Container Escape Vulnerability

Runc Container Escape Vulnerability Alert

February 2, 2024

Overview Recently, NSFOCUS CERT detected that the runc officially issued a security notice and fixed a container escaping vulnerability (CVE-2024-21626). Since the internal file descriptor of runc is leaked during initialization and the final working directory is not verified to be located in the mount namespace of the container, attackers can conduct container escaping in […]

Search

Subscribe to the NSFOCUS Blog