CVE-2024-8676

HIGH EPSS 51.1%

Published Nov 26, 20241y ago · Modified Jun 17, 20261w ago

7.4 CVSS 3.1

High

Published Nov 26, 2024 1y ago

Last Modified Jun 17, 2026 1w ago

Description

A vulnerability was found in CRI-O, where it can be requested to take a checkpoint archive of a container and later be asked to restore it. When it does that restoration, it attempts to restore the mounts from the restore archive instead of the pod request. As a result, the validations run on the pod spec, verifying that the pod has access to the mounts it specifies are not applicable to a restored container. This flaw allows a malicious user to trick CRI-O into restoring a pod that doesn't have access to host mounts. The user needs access to the kubelet or cri-o socket to call the restore endpoint and trigger the restore.

CVSS Details

Base Score

7.4

Exploitability

2.2

Impact

5.2

Vector string

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

Attack Vector Network

Attack Complexity High

Privileges Required None

User Interaction None

Scope Unchanged

Confidentiality High

Integrity High

Availability None

Threat Intelligence

EPSS Exploit Probability

51.1% percentile

Exploit & Patch Status

No Known Exploit

No Patch Available

Weaknesses 1

CWE-285

References 8

access.redhat.com https://access.redhat.com/errata/RHBA-2024:10826
access.redhat.com https://access.redhat.com/errata/RHSA-2025:0648
access.redhat.com https://access.redhat.com/errata/RHSA-2025:1908
access.redhat.com https://access.redhat.com/errata/RHSA-2025:3297
access.redhat.com https://access.redhat.com/errata/RHSA-2025:4211
access.redhat.com https://access.redhat.com/errata/RHSA-2025:9765
access.redhat.com https://access.redhat.com/security/cve/CVE-2024-8676
bugzilla.redhat.com https://bugzilla.redhat.com/show_bug.cgi?id=2313842

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.