Release Notes and Announcements
- Release Notes
- Announcements
- Release Notes
Product Introduction
Purchase Guide
- Purchase Instructions
- Purchase a TKE General Cluster
- Purchasing Native Nodes
- Purchasing a Super Node
Getting Started
Cluster Configuration
- General Cluster Overview
- Cluster Management
- Network Management
- Storage Management
- Node Management
- GPU Resource Management
- Remote Terminals
Application Configuration
- Workload Management
- Service and Configuration Management
- Component and Application Management
- Auto Scaling
- Container Login Methods
Observability Configuration
- Ops Observability
- Cost Insights and Optimization
Scheduler Configuration
- Scheduling Component Overview
- Resource Utilization Optimization Scheduling
- Business Priority Assurance Scheduling
- QoS Awareness Scheduling
Security and Stability
- TKE Security Group Settings
- Identity Authentication and Authorization
- Application Security
Multi-cluster Management
- Planned Upgrade
- Backup Center
Cloud Native Service Guide
- Cloud Service for etcd
- TMP
- TKE Serverless Cluster Guide
- TKE Registered Cluster Guide
Use Cases
- Cluster
- Serverless Cluster
- Scheduling
- Security
- Service Deployment
- Network
- Release
- Logs
- Monitoring
- OPS
- Terraform
- DevOps
- Auto Scaling
- Containerization
- Microservice
- Cost Management
- Hybrid Cloud
- AI
Troubleshooting
API Documentation
- History
- Introduction
- API Category
- Making API Requests
- Elastic Cluster APIs
- Resource Reserved Coupon APIs
- Cluster APIs
- Third-party Node APIs
- Relevant APIs for Addon
- Network APIs
- Node APIs
- Node Pool APIs
- TKE Edge Cluster APIs
- Cloud Native Monitoring APIs
- Scaling group APIs
- Super Node APIs
- Other APIs
- Data Types
- Error Codes
- TKE API 2022-05-01
FAQs
- TKE General Cluster
- TKE Serverless Cluster
- About OPS
- Hidden Danger Handling
- About Services
- Image Repositories
- About Remote Terminals
- Event FAQs
- Resource Management
Service Agreement
- TKE Service Level Agreement
- TKE Serverless Service Level Agreement
Contact Us
Glossary

CVE-2024-21626 Vulnerability Fix Description

Mode fokus

Ukuran font

Terakhir diperbarui: 2024-05-27 16:04:09

Vulnerability Details
Agent: runc
Vulnerability Name: runc Container Escape Vulnerability
CVE No.: CVE-2024-21626
Impact: This vulnerability could compromise the isolation layer between the container and the host operating system, allowing attackers to access host files or execute binary programs without authorization. For details, see Community Explanation and Fix Suggestions.
Scope of Impact
Runtime engines that use runc versions between 1.0.0-rc.93 and 1.1.11.
Note:
Preliminary verification indicates that exploiting this vulnerability requires kernel support for the openat2 system call (kernel version 5.6 and later). The affected node operating system distributions currently identified include Ubuntu 22.04 LTS and Red Hat Enterprise Linux 8.6. This vulnerability has not been reproduced on other operating system distributions. We are continuously following up.
Fix Method
1. Incremental TKE clusters and nodes created after February 3, 2024, are not affected by this vulnerability.
2. For legacy nodes, you can fix the vulnerability by executing the following command on the machine or replace the nodes:
wget http://static.ccs.tencentyun.com/fix-cve-2024-21626.tar.gz && tar -zxf fix-cve-2024-21626.tar.gz && fix-cve-2024-21626/runc-v1.1.12.sh
﻿
﻿

Bantuan dan Dukungan

Apakah halaman ini membantu?

Anda juga dapat Menghubungi Penjualan atau Mengirimkan Tiket untuk meminta bantuan.

masukan

tencent cloud

Tencent Kubernetes Engine

CVE-2024-21626 Vulnerability Fix Description

Vulnerability Details

Scope of Impact

Fix Method

Bantuan dan Dukungan