NOMISEC-yen5004/CVE-2024-40635_POC

NOMISEC WORKING POC

Exploit for CVE-2024-40635 - containerd <1.6.38, <1.7.27, <2.0.4 - Privilege Escalation

AI Analysis

This repository contains a functional PoC for CVE-2024-40635, demonstrating a vulnerability where Docker containers with UID/GID exceeding 32-bit signed integers may incorrectly run as root. The script checks container attributes to confirm the vulnerability.

Attack Type

LPE

Complexity

moderate

Reliability

reliable

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation

Loading exploit code...

Download ZIP Password: eip

Source

Platform Nomisec

Type poc

Files 2

https://github.com/yen5004/CVE-2024-40635_POC

Stars 0

Forks 0

Last Push Apr 30, 2025

Authors

yen5004

Vulnerability

CVE-2024-40635

containerd <1.6.38, <1.7.27, <2.0.4 - Privilege Escalation

MEDIUM

CVSS 4.6