CVE-2024-22036

Name of the Vulnerable Software and Affected Versions Rancher versions prior to 2.7.16 Rancher versions prior to 2.8.9 Rancher versions prior to 2.9.3

Description A vulnerability has been identified in Rancher where a cluster or node driver can be used to escape the chroot jail and gain root access to the Rancher container itself. This can lead to further privilege escalation in production environments. The issue arises due to excessive permissions granted to node drivers, lack of validation on driver file types, and incorrect ownership of certain binaries.

The estimated number of potentially affected devices is not provided. However, the vulnerability can be exploited to gain elevated privileges and potentially execute code on the host system in test and development environments.

Technical details about exploitation include the use of the PATH environment variable, vulnerable binaries such as /usr/bin/rancher-machine, /usr/bin/helm v3, and /usr/bin/kustomize, and the ability to register malicious node drivers.

Recommendations For versions prior to 2.7.16, update to version 2.7.16 or later. For versions prior to 2.8.9, update to version 2.8.9 or later. For versions prior to 2.9.3, update to version 2.9.3 or later. As a temporary workaround, consider using only trusted drivers and limiting the use of Admins/Restricted Admins to trusted users.