{"api_version":"1","generated_at":"2026-04-23T02:38:02+00:00","cve":"CVE-2024-21626","urls":{"html":"https://cve.report/CVE-2024-21626","api":"https://cve.report/api/cve/CVE-2024-21626.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2024-21626","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2024-21626"},"summary":{"title":"CVE-2024-21626","description":"Description unavailable.","state":"PUBLISHED","assigner":"","published_at":"2024-01-31 22:15:00","updated_at":"2024-02-06 02:15:00"},"problem_types":["CWE-668"],"metrics":[],"references":[{"url":"https://github.com/opencontainers/runc/releases/tag/v1.1.12","name":"https://github.com/opencontainers/runc/releases/tag/v1.1.12","refsource":"","tags":[],"title":"Release runc 1.1.12 -- \"Now you're thinking with Portals™!\" · opencontainers/runc · GitHub","mime":"text/html","httpstatus":"200","archivestatus":"429"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SYMO3BANINS6RGFQFKPRG4FIOJ7GWYTL/","name":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SYMO3BANINS6RGFQFKPRG4FIOJ7GWYTL/","refsource":"","tags":[],"title":"","mime":"","httpstatus":"200","archivestatus":"404"},{"url":"http://www.openwall.com/lists/oss-security/2024/02/02/3","name":"http://www.openwall.com/lists/oss-security/2024/02/02/3","refsource":"","tags":[],"title":"oss-security - Re: Re: runc: CVE-2024-21626: high severity container\n breakout attack","mime":"text/html","httpstatus":"200","archivestatus":"429"},{"url":"http://packetstormsecurity.com/files/176993/runc-1.1.11-File-Descriptor-Leak-Privilege-Escalation.html","name":"http://packetstormsecurity.com/files/176993/runc-1.1.11-File-Descriptor-Leak-Privilege-Escalation.html","refsource":"","tags":[],"title":"","mime":"","httpstatus":"200","archivestatus":"404"},{"url":"https://github.com/opencontainers/runc/commit/02120488a4c0fc487d1ed2867e901eeed7ce8ecf","name":"https://github.com/opencontainers/runc/commit/02120488a4c0fc487d1ed2867e901eeed7ce8ecf","refsource":"","tags":[],"title":"Merge pull request from GHSA-xr7r-f8xq-vfvv · opencontainers/runc@0212048 · GitHub","mime":"text/html","httpstatus":"200","archivestatus":"429"},{"url":"https://github.com/opencontainers/runc/security/advisories/GHSA-xr7r-f8xq-vfvv","name":"https://github.com/opencontainers/runc/security/advisories/GHSA-xr7r-f8xq-vfvv","refsource":"","tags":[],"title":"several container breakouts due to internally leaked fds · Advisory · opencontainers/runc · GitHub","mime":"text/html","httpstatus":"200","archivestatus":"429"},{"url":"http://www.openwall.com/lists/oss-security/2024/02/01/1","name":"http://www.openwall.com/lists/oss-security/2024/02/01/1","refsource":"","tags":[],"title":"oss-security - Re: runc: CVE-2024-21626: high severity container breakout attack","mime":"text/html","httpstatus":"200","archivestatus":"429"},{"url":"https://www.cve.org/CVERecord?id=CVE-2024-21626","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-21626","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2024-21626","qid":"161335","title":"Oracle Enterprise Linux Security Update for runc (ELSA-2024-0670)"},{"cve":"CVE-2024-21626","qid":"161340","title":"Oracle Enterprise Linux Security Update for runc (ELSA-2024-17931)"},{"cve":"CVE-2024-21626","qid":"161341","title":"Oracle Enterprise Linux Security Update for runc (ELSA-2024-12148)"},{"cve":"CVE-2024-21626","qid":"161353","title":"Oracle Enterprise Linux Security Update for container-tools:ol8 (ELSA-2024-0752)"},{"cve":"CVE-2024-21626","qid":"161356","title":"Oracle Enterprise Linux Security Update for container-tools:4.0 (ELSA-2024-0748)"},{"cve":"CVE-2024-21626","qid":"200090","title":"Ubuntu Security Notification for runC Vulnerability (USN-6619-1)"},{"cve":"CVE-2024-21626","qid":"242818","title":"Red Hat Update for runc (RHSA-2024:0670)"},{"cve":"CVE-2024-21626","qid":"242889","title":"Red Hat Update for runc (RHSA-2024:0717)"},{"cve":"CVE-2024-21626","qid":"242891","title":"Red Hat Update for container-tools:rhel8 (RHSA-2024:0752)"},{"cve":"CVE-2024-21626","qid":"242892","title":"Red Hat Update for container-tools:2.0 (RHSA-2024:0758)"},{"cve":"CVE-2024-21626","qid":"242893","title":"Red Hat OpenShift Container Platform 4.13 Security Update (RHSA-2024:0662)"},{"cve":"CVE-2024-21626","qid":"242894","title":"Red Hat Update for container-tools:4.0 (RHSA-2024:0748)"},{"cve":"CVE-2024-21626","qid":"242897","title":"Red Hat Update for container-tools:3.0 (RHSA-2024:0760)"},{"cve":"CVE-2024-21626","qid":"242898","title":"Red Hat Update for runc (RHSA-2024:0756)"},{"cve":"CVE-2024-21626","qid":"242899","title":"Red Hat OpenShift Container Platform 4.12 Security Update (RHSA-2024:0666)"},{"cve":"CVE-2024-21626","qid":"242900","title":"Red Hat Update for container-tools:rhel8 (RHSA-2024:0759)"},{"cve":"CVE-2024-21626","qid":"242902","title":"Red Hat Update for container-tools:4.0 (RHSA-2024:0757)"},{"cve":"CVE-2024-21626","qid":"242904","title":"Red Hat OpenShift Container Platform 4.14 Security Update (RHSA-2024:0645)"},{"cve":"CVE-2024-21626","qid":"242905","title":"Red Hat Update for container-tools:rhel8 (RHSA-2024:0764)"},{"cve":"CVE-2024-21626","qid":"242907","title":"Red Hat Update for runc (RHSA-2024:0755)"},{"cve":"CVE-2024-21626","qid":"242909","title":"Red Hat OpenShift Container Platform 4.11 Security Update (RHSA-2024:0684)"},{"cve":"CVE-2024-21626","qid":"243056","title":"Red Hat Update for docker (RHSA-2024:1270)"},{"cve":"CVE-2024-21626","qid":"284908","title":"Fedora Security Update for runc (FEDORA-2024-9044c9eefa)"},{"cve":"CVE-2024-21626","qid":"285005","title":"Fedora Security Update for runc (FEDORA-2024-900dc7f6ff)"},{"cve":"CVE-2024-21626","qid":"357062","title":"Amazon Linux Security Advisory for runc : ALAS2ECS-2024-033"},{"cve":"CVE-2024-21626","qid":"357063","title":"Amazon Linux Security Advisory for runc : ALAS2DOCKER-2024-036"},{"cve":"CVE-2024-21626","qid":"357064","title":"Amazon Linux Security Advisory for runc : ALAS2NITRO-ENCLAVES-2024-036"},{"cve":"CVE-2024-21626","qid":"357065","title":"Amazon Linux Security Advisory for runc : ALAS2023-2024-501"},{"cve":"CVE-2024-21626","qid":"357066","title":"Amazon Linux Security Advisory for runc : ALAS-2024-1911"},{"cve":"CVE-2024-21626","qid":"379336","title":"Docker and runc container breakout Vulnerability (Leaky Vessels) (GHSA-xr7r-f8xq-vfvv)"},{"cve":"CVE-2024-21626","qid":"379337","title":"Docker Desktop Runc and BuildKit Vulnerability"},{"cve":"CVE-2024-21626","qid":"379338","title":"Docker Engine Runc and BuildKit Multiple Vulnerabilities"},{"cve":"CVE-2024-21626","qid":"379341","title":"Alibaba Cloud Linux Security Update for runc (ALINUX3-SA-2024:0015)"},{"cve":"CVE-2024-21626","qid":"379641","title":"Alibaba Cloud Linux Security Update for container-tools:rhel8 (ALINUX3-SA-2024:0050)"},{"cve":"CVE-2024-21626","qid":"510703","title":"Alpine Linux Security Update for runc"},{"cve":"CVE-2024-21626","qid":"6000469","title":"Debian Security Update for runc (DSA 5615-1)"},{"cve":"CVE-2024-21626","qid":"6000482","title":"Debian Security Update for runc (DLA 3735-1)"},{"cve":"CVE-2024-21626","qid":"6140326","title":"AWS Bottlerocket Security Update for runc (GHSA-gvfx-46w7-j3xv)"},{"cve":"CVE-2024-21626","qid":"673388","title":"EulerOS Security Update for docker-runc (EulerOS-SA-2024-1234)"},{"cve":"CVE-2024-21626","qid":"674075","title":"EulerOS Security Update for docker-runc (EulerOS-SA-2024-1212)"},{"cve":"CVE-2024-21626","qid":"674125","title":"EulerOS Security Update for docker-runc (EulerOS-SA-2024-1483)"},{"cve":"CVE-2024-21626","qid":"674131","title":"EulerOS Security Update for docker-runc (EulerOS-SA-2024-1504)"},{"cve":"CVE-2024-21626","qid":"755685","title":"SUSE Enterprise Linux Security Update for runc (SUSE-SU-2024:0295-1)"},{"cve":"CVE-2024-21626","qid":"755746","title":"SUSE Enterprise Linux Security Update for runc (SUSE-SU-2024:0459-1)"},{"cve":"CVE-2024-21626","qid":"770228","title":"Red Hat OpenShift Container Platform 4.13 Security Update (RHSA-2024:0662)"},{"cve":"CVE-2024-21626","qid":"770229","title":"Red Hat OpenShift Container Platform 4.12 Security Update (RHSA-2024:0666)"},{"cve":"CVE-2024-21626","qid":"770230","title":"Red Hat OpenShift Container Platform 4.14 Security Update (RHSA-2024:0645)"},{"cve":"CVE-2024-21626","qid":"770231","title":"Red Hat OpenShift Container Platform 4.11 Security Update (RHSA-2024:0684)"},{"cve":"CVE-2024-21626","qid":"907848","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for moby-runc (34087-1)"},{"cve":"CVE-2024-21626","qid":"907932","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for kubevirt (34075)"},{"cve":"CVE-2024-21626","qid":"907943","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for cri-tools (34060)"},{"cve":"CVE-2024-21626","qid":"907949","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for kubernetes (34074)"},{"cve":"CVE-2024-21626","qid":"907960","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for kubernetes (34074-1)"},{"cve":"CVE-2024-21626","qid":"907974","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for kubevirt (34075-1)"},{"cve":"CVE-2024-21626","qid":"907986","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for cri-tools (34060-1)"},{"cve":"CVE-2024-21626","qid":"941569","title":"AlmaLinux Security Update for runc (ALSA-2024:0670)"},{"cve":"CVE-2024-21626","qid":"941572","title":"AlmaLinux Security Update for container-tools:rhel8 (ALSA-2024:0752)"},{"cve":"CVE-2024-21626","qid":"941573","title":"AlmaLinux Security Update for container-tools:4.0 (ALSA-2024:0748)"},{"cve":"CVE-2024-21626","qid":"961114","title":"Rocky Linux Security Update for container-tools:rhel8 (RLSA-2024:0752)"},{"cve":"CVE-2024-21626","qid":"997036","title":"GO (Go) Security Update for github.com/opencontainers/runc (GHSA-xr7r-f8xq-vfvv)"}]},"source_records":{"cve_program":null,"nvd":{"publishedDate":"2024-01-31 22:15:00","lastModifiedDate":"2024-02-06 02:15:00","problem_types":["CWE-668"],"metrics":[],"configurations":{"CVE_data_version":"4.0","nodes":[]}},"legacy_mitre":{"record":null,"notes":[]}}}