Rancher Remote Code Execution Vulnerability via Cluster and Node Drivers

A critical vulnerability in Rancher allows cluster or node drivers to escape the chroot jail and gain root access to the Rancher container. This issue affects Rancher versions 2.7.0 prior to 2.7.16, 2.8.0 prior to 2.8.9, and 2.9.0 prior to 2.9.3. In production environments, this vulnerability could lead to further privilege escalation by exploiting existing permissions within the Rancher container. In test and development environments, where a privileged Docker container is used, it is possible to escape the Docker container and execute commands on the host system.

Impact

Exploitation of this vulnerability allows for unauthorized root access to the Rancher container, with potential privilege escalation in production environments. In test and development environments, it could lead to execution access on the host system.

Remediation

Users can upgrade to Rancher versions 2.7.16, 2.8.9, or 2.9.3 to address this vulnerability. If an upgrade is not possible, it is recommended to only use trusted drivers and limit the use of Admins/Restricted Admins to trusted users.