Rory McNamara discovered that runC did not properly manage internal file
descriptor while managing containers. An attacker could possibly use this
issue to obtain sensitive information or bypass container restrictions.

References

ubuntu.com/security/CVE-2024-21626

ubuntu.com/security/notices/USN-6619-1

cbl_mariner 10

nessus 55

fedora 2

amazon 1

kaspersky 2

osv 47

cvelist 1

ibm 5

openvas 16

redos 1

githubexploit 7

redhat 18

packetstorm 1

cve 1

prion 1

f5 1

almalinux 3

nvd 1

ubuntu 1

zdt 1

debiancve 1

ubuntucve 1

github 2

metasploit 1

oraclelinux 5

debian 2

mscve 1

veracode 1

rocky 1

cgr 1

alpinelinux 1

redhatcve 1

wolfi 1

photon 2

rosalinux 1

attackerkb 1

thn 1

cbl_mariner

CVE-2024-21626 affecting package kubernetes for versions less than 1.30.1-1

2024-06-21 09:32:44

CVE-2024-21626 affecting package cri-tools for versions less than 1.28.0-5

2024-02-25 03:00:06

CVE-2024-21626 affecting package moby-engine for versions less than 25.0.3-1

2024-03-19 17:21:46

nessus

RHEL 9 : runc (RHSA-2024:0756)

2024-02-08 00:00:00

AlmaLinux 9 : runc (ALSA-2024:0670)

2024-02-07 00:00:00

SUSE SLES12 Security Update : runc (SUSE-SU-2024:0328-1)

2024-02-06 00:00:00

fedora

[SECURITY] Fedora 38 Update: runc-1.1.12-1.fc38

2024-02-11 05:39:52

[SECURITY] Fedora 39 Update: runc-1.1.12-1.fc39

2024-02-06 01:18:51

amazon

Important: runc

2024-01-25 19:21:00

kaspersky

KLA64657 PE vulnerability in Microsoft Azure

2024-02-28 00:00:00

KLA64658 PE vulnerability in Microsoft Mariner

2024-02-28 00:00:00

osv

CGA-hvmc-h55q-v8m5

2024-06-06 12:26:03

CGA-rcmh-9cvp-hxqx

2024-06-06 12:26:22

CGA-c789-q27j-6mpr

2024-06-06 12:25:49

cvelist

CVE-2024-21626 runc container breakout through process.cwd trickery and leaked fds

2024-01-31 21:31:14

ibm

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a security bypass in Open Container Initiative runc [CVE-2024-21626]

2024-03-28 22:00:56

Security Bulletin: Red Hat OpenShift on IBM Cloud is affected by a runc security vulnerability (CVE-2024-21626)

2024-03-01 10:15:44

Security Bulletin: IBM Cloud Kubernetes Service is affected by a containerd security vulnerability (CVE-2024-21626)

2024-02-21 17:16:32

openvas

Huawei EulerOS: Security Advisory for docker-runc (EulerOS-SA-2024-1504)

2024-04-08 00:00:00

Huawei EulerOS: Security Advisory for docker-runc (EulerOS-SA-2024-1739)

2024-05-30 00:00:00

Huawei EulerOS: Security Advisory for docker-runc (EulerOS-SA-2024-1762)

2024-05-30 00:00:00

redos

ROS-20240410-18

2024-04-10 00:00:00

githubexploit

Exploit for CVE-2024-21626

2024-02-07 07:38:22

Exploit for Exposure of Resource to Wrong Sphere in Linuxfoundation Runc

2024-02-01 12:53:18

Exploit for Exposure of Resource to Wrong Sphere in Linuxfoundation Runc

2024-02-02 11:51:08

redhat

(RHSA-2024:0752) Important: container-tools:rhel8 security update

2024-02-08 17:22:59

(RHSA-2024:0684) Moderate: OpenShift Container Platform 4.11.58 packages and security update

2024-02-08 18:53:20

(RHSA-2024:0764) Important: container-tools:rhel8 security update

2024-02-08 19:33:15

packetstorm

runc 1.1.11 File Descriptor Leak Privilege Escalation

2024-02-05 00:00:00

cve

CVE-2024-21626

2024-01-31 22:15:53

prion

Design/Logic Flaw

2024-01-31 22:15:00

K000140043: runc vulnerability CVE-2024-21626

2024-06-18 00:00:00

almalinux

Important: runc security update

2024-02-02 00:00:00

Important: container-tools:rhel8 security update

2024-02-08 00:00:00

Important: container-tools:4.0 security update

2024-02-08 00:00:00

nvd

CVE-2024-21626

2024-01-31 22:15:53

ubuntu

runC vulnerability

2024-01-31 00:00:00

zdt

runc 1.1.11 File Descriptor Leak Privilege Escalation Exploit

2024-02-05 00:00:00

debiancve

CVE-2024-21626

2024-01-31 22:15:53

ubuntucve

CVE-2024-21626

2024-01-31 00:00:00

github

Talos Linux ships runc vulnerable to the escape to the host attack

2024-02-02 18:11:06

runc vulnerable to container breakout through process.cwd trickery and leaked fds

2024-01-31 22:44:08

metasploit

runc (docker) File Descriptor Leak Privilege Escalation

2024-02-01 20:28:04

oraclelinux

runc security update

2024-02-05 00:00:00

runc security update

2024-02-09 00:00:00

runc security update

2024-02-09 00:00:00

debian

[SECURITY] [DSA 5615-1] runc security update

2024-02-04 18:54:32

[SECURITY] [DLA 3735-1] runc security update

2024-02-19 02:28:00

mscve

GitHub: CVE-2024-21626 Container breakout through process.cwd trickery and leaked fds

2024-02-28 08:00:00

veracode

Sandbox Escape

2024-02-01 12:28:33

rocky

container-tools:rhel8 security update

2024-02-12 20:17:26

cgr

CVE-2024-21626 vulnerabilities

2024-05-19 03:07:16

alpinelinux

CVE-2024-21626

2024-01-31 22:15:53

redhatcve

CVE-2024-21626

2024-01-31 21:41:31

wolfi

CVE-2024-21626 vulnerabilities

2024-10-01 21:13:23

photon

Important Photon OS Security Update - PHSA-2024-3.0-0775

2024-08-02 00:00:00

Important Photon OS Security Update - PHSA-2024-5.0-0199

2024-02-07 00:00:00

rosalinux

Advisory ROSA-SA-2024-2393

2024-04-11 07:16:35

attackerkb

CVE-2019-5736

2019-02-11 00:00:00

thn

RunC Flaws Enable Container Escapes, Granting Attackers Host Access

2024-01-31 20:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

CVSS3

8.6

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

AI Score

6.5

Confidence

Low

EPSS

0.051

Percentile

93.0%

JSON

Related for OSV:USN-6619-1