The classic builder cache system is prone to cache poisoning if the image is builtFROM scratch.
Also, changes to some instructions (most important beingHEALTHCHECK andONBUILD) would not cause a cache miss.

An attacker with the knowledge of the Dockerfile someone is using could poison their cache by making them pull a specially crafted image that would be considered as a valid cache candidate for some build steps.

For example, an attacker could create an image that is considered as a valid cache candidate for:

FROM scratchMAINTAINER Pawel

when in fact the malicious image used as a cache would be an image built from a different Dockerfile.

In the second case, the attacker could for example substitute a differentHEALTCHECK command.

Impact

23.0+ users are only affected if they explicitly opted out of Buildkit (DOCKER_BUILDKIT=0 environment variable) or are using the/build API endpoint (which uses the classic builder by default).

All users on versions older than 23.0 could be impacted. An example could be a CI with a shared cache, or just a regular Docker user pulling a malicious image due to misspelling/typosquatting.

Image build API endpoint (/build) andImageBuild function fromgithub.com/docker/docker/client is also affected as it the uses classic builder by default.

Patches

Patches are included in Moby releases:

• v25.0.2
• v24.0.9
• v23.0.10

Workarounds

• Use--no-cache or use Buildkit if possible (DOCKER_BUILDKIT=1, it's default on 23.0+ assuming that the buildx plugin is installed).
• UseVersion = types.BuilderBuildKit orNoCache = true inImageBuildOptions forImageBuild call.

References

• GHSA-xw73-rw38-6vjc
• https://nvd.nist.gov/vuln/detail/CVE-2024-24557
• moby/moby@3e230cf
• moby/moby@fca702d
• moby/moby@fce6e0c