CVE-2024-8676
CVSS 3.1 Score 7.4 of 10 (high)
Details
Summary
CVE-2024-8676 is a vulnerability affecting CRI-O, an open-source container runtime for Kubernetes. The issue stems from a lack of validation during container restoration. When CRI-O restores a container, it incorrectly assumes the mounts specified in the pod spec for the new container are the same as those in the restored archive. This oversight allows a malicious user, with access to the kubelet or cri-o socket, to trigger the restoration of a pod without the necessary access to host mounts, potentially leading to unintended container behavior or security breaches.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.