SecuriTricks - CVE-2024-22036

Description

A vulnerability has been identified within Rancher where a cluster or node driver can be used to escape the chroot jail and gain root access to the Rancher container itself. In production environments, further privilege escalation is possible based on living off the land within the Rancher container itself. For the test and development environments, based on a –privileged Docker container, it is possible to escape the Docker container and gain execution access on the host system. This issue affects rancher: from 2.7.0 before 2.7.16, from 2.8.0 before 2.8.9, from 2.9.0 before 2.9.3.

Product(s) Impacted

Vendor	Product	Versions
Rancher	Rancher	2.7.0-2.7.15, 2.8.0-2.8.8, 2.9.0-2.9.2

Weaknesses

Common security weaknesses mapped to this vulnerability.

CWE-269

Improper Privilege Management

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

*CPE(s)

Affected systems and software identified for this CVE.

Type	Vendor	Product	Version	Update	Edition	Language	Software Edition	Target Software	Target Hardware	Other Information
a	rancher	rancher	2.7.0-2.7.15	/	/	/	/	/	/	/
a	rancher	rancher	2.8.0-2.8.8	/	/	/	/	/	/	/
a	rancher	rancher	2.9.0-2.9.2	/	/	/	/	/	/	/

References

https://bugzilla.suse.com/show_bug.cgi?id=CVE-2024-22036

https://github.com/rancher/rancher/security/advisories/GHSA-h99m-6755-rgwc

CVSS Score

9.1 / 10

CVSS Data - 3.1

Attack Vector: NETWORK
Attack Complexity: LOW
Privileges Required: HIGH
Scope: CHANGED
Confidentiality Impact: HIGH
Integrity Impact: HIGH
Availability Impact: HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

View Vector String

Timeline

Published: April 16, 2025, 9:15 a.m.
Last Modified: April 16, 2025, 1:25 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

meissner@suse.de

CVE-2024-22036