CVE-2024-22036

CRITICAL

Rancher 2.7.0-2.7.15, 2.8.0-2.8.8, 2.9.0-2.9.2 - Privilege Escalation via Chroot Escape

Title source: llm

Description

A vulnerability has been identified within Rancher where a cluster or node driver can be used to escape the chroot jail and gain root access to the Rancher container itself. In production environments, further privilege escalation is possible based on living off the land within the Rancher container itself. For the test and development environments, based on a –privileged Docker container, it is possible to escape the Docker container and gain execution access on the host system. This issue affects rancher: from 2.7.0 before 2.7.16, from 2.8.0 before 2.8.9, from 2.9.0 before 2.9.3.

References (2)

Core 2

Core References

Vendor Advisory

https://github.com/rancher/rancher/security/advisories/GHSA-h99m-6755-rgwc

Issue Tracking

https://bugzilla.suse.com/show_bug.cgi?id=CVE-2024-22036

Scores

CVSS v3 9.1

EPSS 0.0017

EPSS Percentile 38.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-269

Status published

Products (4)

rancher/rancher 2.7.0 - 2.7.16Go

SUSE/rancher 2.7.0 - 2.7.16

SUSE/rancher 2.8.0 - 2.8.9

SUSE/rancher 2.9.0 - 2.9.3

Published Apr 16, 2025

Tracked Since Feb 18, 2026