Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
  • Products

    Top Products

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Products

    Downloads and Containers

    • Downloads
    • Packages
    • Containers

    Top Resources

    • Documentation
    • Product Life Cycles
    • Product Compliance
    • Errata
  • Knowledge

    Red Hat Knowledge Center

    • Knowledgebase Solutions
    • Knowledgebase Articles
    • Customer Portal Labs
    • Errata

    Top Product Docs

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Product Docs

    Training and Certification

    • About
    • Course Index
    • Certification Index
    • Skill Assessment
  • Security

    Red Hat Product Security Center

    • Security Updates
    • Security Advisories
    • Red Hat CVE Database
    • Errata

    References

    • Security Bulletins
    • Security Measurement
    • Severity Ratings
    • Security Data

    Top Resources

    • Security Labs
    • Backporting Policies
    • Security Blog
  • Support

    Red Hat Support

    • Support Cases
    • Troubleshoot
    • Get Support
    • Contact Red Hat Support

    Red Hat Community Support

    • Customer Portal Community
    • Community Discussions
    • Red Hat Accelerator Program

    Top Resources

    • Product Life Cycles
    • Customer Portal Labs
    • Red Hat JBoss Supported Configurations
    • Red Hat Insights
Or troubleshoot an issue.

Select Your Language

  • English
  • Français
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift
  • Red Hat OpenShift AI
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat build of Keycloak
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Application Foundations
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
All Products
Red Hat Product Errata RHSA-2024:8708 - Security Advisory
Issued:
2024-10-31
Updated:
2024-10-31

RHSA-2024:8708 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: buildah security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for buildah is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a Dockerfile; Build both Docker and OCI images.

Security Fix(es):

  • buildah: Buildah allows arbitrary directory mount (CVE-2024-9675)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.2 x86_64
  • Red Hat Enterprise Linux Server - AUS 9.2 x86_64
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.2 s390x
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.2 ppc64le
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.2 aarch64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.2 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.2 x86_64
  • Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.2 aarch64
  • Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.2 s390x

Fixes

  • BZ - 2317458 - CVE-2024-9675 buildah: Buildah allows arbitrary directory mount

CVEs

  • CVE-2024-9675

References

  • https://access.redhat.com/security/updates/classification/#important
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.2

SRPM
buildah-1.29.4-1.el9_2.src.rpm SHA-256: 007ce6c3325dac0d3327545957804ebcef37829fe5f56432e98988a8b5131264
x86_64
buildah-1.29.4-1.el9_2.x86_64.rpm SHA-256: c7f8aec4e125277f38207164c2bc06034bd63108d552c0346eaff604f7d41644
buildah-debuginfo-1.29.4-1.el9_2.x86_64.rpm SHA-256: 08e27c3cb4f3e6be9b6c59eae67765c4ee5e756aed7421d083edb70a109fc428
buildah-debugsource-1.29.4-1.el9_2.x86_64.rpm SHA-256: 376768c40ed4aefee627d1217a333855690fe6aa937c588e84ccb4f5c5a9e914
buildah-tests-1.29.4-1.el9_2.x86_64.rpm SHA-256: 595a986a1cbb19e733f9a7739f084da601c86440b4de4f48030cccaa1ac6968b
buildah-tests-debuginfo-1.29.4-1.el9_2.x86_64.rpm SHA-256: f8d278f197f701f913970f84a086efffd7b313e0c37ff0b980c15bb045dbe5b4

Red Hat Enterprise Linux Server - AUS 9.2

SRPM
buildah-1.29.4-1.el9_2.src.rpm SHA-256: 007ce6c3325dac0d3327545957804ebcef37829fe5f56432e98988a8b5131264
x86_64
buildah-1.29.4-1.el9_2.x86_64.rpm SHA-256: c7f8aec4e125277f38207164c2bc06034bd63108d552c0346eaff604f7d41644
buildah-debuginfo-1.29.4-1.el9_2.x86_64.rpm SHA-256: 08e27c3cb4f3e6be9b6c59eae67765c4ee5e756aed7421d083edb70a109fc428
buildah-debugsource-1.29.4-1.el9_2.x86_64.rpm SHA-256: 376768c40ed4aefee627d1217a333855690fe6aa937c588e84ccb4f5c5a9e914
buildah-tests-1.29.4-1.el9_2.x86_64.rpm SHA-256: 595a986a1cbb19e733f9a7739f084da601c86440b4de4f48030cccaa1ac6968b
buildah-tests-debuginfo-1.29.4-1.el9_2.x86_64.rpm SHA-256: f8d278f197f701f913970f84a086efffd7b313e0c37ff0b980c15bb045dbe5b4

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.2

SRPM
buildah-1.29.4-1.el9_2.src.rpm SHA-256: 007ce6c3325dac0d3327545957804ebcef37829fe5f56432e98988a8b5131264
s390x
buildah-1.29.4-1.el9_2.s390x.rpm SHA-256: 33cd13b6cf874283e755765bcba7ba1d613de7e542c4369696fde8abeb117196
buildah-debuginfo-1.29.4-1.el9_2.s390x.rpm SHA-256: 68fb7e74c351a6a79168a22cbbf592ad03c50e6cead81b0cf4ceb3557234f27b
buildah-debugsource-1.29.4-1.el9_2.s390x.rpm SHA-256: 889111532aaaa23b58dda874fe2ca733e1ee6fef579c8b10da3d82e2445cff4b
buildah-tests-1.29.4-1.el9_2.s390x.rpm SHA-256: c51ea434d3f933b25b1635aab92c8cb55b6e20567b2ac2c02e0d40b80a87cc5e
buildah-tests-debuginfo-1.29.4-1.el9_2.s390x.rpm SHA-256: 2d7158bae2cf267338211ae5dd4e8b9024cd5e13fd596a5678911bb9c601002e

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.2

SRPM
buildah-1.29.4-1.el9_2.src.rpm SHA-256: 007ce6c3325dac0d3327545957804ebcef37829fe5f56432e98988a8b5131264
ppc64le
buildah-1.29.4-1.el9_2.ppc64le.rpm SHA-256: aced9dd7564e2a5d2b4c582cbd4ce2526eff6265617200a74ee7de122df5aa0d
buildah-debuginfo-1.29.4-1.el9_2.ppc64le.rpm SHA-256: a5b381bc0aba57c75ede13b779b819b35ddc8d165f2a220270758b24d85111ea
buildah-debugsource-1.29.4-1.el9_2.ppc64le.rpm SHA-256: 438da367447910a905b17cff191f02fec07487703ee103995f11ba936cb2fcdf
buildah-tests-1.29.4-1.el9_2.ppc64le.rpm SHA-256: 6dba5baeed4de78bb430e24d7ae35021c5ab718884e8af12e1f5a9effd3966a3
buildah-tests-debuginfo-1.29.4-1.el9_2.ppc64le.rpm SHA-256: 18e1e02bef5141ee27d4d6bada36b0a14601c0a42c6bd8f57d3dcbdea8ce58fc

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.2

SRPM
buildah-1.29.4-1.el9_2.src.rpm SHA-256: 007ce6c3325dac0d3327545957804ebcef37829fe5f56432e98988a8b5131264
aarch64
buildah-1.29.4-1.el9_2.aarch64.rpm SHA-256: a5c5a9c0e87a70a4552841a3793a8db1a88cf786296e6b31d4da200058b79e2d
buildah-debuginfo-1.29.4-1.el9_2.aarch64.rpm SHA-256: 7e68fbcb656d058c6ff28f241237b7ff2211c8145ace1b4e19ec12d7d5cf2ed8
buildah-debugsource-1.29.4-1.el9_2.aarch64.rpm SHA-256: 1e24b153db42b39224be9c392cd0a31f91838a7354944b52012732a078371436
buildah-tests-1.29.4-1.el9_2.aarch64.rpm SHA-256: 3cb70af12bbc1ff1c54065e5accc9fadf4a9485e9aac579d1e4a56751bc5e0c7
buildah-tests-debuginfo-1.29.4-1.el9_2.aarch64.rpm SHA-256: 8905d36a13e5381541acd60550b5b013d8d01d5c1c19946880aaa5ff859f0e17

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.2

SRPM
buildah-1.29.4-1.el9_2.src.rpm SHA-256: 007ce6c3325dac0d3327545957804ebcef37829fe5f56432e98988a8b5131264
ppc64le
buildah-1.29.4-1.el9_2.ppc64le.rpm SHA-256: aced9dd7564e2a5d2b4c582cbd4ce2526eff6265617200a74ee7de122df5aa0d
buildah-debuginfo-1.29.4-1.el9_2.ppc64le.rpm SHA-256: a5b381bc0aba57c75ede13b779b819b35ddc8d165f2a220270758b24d85111ea
buildah-debugsource-1.29.4-1.el9_2.ppc64le.rpm SHA-256: 438da367447910a905b17cff191f02fec07487703ee103995f11ba936cb2fcdf
buildah-tests-1.29.4-1.el9_2.ppc64le.rpm SHA-256: 6dba5baeed4de78bb430e24d7ae35021c5ab718884e8af12e1f5a9effd3966a3
buildah-tests-debuginfo-1.29.4-1.el9_2.ppc64le.rpm SHA-256: 18e1e02bef5141ee27d4d6bada36b0a14601c0a42c6bd8f57d3dcbdea8ce58fc

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.2

SRPM
buildah-1.29.4-1.el9_2.src.rpm SHA-256: 007ce6c3325dac0d3327545957804ebcef37829fe5f56432e98988a8b5131264
x86_64
buildah-1.29.4-1.el9_2.x86_64.rpm SHA-256: c7f8aec4e125277f38207164c2bc06034bd63108d552c0346eaff604f7d41644
buildah-debuginfo-1.29.4-1.el9_2.x86_64.rpm SHA-256: 08e27c3cb4f3e6be9b6c59eae67765c4ee5e756aed7421d083edb70a109fc428
buildah-debugsource-1.29.4-1.el9_2.x86_64.rpm SHA-256: 376768c40ed4aefee627d1217a333855690fe6aa937c588e84ccb4f5c5a9e914
buildah-tests-1.29.4-1.el9_2.x86_64.rpm SHA-256: 595a986a1cbb19e733f9a7739f084da601c86440b4de4f48030cccaa1ac6968b
buildah-tests-debuginfo-1.29.4-1.el9_2.x86_64.rpm SHA-256: f8d278f197f701f913970f84a086efffd7b313e0c37ff0b980c15bb045dbe5b4

Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.2

SRPM
buildah-1.29.4-1.el9_2.src.rpm SHA-256: 007ce6c3325dac0d3327545957804ebcef37829fe5f56432e98988a8b5131264
aarch64
buildah-1.29.4-1.el9_2.aarch64.rpm SHA-256: a5c5a9c0e87a70a4552841a3793a8db1a88cf786296e6b31d4da200058b79e2d
buildah-debuginfo-1.29.4-1.el9_2.aarch64.rpm SHA-256: 7e68fbcb656d058c6ff28f241237b7ff2211c8145ace1b4e19ec12d7d5cf2ed8
buildah-debugsource-1.29.4-1.el9_2.aarch64.rpm SHA-256: 1e24b153db42b39224be9c392cd0a31f91838a7354944b52012732a078371436
buildah-tests-1.29.4-1.el9_2.aarch64.rpm SHA-256: 3cb70af12bbc1ff1c54065e5accc9fadf4a9485e9aac579d1e4a56751bc5e0c7
buildah-tests-debuginfo-1.29.4-1.el9_2.aarch64.rpm SHA-256: 8905d36a13e5381541acd60550b5b013d8d01d5c1c19946880aaa5ff859f0e17

Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.2

SRPM
buildah-1.29.4-1.el9_2.src.rpm SHA-256: 007ce6c3325dac0d3327545957804ebcef37829fe5f56432e98988a8b5131264
s390x
buildah-1.29.4-1.el9_2.s390x.rpm SHA-256: 33cd13b6cf874283e755765bcba7ba1d613de7e542c4369696fde8abeb117196
buildah-debuginfo-1.29.4-1.el9_2.s390x.rpm SHA-256: 68fb7e74c351a6a79168a22cbbf592ad03c50e6cead81b0cf4ceb3557234f27b
buildah-debugsource-1.29.4-1.el9_2.s390x.rpm SHA-256: 889111532aaaa23b58dda874fe2ca733e1ee6fef579c8b10da3d82e2445cff4b
buildah-tests-1.29.4-1.el9_2.s390x.rpm SHA-256: c51ea434d3f933b25b1635aab92c8cb55b6e20567b2ac2c02e0d40b80a87cc5e
buildah-tests-debuginfo-1.29.4-1.el9_2.s390x.rpm SHA-256: 2d7158bae2cf267338211ae5dd4e8b9024cd5e13fd596a5678911bb9c601002e

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat LinkedIn YouTube Facebook X, formerly Twitter

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

Red Hat legal and privacy links

  • About Red Hat
  • Jobs
  • Events
  • Locations
  • Contact Red Hat
  • Red Hat Blog
  • Inclusion at Red Hat
  • Cool Stuff Store
  • Red Hat Summit
© 2025 Red Hat

Red Hat legal and privacy links

  • Privacy statement
  • Terms of use
  • All policies and guidelines
  • Digital accessibility