opencontainers News Articles
Recent news articles refferecing the vendors vulnerabilities.
MediumCVE-2024-21626Illustrate runC Escape Vulnerability CVE-2024β21626 with my tests
For runC, a container runtime component, published version 1.1.12 to fix CVE-2024-21626 at 31, Jan 2024, which leads to escaping from containers. The range of affected versions are >= v1.0.0-rc93β¦
runc working directory breakout (CVE-2024-21626)
An analysis of CVE-2024-21626 which is a vulnerability in runc that allows for container breakout.
wiz.ioLeaky Vessels: Deep Dive on Container Escape Vulnerabilities | Wiz Blog
'Leaky Vessels' is a set of container escape vulnerabilities affecting runC and BuildKit. Learn how they work and what security teams can do to mitigate them.
Palo Alto NetworksContainer Escape: New Vulnerabilities Affecting Docker and RunC - Palo Alto Networks Blog
Mitigate critical Leaky Vessels vulnerabilities in Docker and RunC with in-depth analysis on CVE-2024-21626, CVE-2024-23651, CVE-2024-23652, and CVE-2024-23653.
Leaky Vessels Vulnerability Sinks Container Security
Attackers could use a security hole in the open source runc container runtime engine β used by Docker and others β to gain control of the host machine.
The Hacker NewsRunC Flaws Enable Container Escapes, Granting Attackers Host Access
Critical Container Exploits Found in runC. These flaws allow attackers to break out of containers and access sensitive data or launch further attacks.
Leaky Vessels: Docker and runc Container Breakout Vulnerabilities - January 2024 | Snyk
Snyk Security Labs Team has identified four container breakout vulnerabilities in core container infrastructure components including Docker and runc, which also impacts Kubernetes.
CVE-2024-21626 runc process.cwd & leaked fds container breakout | Snyk
CVE-2024-21626: Snyk has discovered an order of operations container breakout vulnerability in all versions of runc <=1.1.11, as used by the Docker engine and other containerization technologies.