Alpine: multiple docker packages: security update to 25.0.2-r0

critical Tenable Cloud Security Plugin ID 427152

Description

There are packages installed that are affected by multiple vulnerabilities referenced in the following CVEs:

- BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and
repeatable manner. In addition to running containers as build steps, BuildKit also provides APIs for
running interactive containers based on built images. It was possible to use these APIs to ask BuildKit to
run a container with elevated privileges. Normally, running such containers is only allowed if special
`security.insecure` entitlement is enabled both by buildkitd configuration and allowed by the user
initializing the build request. The issue has been fixed in v0.12.5 . Avoid using BuildKit frontends from
untrusted sources. (CVE-2024-23653)

- BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and
repeatable manner. A malicious BuildKit client or frontend could craft a request that could lead to
BuildKit daemon crashing with a panic. The issue has been fixed in v0.12.5. As a workaround, avoid using
BuildKit frontends from untrusted sources. (CVE-2024-23650)

- BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and
repeatable manner. Two malicious build steps running in parallel sharing the same cache mounts with
subpaths could cause a race condition that can lead to files from the host system being accessible to the
build container. The issue has been fixed in v0.12.5. Workarounds include, avoiding using BuildKit
frontend from an untrusted source or building an untrusted Dockerfile containing cache mounts with
--mount=type=cache,source=... options. (CVE-2024-23651)

- BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and
repeatable manner. A malicious BuildKit frontend or Dockerfile using RUN --mount could trick the feature
that removes empty files created for the mountpoints into removing a file outside the container, from the
host system. The issue has been fixed in v0.12.5. Workarounds include avoiding using BuildKit frontends
from an untrusted source or building an untrusted Dockerfile containing RUN --mount feature.
(CVE-2024-23652)

See Also

https://security.alpinelinux.org/vuln/CVE-2024-23650

https://security.alpinelinux.org/vuln/CVE-2024-23651

https://security.alpinelinux.org/vuln/CVE-2024-23652

https://security.alpinelinux.org/vuln/CVE-2024-23653

https://security.alpinelinux.org/vuln/CVE-2024-24557

https://security.alpinelinux.org/vuln/CVE-2024-29018

Plugin Details

Severity: Critical

ID: 427152

Version: Revision 1.6

Type: Local

Published: 5/16/2025

Updated: 1/5/2026

Supported Sensors: Agentless Assessment

Risk Information

VPR

Risk Factor: Medium

Score: 6.9

Percentile: 97.07

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2024-23653

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 8.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 1/31/2024

Reference Information

CVE: CVE-2024-23650, CVE-2024-23651, CVE-2024-23652, CVE-2024-23653, CVE-2024-24557, CVE-2024-29018

IAVA: 2024-A-0071