CVE-2024-21626: GitHub: CVE-2024-21626 Container breakout through process.cwd trickery and leaked fds

Overview

Severity

N/A

Exploit Status

Not Exploited

Patch Tuesday

2024-Feb

Released

2024-02-28

EPSS Score

6.76% (percentile: 91.3%)

FAQ

Why is this GitHub CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in runc which is consumed by Azure Kubernetes Service. The mitigation for this vulnerability requires a security update and a corresponding Azure Kubernetes Service update enables the mitigation. This CVE is being documented in the Security Update Guide to announce that the Azure Kubernetes Service build published on January 31, 2024 is no longer vulnerable. Please see CVE-2024-21626 for more information.

Detection & Weaponization (2 sources)

Maturity: Exploit

• Metasploit modules: runc (docker) File Descriptor Leak Privilege Escalation
• GitHub PoC: 17 repositories

Affected Products (3)

Azure

• Azure Kubernetes Service

Mariner

• CBL Mariner 2.0 ARM
• CBL Mariner 2.0 x64

Security Updates (1)

• Release Notes

Revision History

• 2024-02-28: Microsoft is announcing that the Azure Kubernetes Service security updates released on 31 January 2024 include runc updates, which addresses this vulnerability. Microsoft recommends that customers install the 31 January 2024 updates to ensure they have the most up-to-date version of Azure Kubernetes Service.