Medium: containerd

🗓️ 10 Apr 2023 00:00:00Reported by AmazonType

amazon

amazon🔗 alas.aws.amazon.com👁 1 Views

Containerd memory leak and denial of service vulnerabilities require updates to avoid exploitation.

Reporter	Title	Published	Views	Family All 363
IBM Security Bulletins	Security Bulletin: Mutiple Vulnerabilties affects IBM Watson Machine Learning Accelerator 3.5.0 for Cloud Pak for Data 4.6.5	8 Feb 202419:05	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Cloud Pak for Data Scheduling is vulnerable to multiple ansible-operator and opm vulnerabilities	20 Feb 202419:29	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Cloud Transformation Advisor is vulnerable to multiple vulnerabilities found in Java, Node.js and IBM WebSphere Application Server Liberty	13 Mar 202503:39	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in containerd may affect IBM Decision Optimization for IBM Cloud Pak for Data (CVE-2022-31030, CVE-2022-23471)	9 Jan 202415:40	–	ibm
IBM Security Bulletins	Security Bulletin: IBM InfoSphere Information Server is affected by multiple vulnerabilities in containerd	17 May 202314:31	–	ibm
IBM Security Bulletins	Security Bulletin: IBM MQ Operator and Queue manager container images are vulnerable to multiple vulnerabilities from shadow-utils, procps-ng, containerd, urllib3, nghttp2 and Golang	15 Dec 202307:33	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Edge Application Manager 4.5.1 addresses multiple security vulnerabilities	31 May 202322:20	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in CloudPak for Watson AIOps	26 Mar 202503:48	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to containerd security bypass and denial of service vulnerabilities( CVE-2023-25173, CVE-2023-25153)	5 Jul 202321:11	–	ibm
IBM Security Bulletins	Security Bulletin: A vulnerability in containerd affects IBM Robotic Process Automation for Cloud Pak and may result in a denial of service (CVE-2022-23471)	23 Jun 202320:44	–	ibm

OS	OS Version	Architecture	Package	Package Version	Filename
Amazon Linux	2	aarch64	containerd	1.6.19-1.amzn2023.0.1	containerd-1.6.19-1.amzn2023.0.1.aarch64.rpm
Amazon Linux	2	x86_64	containerd	1.6.19-1.amzn2023.0.1	containerd-1.6.19-1.amzn2023.0.1.x86_64.rpm
Amazon Linux	2	aarch64	containerd-debuginfo	1.6.19-1.amzn2023.0.1	containerd-debuginfo-1.6.19-1.amzn2023.0.1.aarch64.rpm
Amazon Linux	2	x86_64	containerd-debuginfo	1.6.19-1.amzn2023.0.1	containerd-debuginfo-1.6.19-1.amzn2023.0.1.x86_64.rpm
Amazon Linux	2	aarch64	containerd-debugsource	1.6.19-1.amzn2023.0.1	containerd-debugsource-1.6.19-1.amzn2023.0.1.aarch64.rpm
Amazon Linux	2	x86_64	containerd-debugsource	1.6.19-1.amzn2023.0.1	containerd-debugsource-1.6.19-1.amzn2023.0.1.x86_64.rpm
Amazon Linux	2	aarch64	containerd-stress	1.6.19-1.amzn2023.0.1	containerd-stress-1.6.19-1.amzn2023.0.1.aarch64.rpm
Amazon Linux	2	x86_64	containerd-stress	1.6.19-1.amzn2023.0.1	containerd-stress-1.6.19-1.amzn2023.0.1.x86_64.rpm
Amazon Linux	2	aarch64	containerd-stress-debuginfo	1.6.19-1.amzn2023.0.1	containerd-stress-debuginfo-1.6.19-1.amzn2023.0.1.aarch64.rpm
Amazon Linux	2	x86_64	containerd-stress-debuginfo	1.6.19-1.amzn2023.0.1	containerd-stress-debuginfo-1.6.19-1.amzn2023.0.1.x86_64.rpm

10 Apr 2023 00:00Current

7.3High risk

Vulners AI Score7.3

CVSS 3.16.2 - 7.8

EPSS0.00259

SSVC

containerd vulnerabilities memory leak denial of service security patch trusted images container security