High severityNVD Advisory· Published Nov 29, 2024· Updated Dec 4, 2024
CVE-2024-36621
CVE-2024-36621
Description
moby v25.0.5 is affected by a Race Condition in builder/builder-next/adapters/snapshot/layer.go. The vulnerability could be used to trigger concurrent builds that call the EnsureLayer function resulting in resource leaks/exhaustion.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
github.com/moby/mobyGo | < 26.0.0 | 26.0.0 |
Affected products
49- osv-coords48 versionspkg:apk/chainguard/cmctl-1.12pkg:apk/chainguard/docker-machine-driver-harvesterpkg:apk/chainguard/kubevelapkg:apk/chainguard/kubevela-vela-clipkg:apk/chainguard/kubevela-vela-corepkg:apk/chainguard/kubevela-vela-core-compatpkg:apk/chainguard/pulumipkg:apk/chainguard/pulumi-language-gopkg:apk/chainguard/pulumi-language-nodejspkg:apk/chainguard/pulumi-language-pythonpkg:apk/chainguard/py3.10-dockerpkg:apk/chainguard/py3.11-dockerpkg:apk/chainguard/py3.12-dockerpkg:apk/chainguard/py3.13-dockerpkg:apk/chainguard/py3-dockerpkg:apk/chainguard/rancher-2.10pkg:apk/chainguard/rancher-2.11pkg:apk/chainguard/rancher-agent-2.10pkg:apk/chainguard/rancher-agent-2.8pkg:apk/chainguard/rancher-agent-2.9pkg:apk/chainguard/rancher-machinepkg:apk/chainguard/vela-clipkg:apk/chainguard/vela-corepkg:apk/wolfi/cmctl-1.12pkg:apk/wolfi/docker-machine-driver-harvesterpkg:apk/wolfi/kubevelapkg:apk/wolfi/kubevela-vela-clipkg:apk/wolfi/kubevela-vela-corepkg:apk/wolfi/kubevela-vela-core-compatpkg:apk/wolfi/pulumipkg:apk/wolfi/pulumi-language-gopkg:apk/wolfi/pulumi-language-nodejspkg:apk/wolfi/pulumi-language-pythonpkg:apk/wolfi/py3.10-dockerpkg:apk/wolfi/py3.11-dockerpkg:apk/wolfi/py3.12-dockerpkg:apk/wolfi/py3.13-dockerpkg:apk/wolfi/py3-dockerpkg:apk/wolfi/rancher-2.10pkg:apk/wolfi/rancher-2.11pkg:apk/wolfi/rancher-agent-2.10pkg:apk/wolfi/rancher-agent-2.8pkg:apk/wolfi/rancher-agent-2.9pkg:apk/wolfi/rancher-machinepkg:apk/wolfi/vela-clipkg:apk/wolfi/vela-corepkg:golang/github.com/moby/mobypkg:rpm/opensuse/govulncheck-vulndb&distro=openSUSE%20Tumbleweed
< 1.12.17-r10+ 47 more
- (no CPE)range: < 1.12.17-r10
- (no CPE)range: < 1.0.5-r0
- (no CPE)range: < 1.9.13-r2
- (no CPE)range: < 1.9.13-r2
- (no CPE)range: < 1.9.13-r2
- (no CPE)range: < 1.9.13-r2
- (no CPE)range: < 3.142.0-r1
- (no CPE)range: < 3.142.0-r1
- (no CPE)range: < 3.142.0-r1
- (no CPE)range: < 3.142.0-r1
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0.15.0.137-r0
- (no CPE)range: < 1.9.13-r2
- (no CPE)range: < 1.9.13-r2
- (no CPE)range: < 1.12.17-r10
- (no CPE)range: < 1.0.5-r0
- (no CPE)range: < 1.9.13-r2
- (no CPE)range: < 1.9.13-r2
- (no CPE)range: < 1.9.13-r2
- (no CPE)range: < 1.9.13-r2
- (no CPE)range: < 3.142.0-r1
- (no CPE)range: < 3.142.0-r1
- (no CPE)range: < 3.142.0-r1
- (no CPE)range: < 3.142.0-r1
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0.15.0.137-r0
- (no CPE)range: < 1.9.13-r2
- (no CPE)range: < 1.9.13-r2
- (no CPE)range: < 26.0.0
- (no CPE)range: < 0.0.20241209T183251-1.1
Patches
Vulnerability mechanics
References
5- github.com/advisories/GHSA-2mj3-vfvx-fc43ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2024-36621ghsaADVISORY
- gist.github.com/1047524396/5d44459edab5fafcdf86b43909b81135ghsaWEB
- github.com/moby/moby/blob/v25.0.5/builder/builder-next/adapters/snapshot/layer.goghsaWEB
- github.com/moby/moby/commit/37545cc644344dcb576cba67eb7b6f51a463d31eghsaWEB
News mentions
0No linked articles in our index yet.