CVE-2024-36621

Published: Nov 29, 2024

Modified: Dec 4, 2024

PUBLISHED

Description

moby v25.0.5 is affected by a Race Condition in builder/builder-next/adapters/snapshot/layer.go. The vulnerability could be used to trigger concurrent builds that call the EnsureLayer function resulting in resource leaks/exhaustion.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/moby/moby/commit/37545cc644344dcb576cba67eb7b6f51a463d31e

https://github.com/moby/moby/blob/v25.0.5/builder/builder-next/adapters/snapshot/layer.go#L24

https://gist.github.com/1047524396/5d44459edab5fafcdf86b43909b81135

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2024-36621

Description

Affected Products

References