Issue:
Secure Code Warrior is aware of the recently disclosed CVE-2024-21626 published on January 31, 2024, the maintainers of runc, a CLI tool for spawning and running containers on Linux, announced a vulnerability (CVE-2024-21626) that allows for an order-of-operations container breakout centered around the WORKDIR command. Exploitation of this vulnerability can result in container escape to the underlying host operating system. This could occur by running a malicious image or by building a container image using a malicious Dockerfile or upstream image (i.e., when using FROM).
More information can be found here: NVD - CVE-2024-21626 (nist.gov)
Impact:
When the CVE was published, Secure Code Warrior forced rotation on all nodes that were running machine images using the affected version of runc. Now, all nodes that use runc are running the patched version.
Secure Code Warrior can confirm that there is no further impact present at this time within our environment.
Other resources:
Comments
0 comments
Please sign in to leave a comment.