CVE-2024-24557 Overview
CVE-2024-24557 is a cache poisoning vulnerability in Moby, the open-source project created by Docker to enable software containerization. The classic builder cache system is susceptible to cache poisoning attacks when images are built FROM scratch. Additionally, changes to certain instructions—most critically HEALTHCHECK and ONBUILD—fail to trigger a cache miss, allowing attackers to inject malicious content into the build process.
An attacker with knowledge of a target's Dockerfile could poison their cache by tricking them into pulling a specially crafted image that would be incorrectly recognized as a valid cache candidate for certain build steps. This vulnerability enables potential supply chain attacks against containerized applications.
Critical Impact
Attackers can poison Docker build caches to inject malicious code into container images, potentially compromising entire software supply chains and production environments.
Affected Products
- Moby versions prior to 24.0.9
- Moby versions 25.0.0 to 25.0.1
- Docker 23.0+ users who explicitly disabled BuildKit (DOCKER_BUILDKIT=0)
Discovery Timeline
- 2024-02-01 - CVE-2024-24557 published to NVD
- 2024-11-21 - Last updated in NVD database
Technical Details for CVE-2024-24557
Vulnerability Analysis
This vulnerability affects the classic builder component in Moby/Docker, specifically the cache validation mechanism used during image builds. The flaw exists in how the builder determines cache validity for build layers, failing to properly validate certain instruction changes that should invalidate cached layers.
The vulnerability is classified under CWE-345 (Insufficient Verification of Data Authenticity) and CWE-346 (Origin Validation Error), indicating fundamental issues in how the build system authenticates and validates cached content origins.
Users on version 23.0 and later are affected only if they explicitly opted out of BuildKit by setting the DOCKER_BUILDKIT=0 environment variable or by directly using the /build API endpoint. All users on versions older than 23.0 are potentially impacted, as the classic builder is the default.
Root Cause
The root cause lies in the classic builder's insufficient verification of image authenticity and cache candidate validation. When building images FROM scratch, the cache system fails to properly verify the origin and integrity of cached layers. Furthermore, specific Dockerfile instructions (HEALTHCHECK and ONBUILD) do not properly invalidate the cache when modified, allowing attackers to substitute malicious cached layers.
The ImageBuild function from github.com/docker/docker/client and the /build API endpoint are both affected as they use the classic builder by default.
Attack Vector
The attack requires local access and user interaction—specifically, the victim must pull a malicious image crafted by the attacker. The attacker must have prior knowledge of the target's Dockerfile to create a poisoned image that will be accepted as a valid cache candidate.
The attack flow involves:
- Attacker analyzes target's Dockerfile
- Attacker creates a malicious image designed to match cache criteria
- Victim pulls the attacker's image (via deception or compromised registry)
- During subsequent builds, the poisoned cache is used instead of legitimate layers
// Security patch adding OCI image spec import for improved validation
// Source: https://github.com/moby/moby/commit/3e230cfdcc989dc524882f6579f9e0dac77400ae
"github.com/docker/docker/image"
"github.com/docker/docker/layer"
"github.com/opencontainers/go-digest"
+ ocispec "github.com/opencontainers/image-spec/specs-go/v1"
)
const (
The patch introduces the OCI image specification (ocispec) to improve validation of image origins and authenticity during cache operations.
Detection Methods for CVE-2024-24557
Indicators of Compromise
- Unexpected images appearing in local Docker image cache without explicit pull commands
- Build logs showing cache hits for layers that should have been rebuilt
- Changes to HEALTHCHECK or ONBUILD instructions not triggering rebuilds
- Anomalous network connections during image pull operations
Detection Strategies
- Audit Docker build logs for unexpected cache hit patterns on HEALTHCHECK and ONBUILD layers
- Monitor for use of the classic builder via DOCKER_BUILDKIT=0 environment variable in build pipelines
- Implement image signing and verification using Docker Content Trust or Sigstore
- Review /build API endpoint usage and ensure BuildKit is enabled where supported
Monitoring Recommendations
- Enable verbose logging for Docker daemon to capture detailed build cache operations
- Monitor container registry activity for unauthorized or suspicious image pushes
- Implement runtime security monitoring for containers built from potentially compromised images
- Track environment variable configurations across CI/CD pipelines for DOCKER_BUILDKIT=0 usage
How to Mitigate CVE-2024-24557
Immediate Actions Required
- Upgrade to Moby/Docker version 24.0.9 or 25.0.2 immediately
- Enable BuildKit by ensuring DOCKER_BUILDKIT=1 is set in build environments
- Audit existing container images for potential compromise
- Review and secure image pull sources and registry configurations
Patch Information
Patches addressing this vulnerability are included in Moby releases 24.0.9 and 25.0.2. The fix improves cache validation by incorporating OCI image specification standards for better origin verification. Apply the patch by upgrading Docker/Moby to the patched versions.
For detailed patch information, see the GitHub Security Advisory and the commit implementing the fix.
Workarounds
- Enable BuildKit explicitly by setting DOCKER_BUILDKIT=1 in your environment
- Use --no-cache flag during builds to bypass potentially poisoned cache
- Avoid pulling untrusted or unverified images before building
- Implement Docker Content Trust for image signature verification
# Configuration example - Enable BuildKit and disable cache for secure builds
export DOCKER_BUILDKIT=1
# Build with no cache to avoid potential cache poisoning
docker build --no-cache -t myapp:latest .
# Enable Docker Content Trust for image verification
export DOCKER_CONTENT_TRUST=1
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
