Introduction Red Hat has identified a critical vulnerability in runc, a key component of container infrastructure, which facilitates container escapes, potentially allowing attackers unauthorized access to the host operating system from within a container. Exploitation methods include deceiving users into using or constructing a malicious image, or executing a malevolent process within the container with runc exec. This vulnerability, designated CVE-2024-21626, has been classified with an important severity impact. Affected Red Hat products include:

Continue reading