CVE-2024-45496 is a flaw in Red Hat OpenShift Container Platform affecting the ose-openshift-controller-manager-container build process. During build initialization, the git-clone container is started with a privileged security context. Because this elevated privilege is insufficiently restricted, an attacker with developer-level access can supply a crafted .gitconfig file containing commands that are executed during the repository cloning process. This can result in arbitrary command execution on the underlying worker node and may enable compromise of the node hosting the build workload.
Mallory correlates every CVE against your assets, your vendors, and active adversary campaigns. Know which vulnerabilities matter for you, not just which ones are loud.
What it means. What to do now. Patch path, mitigations, and the assume-compromise checklist.
What an attacker gets, and what they’ve been doing with it.
If you can’t patch tonight, do this now.
Patch, then assume compromise.
1 valid exploit after Mallory filtered fakes, detection scripts, and README-only repos (1 hidden).
Repository contains only three files: .gitattributes, a minimal Dockerfile, and a readme.md that provides the actual exploit steps and payload. The core technique is a supply-chain/CI attack: .gitattributes assigns the Dockerfile to a custom git filter (filter=dockerfile). The attacker then supplies a malicious .gitconfig (injected into an OpenShift build via sourceSecret) defining filter.dockerfile.smudge as a long shell command. When the build system performs a git checkout, Git applies the smudge filter to the Dockerfile, executing attacker-controlled commands. The smudge payload attempts a host escape by mounting /dev/vda4 to /mnt/h and writing into Fedora CoreOS ostree deployment paths. It drops a base64-decoded bash agent (agent.sh) and establishes persistence by replacing /usr/local/bin/kubenswrapper on the host with a wrapper that starts the agent in the background and then executes the original binary (renamed to kubenswrapper.real). The agent implements a simple command channel: it repeatedly finds a running docker-build container via crictl, derives a host path under /var/lib/kubelet/pods/.../buildworkdir, scans input files for a 'helloworld:' prefix, evals the remainder as a shell command, and writes the output to OUTPUT.txt for retrieval in subsequent builds/logs (the Dockerfile cats /OUTPUT.txt). Overall purpose: demonstrate CVE-2024-45496 exploitation in an OpenShift build context by turning git checkout into code execution, then pivoting to node persistence and command execution via build artifacts.
2 sources tracked across advisories, community write-ups, and news. New activity surfaces here as Mallory finds it.
A critical vulnerability in Red Hat OpenShift Container Platform 4's ose-openshift-controller-manager-container that allows arbitrary code execution on an OpenShift node and potential node takeover due to insufficient restrictions on elevated privileges. Exploitation requires developer-level access.
A critical vulnerability in Red Hat OpenShift Container Platform 4's ose-openshift-controller-manager-container that allows arbitrary code execution on an OpenShift node and potential node takeover due to insufficient restrictions on elevated privileges. Exploitation requires developer-level access.
Query your assets running an affected version, and investigate the blast radius.
Every observed campaign linking this CVE to a named adversary.
Malware families riding this exploit, with evidence and IOCs.
YARA, Sigma, Snort, and vendor rules, auto-deployed to your SIEM.
Cross-references every affected SKU, including bundled OEM variants.
Community discussion across Reddit, Mastodon, and other social sources.