKit client or frontend…
PriorityP428medium5.3CVSS 3.1
AVNACLPRNUINSUCNINAL
EPSS
0.96%
57.0th percentile
BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. A malicious BuildKit client or frontend could craft a request that could lead to BuildKit daemon crashing with a panic. The issue has been fixed in v0.12.5. As a workaround, avoid using BuildKit frontends from untrusted sources.
Affected
13 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| github.com | moby_buildkit | >= 0 < 0.12.5 | 0.12.5 |
| moby | buildkit | < 0.12.5 | 0.12.5 |
| mobyproject | buildkit | < 0.12.5 | 0.12.5 |
| msrc | azl3_docker-buildx_0.12.1-1_on_azure_linux_3.0 | — | — |
| msrc | azl3_docker-buildx_0.14.0-1_on_azure_linux_3.0 | — | — |
| msrc | azl3_docker-compose_2.24.6-2_on_azure_linux_3.0 | — | — |
| msrc | azl3_docker-compose_2.27.0-1_on_azure_linux_3.0 | — | — |
| msrc | azl3_moby-engine_20.10.25-3_on_azure_linux_3.0 | — | — |
| msrc | azl3_moby-engine_25.0.3-1_on_azure_linux_3.0 | — | — |
| msrc | cbl2_moby-compose_2.17.3-10_on_cbl_mariner_2.0 | — | — |
| msrc | cbl2_moby-compose_2.17.3-5_on_cbl_mariner_2.0 | — | — |
| msrc | cbl2_moby-engine_24.0.9-14_on_cbl_mariner_2.0 | — | — |
| msrc | cbl2_moby-engine_24.0.9-16_on_cbl_mariner_2.0 | — | — |
CVSS provenance
nvdv3.15.3MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
osv5.3MEDIUM
vendor_msrc5.3MEDIUM
vendor_redhat5.3MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
moby/buildkit: Possible race condition with accessing subpaths from cache mounts
vendor_redhat·2024-01-31·CVSS 5.3
CVE-2024-23650 [MEDIUM] CWE-754 moby/buildkit: Possible race condition with accessing subpaths from cache mounts
moby/buildkit: Possible race condition with accessing subpaths from cache mounts
BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. A malicious BuildKit client or frontend could craft a request that could lead to BuildKit daemon crashing with a panic. The issue has been fixed in v0.12.5. As a workaround, avoid using BuildKit frontends from untrusted sources.
A vulnerability was found in the Moby Builder Toolkit. A malicious BuildKit client or any frontend that can craft a request could lead to the BuildKit daemon crashing with a panic due to the lack of input validation. A frontend is usually specified as the #syntax line on a Dockerfile or with the --frontend flag when using the buildctl build command.
Mitigation: Avoi
Microsoft
BuildKit possible panic when incorrect parameters sent from frontend
vendor_msrc·2024-01-09·CVSS 5.3
CVE-2024-23650 [MEDIUM] CWE-754 BuildKit possible panic when incorrect parameters sent from frontend
BuildKit possible panic when incorrect parameters sent from frontend
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See this blog post for more information. If impact to additional products is identified, we will update the CVE to reflect this.
Mariner: Mariner
GitHub_M: GitHub_M
Customer Action Required: Yes
Remediation: CBL-Mariner Releases
Refer
OSV
Panic in github.com/moby/buildkit
osv·2024-02-12
CVE-2024-23650 Panic in github.com/moby/buildkit
Panic in github.com/moby/buildkit
A malicious BuildKit client or frontend could craft a request that could lead to a BuildKit daemon crashing with a panic.
OSV
CVE-2024-23650: BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner
osv·2024-01-31·CVSS 5.3
CVE-2024-23650 [MEDIUM] CVE-2024-23650: BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner
BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. A malicious BuildKit client or frontend could craft a request that could lead to BuildKit daemon crashing with a panic. The issue has been fixed in v0.12.5. As a workaround, avoid using BuildKit frontends from untrusted sources.
OSV
BuildKit vulnerable to possible panic when incorrect parameters sent from frontend
osv·2024-01-31
CVE-2024-23650 [MEDIUM] BuildKit vulnerable to possible panic when incorrect parameters sent from frontend
BuildKit vulnerable to possible panic when incorrect parameters sent from frontend
### Impact
A malicious BuildKit client or frontend could craft a request that could lead to BuildKit daemon crashing with a panic.
### Patches
The issue has been fixed in v0.12.5
### Workarounds
Avoid using BuildKit frontends from untrusted sources. A frontend image is usually specified as the `#syntax` line on your Dockerfile, or with `--frontend` flag when using `buildctl build` command.
### References
GHSA
BuildKit vulnerable to possible panic when incorrect parameters sent from frontend
ghsa·2024-01-31
CVE-2024-23650 [MEDIUM] CWE-754 BuildKit vulnerable to possible panic when incorrect parameters sent from frontend
BuildKit vulnerable to possible panic when incorrect parameters sent from frontend
### Impact
A malicious BuildKit client or frontend could craft a request that could lead to BuildKit daemon crashing with a panic.
### Patches
The issue has been fixed in v0.12.5
### Workarounds
Avoid using BuildKit frontends from untrusted sources. A frontend image is usually specified as the `#syntax` line on your Dockerfile, or with `--frontend` flag when using `buildctl build` command.
### References
No detection rules found.
No public exploits indexed.
https://github.com/moby/buildkit/pull/4601https://github.com/moby/buildkit/releases/tag/v0.12.5https://github.com/moby/buildkit/security/advisories/GHSA-9p26-698r-w4hxhttps://github.com/moby/buildkit/pull/4601https://github.com/moby/buildkit/releases/tag/v0.12.5https://github.com/moby/buildkit/security/advisories/GHSA-9p26-698r-w4hx
2024-01-31
Published