8.6 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
9.3 High
AI Score
Confidence
High
0.051 Low
EPSS
Percentile
93.0%
Snyk has discovered a vulnerability in all versions of runc <=1.1.11, as used by the Docker engine, along with other containerization technologies such as Kubernetes. Exploitation of this issue can result in container escape to the underlying host OS, either through executing a malicious image or building an image using a malicious Dockerfile or upstream image (i.e., when using FROM). This issue has been assigned the CVE-2024-21626.
runc
runtime was updated to 1.1.12 in Talos v1.5.6 and v1.6.4.
Inspect the workloads running on the cluster to make sure they are not trying to exploit the vulnerability.
CPE | Name | Operator | Version |
---|---|---|---|
github.com/siderolabs/talos | lt | 1.5.6 | |
github.com/siderolabs/talos | lt | 1.6.4 |
8.6 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
9.3 High
AI Score
Confidence
High
0.051 Low
EPSS
Percentile
93.0%