355 matches found
[SECURITY] Fedora 41 Update: cri-o1.32-1.32.10-1.fc41
Open Container Initiative-based implementation of Kubernetes Container Runtime Interface...
[SECURITY] Fedora 41 Update: cri-o1.34-1.34.2-1.fc41
Open Container Initiative-based implementation of Kubernetes Container Runtime Interface...
Fedora 42 : cri-o1.34 (2025-1e7710541e)
The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-1e7710541e advisory. - Update to release 1.34.2 - Resolves: rhbz2407595, rhbz2407866, rhbz2408142, rhbz2408577 - Resolves: rhbz2408640, rhbz2408703, rhbz2409050,...
TencentOS Server 4: crun (TSSA-2025:0244)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0244 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...
RHEL 9 : podman (RHSA-2025:21702)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:21702 advisory. The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods...
GO-2025-4100 containerd affected by a local privilege escalation via wide permissions on CRI directory in github.com/containerd/containerd
containerd affected by a local privilege escalation via wide permissions on CRI directory in github.com/containerd/containerd...
[SECURITY] Fedora 41 Update: containerd-1.7.29-1.fc41
Containerd is an industry-standard container runtime with an emphasis on simplicity, robustness and portability. It is available as a daemon for Linux and Windows, which can manage the complete container lifecycle of its host system: image transfer and storage, container execution and supervision...
[SECURITY] Fedora 43 Update: containerd-2.1.5-1.fc43
Containerd is an industry-standard container runtime with an emphasis on simplicity, robustness and portability. It is available as a daemon for Linux and Windows, which can manage the complete container lifecycle of its host system: image transfer and storage, container execution and supervision...
[SECURITY] Fedora 42 Update: runc-1.3.3-1.fc42
The runc command can be used to start containers which are packaged in accordance with the Open Container Initiative's specifications, and to manage containers running under runc...
AZL-70316 CVE-2025-47913 affecting package cri-o 1.30.1-1
SSH clients receiving SSHAGENTSUCCESS when expecting a typed response will panic and cause early termination of the client process...
containerd affected by a local privilege escalation via wide permissions on CRI directory
...
SUSE CVE-2025-64329
containerd is an open-source container runtime. Versions 1.7.28 and below, 2.0.0-beta.0 through 2.0.6, 2.1.0-beta.0 through 2.1.4, and 2.2.0-beta.0 through 2.2.0-rc.1 contain a bug in the CRI Attach implementation where a user can exhaust memory on the host due to goroutine leaks. This issue is...
AZL-69745 CVE-2025-64329 affecting package moby-containerd-cc for versions less than 1.7.7-10
containerd is an open-source container runtime. Versions 1.7.28 and below, 2.0.0-beta.0 through 2.0.6, 2.1.0-beta.0 through 2.1.4, and 2.2.0-beta.0 through 2.2.0-rc.1 contain a bug in the CRI Attach implementation where a user can exhaust memory on the host due to goroutine leaks. This issue is...
AZL-69976 CVE-2025-64329 affecting package moby-containerd-cc for versions less than 1.7.7-13
containerd is an open-source container runtime. Versions 1.7.28 and below, 2.0.0-beta.0 through 2.0.6, 2.1.0-beta.0 through 2.1.4, and 2.2.0-beta.0 through 2.2.0-rc.1 contain a bug in the CRI Attach implementation where a user can exhaust memory on the host due to goroutine leaks. This issue is...
CVE-2025-64329
containerd is an open-source container runtime. Versions 1.7.28 and below, 2.0.0-beta.0 through 2.0.6, 2.1.0-beta.0 through 2.1.4, and 2.2.0-beta.0 through 2.2.0-rc.1 contain a bug in the CRI Attach implementation where a user can exhaust memory on the host due to goroutine leaks. This issue is...
CVE-2025-52565
runc is a CLI tool for spawning and running containers according to the OCI specification. Versions 1.0.0-rc3 through 1.2.7, 1.3.0-rc.1 through 1.3.2, and 1.4.0-rc.1 through 1.4.0-rc.2, due to insufficient checks when bind-mounting /dev/pts/$n to /dev/console inside the container, an attacker can...
CVE-2024-25621 containerd affected by a local privilege escalation via wide permissions on CRI directory
containerd is an open-source container runtime. Versions 0.1.0 through 1.7.28, 2.0.0-beta.0 through 2.0.6, 2.1.0-beta.0 through 2.1.4 and 2.2.0-beta.0 through 2.2.0-rc.1 have an overly broad default permission vulnerability. Directory paths /var/lib/containerd,...
CVE-2024-25621
containerd is an open-source container runtime. Versions 0.1.0 through 1.7.28, 2.0.0-beta.0 through 2.0.6, 2.1.0-beta.0 through 2.1.4 and 2.2.0-beta.0 through 2.2.0-rc.1 have an overly broad default permission vulnerability. Directory paths /var/lib/containerd,...
runc 安全漏洞
runc is an Open Container Initiative open source CLI Command Line Interface tool for generating and running containers according to the OCI specification. A security vulnerability exists in runc versions 1.2.7, 1.3.2, and 1.4.0-rc.2, which stems from an attacker's ability to misdirect a write...
CVE-2025-62596 youki container escape and denial of service due to arbitrary write gadgets and procfs write redirects
Youki is a container runtime written in Rust. In versions 0.5.6 and below, youki’s apparmor handling performs insufficiently strict write-target validation, and when combined with path substitution during pathname resolution, can allow writes to unintended procfs locations. While resolving a path...