BuildKit interactive containers API does not validate entitlements check

BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. In addition to running containers as build steps, BuildKit also provides APIs for running interactive containers based on built images. It was possible to use these APIs to ask BuildKit to run a container with elevated privileges. Normally, running such containers is only allowed if special `security.insecure` entitlement is enabled both by buildkitd configuration and allowed by the user initializing the build request. The issue has been fixed in v0.12.5 . Avoid using BuildKit frontends from untrusted sources.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

授权机制不正确

BuildKit 安全漏洞

BuildKit是并发、高速缓存高效且与 Dockerfile 无关的构建器工具包。 BuildKit v0.12.4版本及之前版本存在安全漏洞。攻击者利用该漏洞可以使用 API 来提升权限运行容器。

N/A

N/A