Exploit for File Descriptor Leak in Linuxfoundation Runc

August 2, 2025 invoker category_exploit

Exploit Details

Basic Information

Exploit Title Exploit for File Descriptor Leak in Linuxfoundation Runc
Exploit ID 734F9BE6-9D09-50BC-A24B-A0BFFBCCD0E7
Type githubexploit
Published 2025-08-02T16:01:15
Modified 2025-08-02T17:03:14

CVSS Information

CVSS Score 8.6
Severity HIGH
Vector CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

AI Analysis

AI Description A file descriptor leak in runc versions up to 1.1.11 allows unauthorized access due to improper handling during cgroup setup.
AI Severity Critical
AI Vendor Linux Foundation
AI Product runc
AI Version up to 1.1.11

CVE Information

  • CVE-2024-21626

Exploit Description

CVE-2024-21626 Root cause & Proof of cause How to use poc-autoplay? bash make install make uninstall 1. Root cause runc v1.1.11 버전 이하에서 cgroup을 설정하기 위해 호스트의 /sys/fs/cgroup 디렉토리를 여는 과정에서 해당 파일 디스크립터를 컨테이너 초기화 프로세스에 닫지…

View Full Exploit Details

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.