Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CVE-2024-21626 "Leaky Vessels" container escape vulnerability in runc ≤ 1.1.11 #878

Closed
dpoon opened this issue Feb 1, 2024 · 1 comment · Fixed by #879
Closed

CVE-2024-21626 "Leaky Vessels" container escape vulnerability in runc ≤ 1.1.11 #878

dpoon opened this issue Feb 1, 2024 · 1 comment · Fixed by #879

Comments

@dpoon
Copy link

dpoon commented Feb 1, 2024

https://snyk.io/blog/cve-2024-21626-runc-process-cwd-container-breakout/

Snyk has discovered a vulnerability in all versions of runc <=1.1.11, as used by the Docker engine, along with other containerization technologies such as Kubernetes. Exploitation of this issue can result in container escape to the underlying host OS, either through executing a malicious image or building an image using a malicious Dockerfile or upstream image (i.e., when using FROM). This issue has been assigned the CVE-2024-21626.
@frezbo
Copy link
Member

frezbo commented Feb 1, 2024

Thank you, we'll get this updated and will be part of next Talos patch release

@frezbo frezbo mentioned this issue Feb 1, 2024
Merged
frezbo added a commit to frezbo/pkgs that referenced this issue Feb 1, 2024
@frezbo
chore: bump runc+containerd
5e72201 
Containerd and runc bump for [CVE-2024-21626](GHSA-xr7r-f8xq-vfvv)

Part of siderolabs#878

Signed-off-by: Noel Georgi <git@frezbo.dev>
@frezbo frezbo mentioned this issue Feb 1, 2024
Merged
frezbo added a commit to frezbo/pkgs that referenced this issue Feb 1, 2024
@frezbo
chore: bump runc+containerd
b77ffb7 
Containerd and runc bump for [CVE-2024-21626](GHSA-xr7r-f8xq-vfvv)

Part of siderolabs#878

Signed-off-by: Noel Georgi <git@frezbo.dev>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

chore: bump deps frezbo/pkgs
2 participants
@dpoon @frezbo