3 matches found
CVE-2026-53489
containerd is an open-source container runtime. Versions prior to 2.3.2, 2.2.5 and 2.1.9 contain a bug where the CRI plugin restores container.log from a checkpoint image without validating a symlinked path. This could result in reading an arbitrary file on the host via kubectl logs. This issue h...
github.com/containerd/containerd: containerd: Arbitrary host file read via symlink following in CRI checkpoint restore
A flaw was found in containerd, an open-source container runtime. The Container Runtime Interface CRI plugin incorrectly restores container logs from a checkpoint image. This vulnerability, categorized as a Path Traversal CWE-61, allows an attacker to read arbitrary files on the host system by...
PT-2026-34348
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A crash occurs in the dmaengine idxd driver when the event log is disabled. If the hardware does not support reporting errors to the event log and an error triggering a Function Level...