CVE-2024-21626
Summary
| CVE | CVE-2024-21626 |
|---|---|
| State | PUBLISHED |
| Assigner | Unknown |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2024-01-31 22:15:00 UTC |
| Updated | 2024-02-06 02:15:00 UTC |
| Description | Description unavailable. |
Risk And Classification
Problem Types: CWE-668
There are no known software configurations currently associated with this CVE in NVD or the CVE Program record.
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Release runc 1.1.12 -- "Now you're thinking with Portals™!" · opencontainers/runc · GitHub | github.com | ||
| lists.fedoraproject.org/archives/list/[email protected]/messag... | lists.fedoraproject.org | ||
| oss-security - Re: Re: runc: CVE-2024-21626: high severity container breakout attack | www.openwall.com | ||
| packetstormsecurity.com/files/176993/runc-1.1.11-File-Descriptor-Leak-Privilege-Escal... | packetstormsecurity.com | ||
| Merge pull request from GHSA-xr7r-f8xq-vfvv · opencontainers/runc@0212048 · GitHub | github.com | ||
| several container breakouts due to internally leaked fds · Advisory · opencontainers/runc · GitHub | github.com | ||
| oss-security - Re: runc: CVE-2024-21626: high severity container breakout attack | www.openwall.com | ||
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 161335 Oracle Enterprise Linux Security Update for runc (ELSA-2024-0670)
- 161340 Oracle Enterprise Linux Security Update for runc (ELSA-2024-17931)
- 161341 Oracle Enterprise Linux Security Update for runc (ELSA-2024-12148)
- 161353 Oracle Enterprise Linux Security Update for container-tools:ol8 (ELSA-2024-0752)
- 161356 Oracle Enterprise Linux Security Update for container-tools:4.0 (ELSA-2024-0748)
- 200090 Ubuntu Security Notification for runC Vulnerability (USN-6619-1)
- 242818 Red Hat Update for runc (RHSA-2024:0670)
- 242889 Red Hat Update for runc (RHSA-2024:0717)
- 242891 Red Hat Update for container-tools:rhel8 (RHSA-2024:0752)
- 242892 Red Hat Update for container-tools:2.0 (RHSA-2024:0758)
- 242893 Red Hat OpenShift Container Platform 4.13 Security Update (RHSA-2024:0662)
- 242894 Red Hat Update for container-tools:4.0 (RHSA-2024:0748)
- 242897 Red Hat Update for container-tools:3.0 (RHSA-2024:0760)
- 242898 Red Hat Update for runc (RHSA-2024:0756)
- 242899 Red Hat OpenShift Container Platform 4.12 Security Update (RHSA-2024:0666)
- 242900 Red Hat Update for container-tools:rhel8 (RHSA-2024:0759)
- 242902 Red Hat Update for container-tools:4.0 (RHSA-2024:0757)
- 242904 Red Hat OpenShift Container Platform 4.14 Security Update (RHSA-2024:0645)
- 242905 Red Hat Update for container-tools:rhel8 (RHSA-2024:0764)
- 242907 Red Hat Update for runc (RHSA-2024:0755)
- 242909 Red Hat OpenShift Container Platform 4.11 Security Update (RHSA-2024:0684)
- 243056 Red Hat Update for docker (RHSA-2024:1270)
- 284908 Fedora Security Update for runc (FEDORA-2024-9044c9eefa)
- 285005 Fedora Security Update for runc (FEDORA-2024-900dc7f6ff)
- 357062 Amazon Linux Security Advisory for runc : ALAS2ECS-2024-033
- 357063 Amazon Linux Security Advisory for runc : ALAS2DOCKER-2024-036
- 357064 Amazon Linux Security Advisory for runc : ALAS2NITRO-ENCLAVES-2024-036
- 357065 Amazon Linux Security Advisory for runc : ALAS2023-2024-501
- 357066 Amazon Linux Security Advisory for runc : ALAS-2024-1911
- 379336 Docker and runc container breakout Vulnerability (Leaky Vessels) (GHSA-xr7r-f8xq-vfvv)
- 379337 Docker Desktop Runc and BuildKit Vulnerability
- 379338 Docker Engine Runc and BuildKit Multiple Vulnerabilities
- 379341 Alibaba Cloud Linux Security Update for runc (ALINUX3-SA-2024:0015)
- 379641 Alibaba Cloud Linux Security Update for container-tools:rhel8 (ALINUX3-SA-2024:0050)
- 510703 Alpine Linux Security Update for runc
- 6000469 Debian Security Update for runc (DSA 5615-1)
- 6000482 Debian Security Update for runc (DLA 3735-1)
- 6140326 AWS Bottlerocket Security Update for runc (GHSA-gvfx-46w7-j3xv)
- 673388 EulerOS Security Update for docker-runc (EulerOS-SA-2024-1234)
- 674075 EulerOS Security Update for docker-runc (EulerOS-SA-2024-1212)
- 674125 EulerOS Security Update for docker-runc (EulerOS-SA-2024-1483)
- 674131 EulerOS Security Update for docker-runc (EulerOS-SA-2024-1504)
- 755685 SUSE Enterprise Linux Security Update for runc (SUSE-SU-2024:0295-1)
- 755746 SUSE Enterprise Linux Security Update for runc (SUSE-SU-2024:0459-1)
- 770228 Red Hat OpenShift Container Platform 4.13 Security Update (RHSA-2024:0662)
- 770229 Red Hat OpenShift Container Platform 4.12 Security Update (RHSA-2024:0666)
- 770230 Red Hat OpenShift Container Platform 4.14 Security Update (RHSA-2024:0645)
- 770231 Red Hat OpenShift Container Platform 4.11 Security Update (RHSA-2024:0684)
- 907848 Common Base Linux Mariner (CBL-Mariner) Security Update for moby-runc (34087-1)
- 907932 Common Base Linux Mariner (CBL-Mariner) Security Update for kubevirt (34075)
- 907943 Common Base Linux Mariner (CBL-Mariner) Security Update for cri-tools (34060)
- 907949 Common Base Linux Mariner (CBL-Mariner) Security Update for kubernetes (34074)
- 907960 Common Base Linux Mariner (CBL-Mariner) Security Update for kubernetes (34074-1)
- 907974 Common Base Linux Mariner (CBL-Mariner) Security Update for kubevirt (34075-1)
- 907986 Common Base Linux Mariner (CBL-Mariner) Security Update for cri-tools (34060-1)
- 941569 AlmaLinux Security Update for runc (ALSA-2024:0670)
- 941572 AlmaLinux Security Update for container-tools:rhel8 (ALSA-2024:0752)
- 941573 AlmaLinux Security Update for container-tools:4.0 (ALSA-2024:0748)
- 961114 Rocky Linux Security Update for container-tools:rhel8 (RLSA-2024:0752)
- 997036 GO (Go) Security Update for github.com/opencontainers/runc (GHSA-xr7r-f8xq-vfvv)