RunC flaws allow container escapes, giving attackers host access

Container Security

Multiple security vulnerabilities have been disclosed in the runC command-line tool that can be exploited by threat actors to escape container boundaries and conduct follow-up attacks.

The vulnerabilities, tracked as CVE-2024-21626, CVE-2024-23651, CVE-2024-23652, and CVE-2024-23653, are collectively referred to as Leaking ships by cybersecurity supplier Snyk.

“These container escapes could allow an attacker to gain unauthorized access to the underlying host operating system from within the container and potentially gain access to sensitive data (credentials, customer information, etc.), and conduct further attacks, especially if the access gained also superuser rights,” the company said said in a report shared with The Hacker News.

executeC is a tool for spawning and running containers on Linux. It was originally developed as part of Docker onwards drawn out in a separate open source library in 2015.

Below is a brief description of each of the shortcomings:

  • CVE-2024-21626 – WORKDIR: Sequence of container escape
  • CVE-2024-23651 – Mount Cache Race
  • CVE-2024-23652 – Buildkit Build Time Container Teardown Random Removal
  • CVE-2024-23653 – Buildkit GRPC SecurityMode privilege check

The most serious flaw is CVE-2024-21626, which could result in a container escape around the `WORKDIR` command.

“This can be done by running a malicious image or by building a container image using a malicious Dockerfile or an upstream image (i.e. when using ‘FROM’),” Snyk said.

There is no evidence that the newly discovered flaws have been exploited in the wild yet. That said, the problems have been there addressed in runC version 1.1.12 released today.

“Because these vulnerabilities affect commonly used low-level container engine components and container build tools, Snyk strongly recommends users check for updates from vendors offering their container runtime environments, including Docker, Kubernetes vendors, cloud container services and open source communities. the company said.

In February 2019, runC maintainers addressed another serious flaw (CVE-2019-5736, CVSS score: 8.6) that could be exploited by an attacker to escape the container and gain root access on the host.

#RunC #flaws #container #escapes #giving #attackers #host #access

Notify of
Inline Feedbacks
View all comments
Previous Post
Zero-Day Flaws

Ivanti reveals two new Zero-Day flaws, one of which is being actively exploited

Next Post
Internet Browsing Data

NSA Admits They Secretly Purchased Your Internet Data Without A Warrant

Related Posts