CVE-2024-7625: Nomad Vulnerable to Allocation Directory Escape On Non-Existing File Paths Through Archive Unpacking

August 15, 2024 (updated September 25, 2024)

In HashiCorp Nomad and Nomad Enterprise from 0.6.1 up to 1.6.13, 1.7.10, and 1.8.2, the archive unpacking process is vulnerable to writes outside the allocation directory during migration of allocation directories when multiple archive headers target the same file. This vulnerability, CVE-2024-7625, is fixed in Nomad 1.6.14, 1.7.11, and 1.8.3. Access or compromise of the Nomad client agent at the source allocation first is a prerequisite for leveraging this vulnerability.

References

discuss.hashicorp.com/t/hcsec-2024-17-nomad-vulnerable-to-allocation-directory-escape-on-non-existing-file-paths-through-archive-unpacking/69293
github.com/advisories/GHSA-25qx-vfw2-fw8r
nvd.nist.gov/vuln/detail/CVE-2024-7625

Detect and mitigate CVE-2024-7625 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →