4.8

CVSS Score

3.1

Basic Information

CVE ID

CVE-2024-3056

GHSA ID

GHSA-rpcc-p8xm-rc6p

EPSS Score

0.46079%

CWE

CWE-400

Published

8/2/2024

Updated

12/27/2024

KEV Status

Technology

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2024-3056

CVE-2024-3056: Podman vulnerable to memory-based denial of service

A flaw was found in Podman. This issue may allow an attacker to create a specially crafted container that, when configured to share the same IPC with at least one other container, can create a large number of IPC resources in /dev/shm. The malicious container will continue to exhaust resources until it is out-of-memory (OOM) killed. While the malicious container's cgroup will be removed, the IPC resources it created are not. Those resources are tied to the IPC namespace that will not be removed until all containers using it are stopped, and one non-malicious container is holding the namespace open. The malicious container is restarted, either automatically or by attacker control, repeating the process and increasing the amount of memory consumed. With a container configured to restart always, such as podman run --restart=always, this can result in a memory-based denial of service of the system.

(GitHub Advisory)

4.8

CVSS Score

3.1

Basic Information

CVE ID

CVE-2024-3056

GHSA ID

GHSA-rpcc-p8xm-rc6p

EPSS Score

0.46079%

CWE

CWE-400

Published

8/2/2024

Updated

12/27/2024

KEV Status

Technology

Technical Details

CVSS Vector

CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H

Package Name	Ecosystem	Vulnerable Versions
github.com/containers/podman/v5	go	<= 5.2.0
github.com/containers/podman	go	<= 5.2.0
github.com/containers/podman/v2	go	<= 5.2.0
github.com/containers/podman/v3	go	<= 5.2.0
github.com/containers/podman/v4	go	<= 5.2.0

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability stems from improper IPC resource management in shared namespaces during container lifecycle events. Key functions involved in cleanup (cleanup), removeContainer and restart logic (restartWithPolicy) likely fail to detach or release IPC resources tied to namespaces held by other containers. This allows malicious containers to repeatedly exhaust memory via /dev/shm. The confidence is medium due to the absence of explicit patch details, but the functions align with described behavior in vulnerability reports and Red Hat bugzilla discussions.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

* *l*w w*s *oun* in Po*m*n. T*is issu* m*y *llow *n *tt**k*r to *r**t* * sp**i*lly *r**t** *ont*in*r t**t, w**n *on*i*ur** to s**r* t** s*m* IP* wit* *t l**st on* ot**r *ont*in*r, **n *r**t* * l*r** num**r o* IP* r*sour**s in /**v/s*m. T** m*li*ious

Reasoning

T** vuln*r**ility st*ms *rom improp*r IP* r*sour** m*n***m*nt in s**r** n*m*sp***s *urin* *ont*in*r li***y*l* *v*nts. K*y *un*tions involv** in *l**nup (`*l**nup`), r*mov**ont*in*r *n* r*st*rt lo*i* (`r*st*rtWit*Poli*y`) lik*ly **il to **t*** or r*l*

4.8

Basic Information

Concerned about an active attack path?

CVE-2024-3056: Podman vulnerable to memory-based denial of service

4.8

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability Intelligence
Miggo AI