Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2024-21626
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
runc container breakout through process.cwd trickery and leaked fds
Source: NVD (National Vulnerability Database)
Vulnerability Description
runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. In runc 1.1.11 and earlier, due to an internal file descriptor leak, an attacker could cause a newly-spawned container process (from runc exec) to have a working directory in the host filesystem namespace, allowing for a container escape by giving access to the host filesystem ("attack 2"). The same attack could be used by a malicious image to allow a container process to gain access to the host filesystem through runc run ("attack 1"). Variants of attacks 1 and 2 could be also be used to overwrite semi-arbitrary host binaries, allowing for complete container escapes ("attack 3a" and "attack 3b"). runc 1.1.12 includes patches for this issue.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
将文件描述符暴露给不受控制的范围(文件描述符泄露)
Source: NVD (National Vulnerability Database)
Vulnerability Title
runc 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
runc是一款用于根据OCI规范生成和运行容器的CLI(命令行界面)工具。 runc 1.1.12之前版本存在安全漏洞,该漏洞源于fds 内部泄漏,导致多个容器发生泄漏。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
VendorProductAffected VersionsCPESubscribe
opencontainersrunc >=v1.0.0-rc93, < 1.1.12 -
II. Public POCs for CVE-2024-21626
#POC DescriptionSource LinkShenlong Link
1Nonehttps://github.com/Wall1e/CVE-2024-21626-POCPOC Details
2PoC and Detection for CVE-2024-21626https://github.com/NitroCao/CVE-2024-21626POC Details
3Nonehttps://github.com/zpxlz/CVE-2024-21626-POCPOC Details
4CVE-2024-21626-poc-research-Reappearance-andtodohttps://github.com/cdxiaodong/CVE-2024-21626POC Details
5Nonehttps://github.com/zhangguanzhang/CVE-2024-21626POC Details
6Container Runtime Meetup #5 のLT用のデモhttps://github.com/laysakura/CVE-2024-21626-demoPOC Details
7Nonehttps://github.com/V0WKeep3r/CVE-2024-21626-runcPOCPOC Details
8Nonehttps://github.com/abian2/CVE-2024-21626POC Details
9Nonehttps://github.com/Sk3pper/CVE-2024-21626POC Details
10POChttps://github.com/KubernetesBachelor/CVE-2024-21626POC Details
11Nonehttps://github.com/dorser/cve-2024-21626POC Details
12Nonehttps://github.com/FlojBoj/CVE-2024-21626POC Details
13Nonehttps://github.com/Sk3pper/CVE-2024-21626-old-docker-versionsPOC Details
14Some scripts to simulate an attack (used for CVE-2024-21626)https://github.com/adaammmeeee/little-jokePOC Details
15Root cuase & Proof of causehttps://github.com/R4mbb/CVE-2024-21626-PoCPOC Details
16POCs and Tetragon Rules for CVE-2024-21626 and CVE-2025-31133https://github.com/scherepiuk/container-escape-ebpfPOC Details
AI-Generated POCPremium

No public POC found.

Login to generate AI POC
III. Intelligence Information for CVE-2024-21626
Please Login to view more intelligence information
IV. Related Vulnerabilities
Same product: runc
Same vendor: opencontainers
Same weakness: CWE-403
V. Comments for CVE-2024-21626

No comments yet

Leave a comment