The runc command can be used to start containers which are packaged in accordance with the Open Container Initiative’s specifications, and to manage containers running under runc.

OSVersionArchitecturePackageVersionFilename
Fedora38anyrunc< 1.1.12UNKNOWN

OS	Version	Architecture	Package	Version	Filename
Fedora	38	any	runc	< 1.1.12	UNKNOWN

nessus 53

redhat 22

rocky 1

openvas 12

fedora 1

osv 10

debian 2

oraclelinux 5

mscve 1

cbl_mariner 6

veracode 1

githubexploit 7

cgr 1

redos 1

ibm 5

kaspersky 2

packetstorm 1

amazon 1

cve 1

prion 1

debiancve 1

almalinux 3

ubuntu 1

zdt 1

github 2

ubuntucve 1

metasploit 1

redhatcve 1

alpinelinux 1

wolfi 1

rosalinux 1

attackerkb 1

thn 1

securelist 1

avleonov 1

oracle 1

nessus

Amazon Linux 2023 : runc (ALAS2023-2024-501)

2024-02-01 00:00:00

RHCOS 4 : OpenShift Container Platform 4.12.49 (RHSA-2024:0666)

2024-02-08 00:00:00

Fedora 38 : runc (2024-9044c9eefa)

2024-02-11 00:00:00

redhat

(RHSA-2024:0666) Moderate: OpenShift Container Platform 4.12.49 packages and security update

2024-02-08 19:37:46

(RHSA-2024:0760) Important: container-tools:3.0 security update

2024-02-08 17:24:12

(RHSA-2024:0757) Important: container-tools:4.0 security update

2024-02-08 17:23:52

rocky

container-tools:rhel8 security update

2024-02-12 20:17:26

openvas

SUSE: Security Advisory (SUSE-SU-2024:0459-1)

2024-02-14 00:00:00

Debian: Security Advisory (DSA-5615-1)

2024-02-05 00:00:00

Huawei EulerOS: Security Advisory for docker-runc (EulerOS-SA-2024-1504)

2024-04-08 00:00:00

fedora

[SECURITY] Fedora 39 Update: runc-1.1.12-1.fc39

2024-02-06 01:18:51

osv

runc vulnerability

2024-01-31 20:17:00

CVE-2024-21626

2024-01-31 22:15:53

Important: container-tools:rhel8 security update

2024-02-12 20:17:26

debian

[SECURITY] [DSA 5615-1] runc security update

2024-02-04 18:54:11

[SECURITY] [DLA 3735-1] runc security update

2024-02-19 02:28:00

oraclelinux

runc security update

2024-02-09 00:00:00

runc security update

2024-02-09 00:00:00

runc security update

2024-02-05 00:00:00

mscve

GitHub: CVE-2024-21626 Container breakout through process.cwd trickery and leaked fds

2024-02-28 08:00:00

cbl_mariner

CVE-2024-21626 affecting package kubevirt for versions less than 0.59.0-14

2024-02-25 03:00:06

CVE-2024-21626 affecting package cri-tools for versions less than 1.28.0-5

2024-02-25 03:00:06

CVE-2024-21626 affecting package moby-engine for versions less than 25.0.3-1

2024-03-19 17:21:46

veracode

Sandbox Escape

2024-02-01 12:28:33

githubexploit

Exploit for Exposure of Resource to Wrong Sphere in Linuxfoundation Runc

2024-02-05 17:47:01

Exploit for CVE-2024-21626

2024-02-07 07:38:22

Exploit for Exposure of Resource to Wrong Sphere in Linuxfoundation Runc

2024-02-01 12:53:18

cgr

CVE-2024-21626 vulnerabilities

2024-05-08 09:06:38

redos

ROS-20240410-18

2024-04-10 00:00:00

ibm

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a security bypass in Open Container Initiative runc [CVE-2024-21626]

2024-03-28 22:00:56

Security Bulletin: Red Hat OpenShift on IBM Cloud is affected by a runc security vulnerability (CVE-2024-21626)

2024-03-01 10:30:03

Security Bulletin: IBM Cloud Kubernetes Service is affected by a containerd security vulnerability (CVE-2024-21626)

2024-02-21 17:30:04

kaspersky

KLA64657 PE vulnerability in Microsoft Azure

2024-02-28 00:00:00

KLA64658 PE vulnerability in Microsoft Mariner

2024-02-28 00:00:00

packetstorm

runc 1.1.11 File Descriptor Leak Privilege Escalation

2024-02-05 00:00:00

amazon

Important: runc

2024-01-25 19:21:00

cve

CVE-2024-21626

2024-01-31 22:15:53

prion

Design/Logic Flaw

2024-01-31 22:15:00

debiancve

CVE-2024-21626

2024-01-31 22:15:53

almalinux

Important: runc security update

2024-02-02 00:00:00

Important: container-tools:rhel8 security update

2024-02-08 00:00:00

Important: container-tools:4.0 security update

2024-02-08 00:00:00

ubuntu

runC vulnerability

2024-01-31 00:00:00

zdt

runc 1.1.11 File Descriptor Leak Privilege Escalation Exploit

2024-02-05 00:00:00

github

Talos Linux ships runc vulnerable to the escape to the host attack

2024-02-02 18:11:06

runc vulnerable to container breakout through process.cwd trickery and leaked fds

2024-01-31 22:44:08

ubuntucve

CVE-2024-21626

2024-01-31 00:00:00

metasploit

runc (docker) File Descriptor Leak Privilege Escalation

2024-02-01 20:28:04

redhatcve

CVE-2024-21626

2024-01-31 21:41:31

alpinelinux

CVE-2024-21626

2024-01-31 22:15:53

wolfi

CVE-2024-21626 vulnerabilities

2024-05-08 09:06:38

rosalinux

Advisory ROSA-SA-2024-2393

2024-04-11 07:16:35

attackerkb

CVE-2019-5736

2019-02-11 00:00:00

thn

RunC Flaws Enable Container Escapes, Granting Attackers Host Access

2024-01-31 20:00:00

securelist

Exploits and vulnerabilities in Q1 2024

2024-05-07 10:00:39

avleonov

February 2024: Vulremi, Vuldetta, PT VM Course relaunch, PT TrendVulns digests, Ivanti, Fortinet, MSPT, Linux PW

2024-03-05 18:43:32

oracle

Oracle Critical Patch Update Advisory - April 2024

2024-04-16 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
OpenSource

@2024 Vulners Inc

8.6 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

7 High

AI Score

Confidence

Low

4.4 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:P/I:P/A:P

0.051 Low

EPSS

Percentile

92.9%

JSON

Related for FEDORA:4E06C203CF7E