This is the official discussion post for the newly released (02/14/23) CVE course, “Leaky Vessels” Container Breakout (CVE-2024-21626).
CVE-2024-21626 is a severe vulnerability affecting all versions of runc up to 1.1.11, a critical component utilized by Docker and other containerization technologies like Kubernetes. This vulnerability enables an attacker to escape from a container to the underlying host operating system. Put on your red team hat to exploit this vulnerability.