CVE-2024-21626

一、漏洞信息
漏洞编号：CVE-2024-21626
漏洞归属组件：buildah
漏洞归属的版本：1.26.1,1.34.1
CVSS V3.0分值：
BaseScore：8.6 High
Vector：CVSS：3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
漏洞简述：
runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. In runc 1.1.11 and earlier, due to an internal file descriptor leak, an attacker could cause a newly-spawned container process (from runc exec) to have a working directory in the host filesystem namespace, allowing for a container escape by giving access to the host filesystem ( attack 2 ). The same attack could be used by a malicious image to allow a container process to gain access to the host filesystem through runc run ( attack 1 ). Variants of attacks 1 and 2 could be also be used to overwrite semi-arbitrary host binaries, allowing for complete container escapes ( attack 3a and attack 3b ). runc 1.1.12 includes patches for this issue.
漏洞公开时间：2024-02-01 06:15:53
漏洞创建时间：2025-01-18 08:29:46
漏洞详情参考链接：
https://nvd.nist.gov/vuln/detail/CVE-2024-21626

更多参考(点击展开)

参考来源	参考链接	来源链接
security-advisories.github.com	http://packetstormsecurity.com/files/176993/runc-1.1.11-File-Descriptor-Leak-Privilege-Escalation.html
security-advisories.github.com	http://www.openwall.com/lists/oss-security/2024/02/01/1
security-advisories.github.com	http://www.openwall.com/lists/oss-security/2024/02/02/3
security-advisories.github.com	https://github.com/opencontainers/runc/commit/02120488a4c0fc487d1ed2867e901eeed7ce8ecf
security-advisories.github.com	https://github.com/opencontainers/runc/releases/tag/v1.1.12
security-advisories.github.com	https://github.com/opencontainers/runc/security/advisories/GHSA-xr7r-f8xq-vfvv
security-advisories.github.com	https://lists.debian.org/debian-lts-announce/2024/02/msg00005.html
security-advisories.github.com	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2NLXNE23Q5ESQUAI22Z7A63JX2WMPJ2J/
security-advisories.github.com	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SYMO3BANINS6RGFQFKPRG4FIOJ7GWYTL/
redhat_bugzilla	https://access.redhat.com/errata/RHSA-2024:0670	https://bugzilla.redhat.com/show_bug.cgi?id=2258725
redhat_bugzilla	https://access.redhat.com/errata/RHSA-2024:0717	https://bugzilla.redhat.com/show_bug.cgi?id=2258725
redhat_bugzilla	https://access.redhat.com/errata/RHSA-2024:0756	https://bugzilla.redhat.com/show_bug.cgi?id=2258725
redhat_bugzilla	https://access.redhat.com/errata/RHSA-2024:0748	https://bugzilla.redhat.com/show_bug.cgi?id=2258725
redhat_bugzilla	https://access.redhat.com/errata/RHSA-2024:0752	https://bugzilla.redhat.com/show_bug.cgi?id=2258725
redhat_bugzilla	https://access.redhat.com/errata/RHSA-2024:0755	https://bugzilla.redhat.com/show_bug.cgi?id=2258725
redhat_bugzilla	https://access.redhat.com/errata/RHSA-2024:0760	https://bugzilla.redhat.com/show_bug.cgi?id=2258725
redhat_bugzilla	https://access.redhat.com/errata/RHSA-2024:0757	https://bugzilla.redhat.com/show_bug.cgi?id=2258725
redhat_bugzilla	https://access.redhat.com/errata/RHSA-2024:0759	https://bugzilla.redhat.com/show_bug.cgi?id=2258725
redhat_bugzilla	https://access.redhat.com/errata/RHSA-2024:0758	https://bugzilla.redhat.com/show_bug.cgi?id=2258725
redhat_bugzilla	https://access.redhat.com/errata/RHSA-2024:0682	https://bugzilla.redhat.com/show_bug.cgi?id=2258725
redhat_bugzilla	https://access.redhat.com/errata/RHSA-2024:0662	https://bugzilla.redhat.com/show_bug.cgi?id=2258725
redhat_bugzilla	https://access.redhat.com/errata/RHSA-2024:0684	https://bugzilla.redhat.com/show_bug.cgi?id=2258725
redhat_bugzilla	https://access.redhat.com/errata/RHSA-2024:0645	https://bugzilla.redhat.com/show_bug.cgi?id=2258725
redhat_bugzilla	https://access.redhat.com/errata/RHSA-2024:0666	https://bugzilla.redhat.com/show_bug.cgi?id=2258725
redhat_bugzilla	https://access.redhat.com/errata/RHSA-2024:0764	https://bugzilla.redhat.com/show_bug.cgi?id=2258725
redhat_bugzilla	https://access.redhat.com/errata/RHSA-2023:7201	https://bugzilla.redhat.com/show_bug.cgi?id=2258725
redhat_bugzilla	https://access.redhat.com/errata/RHSA-2024:1270	https://bugzilla.redhat.com/show_bug.cgi?id=2258725
redhat_bugzilla	https://access.redhat.com/errata/RHSA-2024:4597	https://bugzilla.redhat.com/show_bug.cgi?id=2258725
redhat_bugzilla	https://access.redhat.com/errata/RHSA-2024:10149	https://bugzilla.redhat.com/show_bug.cgi?id=2258725
redhat_bugzilla	https://access.redhat.com/errata/RHSA-2024:10520	https://bugzilla.redhat.com/show_bug.cgi?id=2258725
redhat_bugzilla	https://access.redhat.com/errata/RHSA-2024:10525	https://bugzilla.redhat.com/show_bug.cgi?id=2258725
redhat_bugzilla	https://access.redhat.com/errata/RHSA-2024:10841	https://bugzilla.redhat.com/show_bug.cgi?id=2258725
redhat_bugzilla	https://access.redhat.com/errata/RHSA-2025:0115	https://bugzilla.redhat.com/show_bug.cgi?id=2258725
debian		https://security-tracker.debian.org/tracker/CVE-2024-21626
oracle		https://www.oracle.com/security-alerts/cpuapr2024.html
gentoo		https://security.gentoo.org/glsa/202408-25
anolis		https://anas.openanolis.cn/cves/detail/CVE-2024-21626
cve_search		https://github.com/opencontainers/runc/security/advisories/GHSA-xr7r-f8xq-vfvv
cve_search		https://github.com/opencontainers/runc/commit/02120488a4c0fc487d1ed2867e901eeed7ce8ecf
cve_search		https://github.com/opencontainers/runc/releases/tag/v1.1.12
cve_search		http://www.openwall.com/lists/oss-security/2024/02/01/1
cve_search		http://www.openwall.com/lists/oss-security/2024/02/02/3
cve_search		http://packetstormsecurity.com/files/176993/runc-1.1.11-File-Descriptor-Leak-Privilege-Escalation.html
cve_search		https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SYMO3BANINS6RGFQFKPRG4FIOJ7GWYTL/
cve_search		https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2NLXNE23Q5ESQUAI22Z7A63JX2WMPJ2J/
cve_search		https://lists.debian.org/debian-lts-announce/2024/02/msg00005.html
github_advisory	https://github.com/opencontainers/runc/security/advisories/GHSA-xr7r-f8xq-vfvv	https://github.com/advisories/GHSA-xr7r-f8xq-vfvv
github_advisory	https://github.com/opencontainers/runc/commit/02120488a4c0fc487d1ed2867e901eeed7ce8ecf	https://github.com/advisories/GHSA-xr7r-f8xq-vfvv
github_advisory	https://github.com/opencontainers/runc/releases/tag/v1.1.12	https://github.com/advisories/GHSA-xr7r-f8xq-vfvv
runc	https://www.cve.org/CVERecord?id=CVE-2024-21626	https://github.com/opencontainers/runc/security/advisories/GHSA-xr7r-f8xq-vfvv
runc	https://github.com/opencontainers/runc/releases/tag/v1.1.12	https://github.com/opencontainers/runc/security/advisories/GHSA-xr7r-f8xq-vfvv
runc	https://github.com/opencontainers/runc/commit/7362cd5afe9d40131fb62cb075092025c7c71064	https://github.com/opencontainers/runc/security/advisories/GHSA-xr7r-f8xq-vfvv
runc	https://github.com/opencontainers/runc/commit/2ed79a6c91e56dcd2d1da47f8ffd663066153746	https://github.com/opencontainers/runc/security/advisories/GHSA-xr7r-f8xq-vfvv
runc	https://github.com/opencontainers/runc/commit/b2b5754eb34174e032f1048beb1b27db83e77c5a	https://github.com/opencontainers/runc/security/advisories/GHSA-xr7r-f8xq-vfvv
runc	https://github.com/opencontainers/runc/commit/996a33c0e468435c70a34a25be1cb023d7554563	https://github.com/opencontainers/runc/security/advisories/GHSA-xr7r-f8xq-vfvv
runc	https://github.com/opencontainers/runc/commit/f3429eda1a8d478d7dbcb9c07cef943d88e67671	https://github.com/opencontainers/runc/security/advisories/GHSA-xr7r-f8xq-vfvv
runc	https://github.com/opencontainers/runc/commit/4f263985016276c2faf709e9db98fcc8677a8a13	https://github.com/opencontainers/runc/security/advisories/GHSA-xr7r-f8xq-vfvv
go	https://github.com/opencontainers/runc/security/advisories/GHSA-xr7r-f8xq-vfvv	https://github.com/golang/vulndb/blob/master/reports/GO-2024-2491.yaml
go	https://github.com/opencontainers/runc/commit/02120488a4c0fc487d1ed2867e901eeed7ce8ecf	https://github.com/golang/vulndb/blob/master/reports/GO-2024-2491.yaml
go	http://packetstormsecurity.com/files/176993/runc-1.1.11-File-Descriptor-Leak-Privilege-Escalation.html	https://github.com/golang/vulndb/blob/master/reports/GO-2024-2491.yaml
osv	http://packetstormsecurity.com/files/176993/runc-1.1.11-File-Descriptor-Leak-Privilege-Escalation.html	https://osv.dev/vulnerability/CVE-2024-21626
osv	https://github.com/opencontainers/runc/security/advisories/GHSA-xr7r-f8xq-vfvv	https://osv.dev/vulnerability/CVE-2024-21626
osv	http://www.openwall.com/lists/oss-security/2024/02/01/1	https://osv.dev/vulnerability/CVE-2024-21626
osv	http://www.openwall.com/lists/oss-security/2024/02/02/3	https://osv.dev/vulnerability/CVE-2024-21626
osv	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SYMO3BANINS6RGFQFKPRG4FIOJ7GWYTL/	https://osv.dev/vulnerability/CVE-2024-21626
osv	https://github.com/opencontainers/runc/commit/02120488a4c0fc487d1ed2867e901eeed7ce8ecf	https://osv.dev/vulnerability/CVE-2024-21626
osv	https://github.com/opencontainers/runc/releases/tag/v1.1.12	https://osv.dev/vulnerability/CVE-2024-21626
osv	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2NLXNE23Q5ESQUAI22Z7A63JX2WMPJ2J/	https://osv.dev/vulnerability/CVE-2024-21626
aliyun	https://github.com/opencontainers/runc/releases/tag/v1.1.12	https://cert.360.cn/warning/detail?id=65bb589cc09f255b91b17d32
amazon_linux_explore	https://access.redhat.com/security/cve/CVE-2024-21626	https://explore.alas.aws.amazon.com/CVE-2024-21626.html
amazon_linux_explore	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21626	https://explore.alas.aws.amazon.com/CVE-2024-21626.html
snyk	https://aws.amazon.com/security/security-bulletins/AWS-2024-001/	https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMCONTAINERDCONTAINERDV2-6219725
snyk	https://cloud.google.com/support/bulletins#gcp-2024-005	https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMCONTAINERDCONTAINERDV2-6219725
snyk	https://github.com/containerd/containerd/commit/b20b9f86b583b11a7fac34e6c682bc7633c74237	https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMCONTAINERDCONTAINERDV2-6219725
snyk	https://github.com/moby/moby/commit/7a920fd27536ed5c547eddd9a71068b71a4ace6e	https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMCONTAINERDCONTAINERDV2-6219725
snyk	https://github.com/opencontainers/runc/commit/02120488a4c0fc487d1ed2867e901eeed7ce8ecf	https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMCONTAINERDCONTAINERDV2-6219725
snyk	https://github.com/containers/youki/releases/tag/v0.3.2	https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMCONTAINERDCONTAINERDV2-6219725
snyk	https://www.openwall.com/lists/oss-security/2024/01/31/6	https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMCONTAINERDCONTAINERDV2-6219725
snyk	https://snyk.io/blog/cve-2024-21626-runc-process-cwd-container-breakout/	https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMCONTAINERDCONTAINERDV2-6219725
snyk	https://aws.amazon.com/security/security-bulletins/AWS-2024-001/	https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMCONTAINERDCONTAINERD-6219724
snyk	https://cloud.google.com/support/bulletins#gcp-2024-005	https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMCONTAINERDCONTAINERD-6219724
snyk	https://github.com/containerd/containerd/commit/b20b9f86b583b11a7fac34e6c682bc7633c74237	https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMCONTAINERDCONTAINERD-6219724
snyk	https://github.com/moby/moby/commit/7a920fd27536ed5c547eddd9a71068b71a4ace6e	https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMCONTAINERDCONTAINERD-6219724
snyk	https://github.com/opencontainers/runc/commit/02120488a4c0fc487d1ed2867e901eeed7ce8ecf	https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMCONTAINERDCONTAINERD-6219724
snyk	https://github.com/containers/youki/releases/tag/v0.3.2	https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMCONTAINERDCONTAINERD-6219724
snyk	https://www.openwall.com/lists/oss-security/2024/01/31/6	https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMCONTAINERDCONTAINERD-6219724
snyk	https://snyk.io/blog/cve-2024-21626-runc-process-cwd-container-breakout/	https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMCONTAINERDCONTAINERD-6219724
snyk	https://aws.amazon.com/security/security-bulletins/AWS-2024-001/	https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMOPENCONTAINERSRUNCLIBCONTAINERINTEGRATION-6209336
snyk	https://cloud.google.com/support/bulletins#gcp-2024-005	https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMOPENCONTAINERSRUNCLIBCONTAINERINTEGRATION-6209336
snyk	https://github.com/containerd/containerd/commit/b20b9f86b583b11a7fac34e6c682bc7633c74237	https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMOPENCONTAINERSRUNCLIBCONTAINERINTEGRATION-6209336
snyk	https://github.com/moby/moby/commit/7a920fd27536ed5c547eddd9a71068b71a4ace6e	https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMOPENCONTAINERSRUNCLIBCONTAINERINTEGRATION-6209336
snyk	https://github.com/opencontainers/runc/commit/02120488a4c0fc487d1ed2867e901eeed7ce8ecf	https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMOPENCONTAINERSRUNCLIBCONTAINERINTEGRATION-6209336
snyk	https://github.com/containers/youki/releases/tag/v0.3.2	https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMOPENCONTAINERSRUNCLIBCONTAINERINTEGRATION-6209336
snyk	https://www.openwall.com/lists/oss-security/2024/01/31/6	https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMOPENCONTAINERSRUNCLIBCONTAINERINTEGRATION-6209336
snyk	https://snyk.io/blog/cve-2024-21626-runc-process-cwd-container-breakout/	https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMOPENCONTAINERSRUNCLIBCONTAINERINTEGRATION-6209336
snyk	https://aws.amazon.com/security/security-bulletins/AWS-2024-001/	https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMOPENCONTAINERSRUNCLIBCONTAINERCGROUPS-6209335
snyk	https://cloud.google.com/support/bulletins#gcp-2024-005	https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMOPENCONTAINERSRUNCLIBCONTAINERCGROUPS-6209335
snyk	https://github.com/containerd/containerd/commit/b20b9f86b583b11a7fac34e6c682bc7633c74237	https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMOPENCONTAINERSRUNCLIBCONTAINERCGROUPS-6209335
snyk	https://github.com/moby/moby/commit/7a920fd27536ed5c547eddd9a71068b71a4ace6e	https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMOPENCONTAINERSRUNCLIBCONTAINERCGROUPS-6209335
snyk	https://github.com/opencontainers/runc/commit/02120488a4c0fc487d1ed2867e901eeed7ce8ecf	https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMOPENCONTAINERSRUNCLIBCONTAINERCGROUPS-6209335

漏洞分析指导链接：
https://gitee.com/openeuler/cve-manager/blob/master/cve-vulner-manager/doc/md/manual.md
漏洞数据来源:
openBrain开源漏洞感知系统
漏洞补丁信息：

详情(点击展开)

影响的包	修复版本	修复补丁	问题引入补丁	来源
		https://github.com/opencontainers/runc/commit/02120488a4c0fc487d1ed2867e901eeed7ce8ecf		security-advisories.github.com
		https://github.com/opencontainers/runc/commit/02120488a4c0fc487d1ed2867e901eeed7ce8ecf		github_advisory
		https://github.com/opencontainers/runc/commit/7362cd5afe9d40131fb62cb075092025c7c71064		runc
		https://github.com/opencontainers/runc/commit/2ed79a6c91e56dcd2d1da47f8ffd663066153746		runc
		https://github.com/opencontainers/runc/commit/b2b5754eb34174e032f1048beb1b27db83e77c5a		runc
		https://github.com/opencontainers/runc/commit/996a33c0e468435c70a34a25be1cb023d7554563		runc
		https://github.com/opencontainers/runc/commit/f3429eda1a8d478d7dbcb9c07cef943d88e67671		runc
		https://github.com/opencontainers/runc/commit/4f263985016276c2faf709e9db98fcc8677a8a13		runc
		https://github.com/opencontainers/runc/commit/02120488a4c0fc487d1ed2867e901eeed7ce8ecf		go
		https://github.com/opencontainers/runc/commit/02120488a4c0fc487d1ed2867e901eeed7ce8ecf		osv
		https://github.com/containerd/containerd/commit/b20b9f86b583b11a7fac34e6c682bc7633c74237		snyk
		https://github.com/moby/moby/commit/7a920fd27536ed5c547eddd9a71068b71a4ace6e		snyk
		https://github.com/opencontainers/runc/commit/02120488a4c0fc487d1ed2867e901eeed7ce8ecf		snyk
		http://packetstormsecurity.com/files/176993/runc-1.1.11-File-Descriptor-Leak-Privilege-Escalation.html		nvd
		http://www.openwall.com/lists/oss-security/2024/02/01/1		nvd
		http://www.openwall.com/lists/oss-security/2024/02/02/3		nvd
		https://github.com/opencontainers/runc/commit/02120488a4c0fc487d1ed2867e901eeed7ce8ecf		nvd
		https://github.com/opencontainers/runc/releases/tag/v1.1.12		nvd
		https://github.com/opencontainers/runc/security/advisories/GHSA-xr7r-f8xq-vfvv		nvd
		https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SYMO3BANINS6RGFQFKPRG4FIOJ7GWYTL/		nvd

二、漏洞分析结构反馈
影响性分析说明：

openEuler评分：

受影响版本排查(受影响/不受影响)：
1.master(1.34.1):
2.openEuler-20.03-LTS-SP4:
3.openEuler-22.03-LTS-SP3(1.26.1):
4.openEuler-22.03-LTS-SP4(1.26.1):
5.openEuler-24.03-LTS(1.34.1):
6.openEuler-24.03-LTS-Next(1.34.1):
7.openEuler-24.03-LTS-SP1(1.34.1):

修复是否涉及abi变化(是/否)：
1.master(1.34.1):
2.openEuler-20.03-LTS-SP4:
3.openEuler-22.03-LTS-SP3(1.26.1):
4.openEuler-22.03-LTS-SP4(1.26.1):
5.openEuler-24.03-LTS(1.34.1):
6.openEuler-24.03-LTS-Next(1.34.1):
7.openEuler-24.03-LTS-SP1(1.34.1):

原因说明：
1.master(1.34.1):
2.openEuler-20.03-LTS-SP4:
3.openEuler-22.03-LTS-SP3(1.26.1):
4.openEuler-22.03-LTS-SP4(1.26.1):
5.openEuler-24.03-LTS(1.34.1):
6.openEuler-24.03-LTS-Next(1.34.1):
7.openEuler-24.03-LTS-SP1(1.34.1):

@yangzhao_kl ,@jianminw ,@weibaohui ,@duguhaotian ,@fu-shanqing ,@duyiwei7w ,@wonleing ,@jianli-97 ,@zmr_2020 ,@gaodaweiky ,@xuxuepeng ,@lu-wei-army 
**issue处理注意事项:** 
**1. 当前issue受影响的分支提交pr时, 须在pr描述中填写当前issue编号进行关联, 否则无法关闭当前issue;**
**2. 模板内容需要填写完整, 无论是受影响或者不受影响都需要填写完整内容,未引入的分支不需要填写, 否则无法关闭当前issue;**
**3. 以下为模板中需要填写完整的内容, 请复制到评论区回复, 注: 内容的标题名称(影响性分析说明, openEuler评分, 受影响版本排查(受影响/不受影响), 修复是否涉及abi变化(是/否), 原因说明)不能省略,省略后cve-manager将无法正常解析填写内容.**
************************************************************************
影响性分析说明:

openEuler评分: (评分和向量)

受影响版本排查(受影响/不受影响): 
1.master(1.34.1):
2.openEuler-20.03-LTS-SP4:
3.openEuler-22.03-LTS-SP3(1.26.1):
4.openEuler-22.03-LTS-SP4(1.26.1):
5.openEuler-24.03-LTS(1.34.1):
6.openEuler-24.03-LTS-Next(1.34.1):
7.openEuler-24.03-LTS-SP1(1.34.1):

修复是否涉及abi变化(是/否)：
1.master(1.34.1):
2.openEuler-20.03-LTS-SP4:
3.openEuler-22.03-LTS-SP3(1.26.1):
4.openEuler-22.03-LTS-SP4(1.26.1):
5.openEuler-24.03-LTS(1.34.1):
6.openEuler-24.03-LTS-Next(1.34.1):
7.openEuler-24.03-LTS-SP1(1.34.1):

原因说明：
1.master(1.34.1):
2.openEuler-20.03-LTS-SP4:
3.openEuler-22.03-LTS-SP3(1.26.1):
4.openEuler-22.03-LTS-SP4(1.26.1):
5.openEuler-24.03-LTS(1.34.1):
6.openEuler-24.03-LTS-Next(1.34.1):
7.openEuler-24.03-LTS-SP1(1.34.1):

issue处理具体操作请参考: 
https://gitee.com/openeuler/cve-manager/blob/master/cve-vulner-manager/doc/md/manual.md
pr关联issue具体操作请参考:
https://gitee.com/help/articles/4142

参考网址	关联pr	状态	补丁链接
https://nvd.nist.gov/vuln/detail/CVE-2024-21626	None	None	https://github.com/opencontainers/runc/commit/02120488a4c0fc487d1ed2867e901eeed7ce8ecf
https://ubuntu.com/security/CVE-2024-21626	None	None	https://discourse.ubuntu.com/c/project
https://www.opencve.io/cve/CVE-2024-21626	None	None	https://github.com/opencontainers/runc/commit/02120488a4c0fc487d1ed2867e901eeed7ce8ecf
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2024-21626
https://security-tracker.debian.org/tracker/CVE-2024-21626	None	None	https://github.com/opencontainers/runc/commit/f2f16213e174fb63e931fe0546bbbad1d9bbed6f https://github.com/opencontainers/runc/commit/937ca107c3d22da77eb8e8030f2342253b980980 https://github.com/opencontainers/runc/commit/89c93ddf289437d5c8558b37047c54af6a0edb48 https://github.com/opencontainers/runc/commit/d8edada9f252873b88043279a71099db71941dea https://github.com/opencontainers/runc/commit/ee73091a8d28692fa4868bac81aa40a0b05f9780 https://github.com/opencontainers/runc/commit/8e1cd2f56d518f8d6292b8bb39f0d0932e4b6c2a

说明：补丁链接仅供初步排查参考，实际可用性请人工再次确认，补丁下载验证可使用CVE补丁工具。
若补丁不准确，烦请在此issue下评论 '/report-patch 参考网址补丁链接1,补丁链接2' 反馈正确信息，便于我们不断优化工具，不胜感激。
如 /report-patch https://security-tracker.debian.org/tracker/CVE-2021-3997 https://github.com/systemd/systemd/commit/5b1cf7a9be37e20133c0208005274ce4a5b5c6a1

src-openEuler/buildah

内容风险标识

评论 (3)

src-openEuler/buildah .gitee-modal { width: 500px !important; }

内容风险标识

CVE-2024-21626

评论 (3)

搜索帮助

src-openEuler/buildah