PT-2021-7760 · Runc+6 · Runc+6

Felix Wilhelm

Published

2021-11-09

Updated

2024-06-15

CVE-2021-43784

CVSS v2.0

6.0

Medium

Vector

AV:N/AC:M/Au:S/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions runc versions prior to 1.0.3

Description The issue is related to an integer overflow in the 16-bit length field for the byte array attribute type in the netlink serialization system used by runc. This allows an attacker with control over the container configuration to bypass namespace restrictions by adding a malicious netlink payload. The main users impacted are those who allow untrusted images with untrusted configurations to run on their machines, such as with shared cloud infrastructure.

Recommendations For versions prior to 1.0.3, update to version 1.0.3 to fix the bug. As a temporary workaround, consider disallowing untrusted namespace paths from your container configuration to minimize the risk of exploitation.

Exploit

Fix

Integer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-190

Related Identifiers

ALSA-2023:6380

ALT-PU-2021-3555

ALT-PU-2022-3196

ALT-PU-2023-1623

AZL-6682

BDU:2023-02652

CVE-2021-43784

DLA-2841-1

DLA-3735-1

GHSA-V95C-P5HM-XQ8F

GO-2022-0274

MGASA-2021-0553

OPENSUSE-SU-2021:1625-1

OPENSUSE-SU-2021:4171-1

OPENSUSE-SU-2021_1625-1

OPENSUSE-SU-2021_4171-1

OPENSUSE-SU-2024:11664-1

RHSA-2023:6380

RHSA-2023_6380

ROSA-SA-2023-2209

SUSE-SU-2021:4059-1

SUSE-SU-2021:4171-1

SUSE-SU-2021_4059-1

SUSE-SU-2021_4171-1

USN-6088-2

Affected Products

Alt Linux

Almalinux

Astra Linux

Red Hat

Suse

Ubuntu

Runc

PT-2021-7760 · Runc+6 · Runc+6

CVE-2021-43784

Weakness Enumeration

Related Identifiers

Affected Products

References · 68