CVE-2024-21626 - Runc container issue

CVE-2024-21626 affects the runc component in container management systems. Most AWS services have released updates or will automatically patch affected systems. Amazon Linux users should apply updates available for Amazon Linux 1, 2, and 2023. Bottlerocket users will receive an updated runc in the upcoming Bottlerocket 1.19.0 release. ECS customers can update to the latest AMIs or perform a "yum update —security" to apply the patch. EKS users can upgrade node groups, Karpenter nodes, or self-managed worker nodes. EKS Fargate will automatically apply the patch to new pods starting February 1, 2024. Existing pods must be deleted after February 2, 2024 to receive the patch. EKS Anywhere provides updated images with the patched runtime. Customers can upgrade clusters to use these images. AWS Elastic Beanstalk users can apply platform updates or upgrade their environment's platform version. Finch users should upgrade their macOS installation to the latest release. The Amazon Linux 2 Deep Learning AMI will automatically consume the latest runc updates. Batch customers using the default Compute Environment AMI should replace it with the latest version. SageMaker resources created or restarted after February 2, 2024 will automatically use the patched runc. Live SageMaker Inference endpoints will be automatically patched by February 7, 2024.