CVE-2024-22036

EUVD-2024-3054

16.04.2025, 09:15

A vulnerability has been identified within Rancher where a cluster or node driver can be used to escape the chroot
jail and gain root access to the Rancher container itself. In
production environments, further privilege escalation is possible based
on living off the land within the Rancher container itself. For the test
and development environments, based on a –privileged Docker container,
it is possible to escape the Docker container and gain execution access
on the host system.

This issue affects rancher: from 2.7.0 before 2.7.16, from 2.8.0 before 2.8.9, from 2.9.0 before 2.9.3.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
suse	CNA	9.1 CRITICAL	NETWORK	LOW	HIGH	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Base Score

CVSS 3.x

EPSS Score

Percentile: 38%

Early Detection

Affected products identified ahead of NVD analysis through intelligence sources.

Vendor	Product	Version	Source
suse	rancher	2.7.0 ≤ 𝑥 < 2.7.16	CNA
suse	rancher	2.8.0 ≤ 𝑥 < 2.8.9	CNA
suse	rancher	2.9.0 ≤ 𝑥 < 2.9.3	CNA

Common Weakness Enumeration

CWE-269 - Improper Privilege Management
The software does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

References

https://bugzilla.suse.com/show_bug.cgi?id=CVE-2024-22036

https://github.com/rancher/rancher/security/advisories/GHSA-h99m-6755-rgwc