tencent cloud

$0 14-Day TrialExperience EdgeOne for acceleration and security protection!

Feedback

CVE-2024-21626 Vulnerability Fix Description

Last updated: 2024-05-27 16:04:09

Vulnerability Details

Agent: runc Vulnerability Name: runc Container Escape Vulnerability CVE No.: CVE-2024-21626 Impact: This vulnerability could compromise the isolation layer between the container and the host operating system, allowing attackers to access host files or execute binary programs without authorization. For details, see Community Explanation and Fix Suggestions.

Scope of Impact

Runtime engines that use runc versions between 1.0.0-rc.93 and 1.1.11.
Note:
Preliminary verification indicates that exploiting this vulnerability requires kernel support for the openat2 system call (kernel version 5.6 and later). The affected node operating system distributions currently identified include Ubuntu 22.04 LTS and Red Hat Enterprise Linux 8.6. This vulnerability has not been reproduced on other operating system distributions. We are continuously following up.

Fix Method

1. Incremental TKE clusters and nodes created after February 3, 2024, are not affected by this vulnerability.
2. For legacy nodes, you can fix the vulnerability by executing the following command on the machine or replace the nodes:
wget http://static.ccs.tencentyun.com/fix-cve-2024-21626.tar.gz && tar -zxf fix-cve-2024-21626.tar.gz && fix-cve-2024-21626/runc-v1.1.12.sh



Catalog

In The Article

CVE-2024-21626 Vulnerability Fix Description

Contact Us

Contact our sales team or business advisors to help your business.

Technical Support

Open a ticket if you're looking for further assistance. Our Ticket is 7x24 avaliable.

7x24 Phone Support
Hong Kong, China
+852 800 906 020 (Toll Free)
United States
+1 844 606 0804 (Toll Free)
United Kingdom
+44 808 196 4551 (Toll Free)
Canada
+1 888 605 7930 (Toll Free)
Australia
+61 1300 986 386 (Toll Free)
EdgeOne hotline
+852 300 80699
More local hotlines coming soon