8.6
CVE-2024-21626
- EPSS 18.09%
- Veröffentlicht 31.01.2024 22:15:53
- Zuletzt bearbeitet 30.06.2026 02:16:24
- Quelle security-advisories@github.com
- CVE-Watchlists
- Unerledigt
runc container breakout through process.cwd trickery and leaked fds
runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. In runc 1.1.11 and earlier, due to an internal file descriptor leak, an attacker could cause a newly-spawned container process (from runc exec) to have a working directory in the host filesystem namespace, allowing for a container escape by giving access to the host filesystem ("attack 2"). The same attack could be used by a malicious image to allow a container process to gain access to the host filesystem through runc run ("attack 1"). Variants of attacks 1 and 2 could be also be used to overwrite semi-arbitrary host binaries, allowing for complete container escapes ("attack 3a" and "attack 3b"). runc 1.1.12 includes patches for this issue.Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linuxfoundation ≫ Runc Version < 1.1.12
Fedoraproject ≫ Fedora Version39
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 18.09% | 0.968 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 8.6 | 1.8 | 6 |
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
|
| security-advisories@github.com | 8.6 | 1.8 | 6 |
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
|
| 0b0ca135-0b70-47e7-9f44-1890c2a1c46c | 8.6 | 1.8 | 6 |
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
|
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
CWE-403 Exposure of File Descriptor to Unintended Control Sphere ('File Descriptor Leak')
A process does not close sensitive file descriptors before invoking a child process, which allows the child to perform unauthorized I/O operations using those descriptors.
CWE-668 Exposure of Resource to Wrong Sphere
The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.
Für Zugriff zu Vulnerability Intelligence ist ein VulnDex Zugang erforderlich.
http://www.openwall.com/lists/oss-security/2024/02/01/1
http://www.openwall.com/lists/oss-security/2024/02/02/3
https://lists.debian.org/debian-lts-announce/2024/02/msg00005.html
http://packetstormsecurity.com/files/176993/runc-1.1.11-File-Descriptor-Leak-Privilege-Escalation.html
https://github.com/opencontainers/runc/commit/02120488a4c0fc487d1ed2867e901eeed7ce8ecf
https://github.com/opencontainers/runc/releases/tag/v1.1.12
https://github.com/opencontainers/runc/security/advisories/GHSA-xr7r-f8xq-vfvv
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2NLXNE23Q5ESQUAI22Z7A63JX2WMPJ2J/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SYMO3BANINS6RGFQFKPRG4FIOJ7GWYTL/
https://www.vicarius.io/vsociety/posts/leaky-vessels-part-1-cve-2024-21626
https://access.redhat.com/errata/RHSA-2025:0115
https://access.redhat.com/errata/RHSA-2025:2441
https://access.redhat.com/errata/RHSA-2025:2701
https://access.redhat.com/errata/RHSA-2025:2710
https://access.redhat.com/security/cve/CVE-2024-21626
https://bugzilla.redhat.com/show_bug.cgi?id=2258725
https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-21626.json
https://access.redhat.com/errata/RHSA-2024:0645
https://access.redhat.com/errata/RHSA-2024:0662
https://access.redhat.com/errata/RHSA-2024:0666
https://access.redhat.com/errata/RHSA-2024:0670
https://access.redhat.com/errata/RHSA-2024:0684
https://access.redhat.com/errata/RHSA-2024:0717
https://access.redhat.com/errata/RHSA-2024:0748
https://access.redhat.com/errata/RHSA-2024:0752
https://access.redhat.com/errata/RHSA-2024:0755
https://access.redhat.com/errata/RHSA-2024:0756
https://access.redhat.com/errata/RHSA-2024:0757
https://access.redhat.com/errata/RHSA-2024:0758
https://access.redhat.com/errata/RHSA-2024:0759
https://access.redhat.com/errata/RHSA-2024:0760
https://access.redhat.com/errata/RHSA-2024:0764
https://access.redhat.com/errata/RHSA-2024:10149
https://access.redhat.com/errata/RHSA-2024:10520
https://access.redhat.com/errata/RHSA-2024:10525
https://access.redhat.com/errata/RHSA-2024:10841
https://access.redhat.com/errata/RHSA-2024:1270
https://access.redhat.com/errata/RHSA-2024:4597
https://access.redhat.com/errata/RHSA-2025:0650
https://access.redhat.com/errata/RHSA-2025:1711