774 matches found
CVE-2025-64329 containerd CRI server: Host memory exhaustion through Attach goroutine leak
containerd is an open-source container runtime. Versions 1.7.28 and below, 2.0.0-beta.0 through 2.0.6, 2.1.0-beta.0 through 2.1.4, and 2.2.0-beta.0 through 2.2.0-rc.1 contain a bug in the CRI Attach implementation where a user can exhaust memory on the host due to goroutine leaks. This issue is...
CVE-2025-64329 containerd CRI server: Host memory exhaustion through Attach goroutine leak
containerd is an open-source container runtime. Versions 1.7.28 and below, 2.0.0-beta.0 through 2.0.6, 2.1.0-beta.0 through 2.1.4, and 2.2.0-beta.0 through 2.2.0-rc.1 contain a bug in the CRI Attach implementation where a user can exhaust memory on the host due to goroutine leaks. This issue is...
EUVD-2025-38219
containerd is an open-source container runtime. Versions 1.7.28 and below, 2.0.0-beta.0 through 2.0.6, 2.1.0-beta.0 through 2.1.4, and 2.2.0-beta.0 through 2.2.0-rc.1 contain a bug in the CRI Attach implementation where a user can exhaust memory on the host due to goroutine leaks. This issue is...
CVE-2025-64329
CVE-2025-64329 affects containerd across multiple streams. The CVE stems from a bug in the CRI Attach implementation that can exhaust host memory due to goroutine leaks in vulnerable releases (versions: 1.7.28 and earlier; 2.0.0-beta.0–2.0.6; 2.1.0-beta.0–2.1.4; 2.2.0-beta.0–2.2.0-rc.1). Affected...
containerd 安全漏洞
containerd is an industry-standard container runtime open-sourced by containerd. A security vulnerability exists in containerd versions 1.7.28 and earlier, 2.0.0-beta.0 through 2.0.6, 2.1.0-beta.0 through 2.1.4, and 2.2.0-beta.0 through 2.2.0-rc.1, which stems from a goroutine in the CRI Attach...
Linux Distros Unpatched Vulnerability : CVE-2025-64329
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - containerd is an open-source container runtime. Versions 1.7.28 and below, 2.0.0-beta.0 through 2.0.6, 2.1.0-beta.0 through 2.1.4, and 2.2.0-beta.0 through...
GHSA-M6HQ-P25P-FFR2 containerd CRI server: Host memory exhaustion through Attach goroutine leak
Impact A bug was found in containerd's CRI Attach implementation where a user can exhaust memory on the host due to goroutine leaks. Repetitive calls of CRI Attach e.g., kubectl attach could increase the memory usage of containerd. Patches This bug has been fixed in the following containerd...
containerd CRI server: Host memory exhaustion through Attach goroutine leak
Impact A bug was found in containerd's CRI Attach implementation where a user can exhaust memory on the host due to goroutine leaks. Repetitive calls of CRI Attach e.g., kubectl attach could increase the memory usage of containerd. Patches This bug has been fixed in the following containerd...
Missing Release of Memory after Effective Lifetime
Overview Affected versions of this package are vulnerable to Missing Release of Memory after Effective Lifetime via the Attach functionality. An attacker can cause excessive memory consumption on the host by repeatedly initiating CRI Attach requests, leading to resource exhaustion due to goroutin...
Missing Release of Memory after Effective Lifetime
Overview Affected versions of this package are vulnerable to Missing Release of Memory after Effective Lifetime via the Attach functionality. An attacker can cause excessive memory consumption on the host by repeatedly initiating CRI Attach requests, leading to resource exhaustion due to goroutin...
Missing Release of Memory after Effective Lifetime
Overview Affected versions of this package are vulnerable to Missing Release of Memory after Effective Lifetime via the Attach functionality. An attacker can cause excessive memory consumption on the host by repeatedly initiating CRI Attach requests, leading to resource exhaustion due to goroutin...
Missing Release of Memory after Effective Lifetime
Overview Affected versions of this package are vulnerable to Missing Release of Memory after Effective Lifetime via the Attach functionality. An attacker can cause excessive memory consumption on the host by repeatedly initiating CRI Attach requests, leading to resource exhaustion due to goroutin...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990068)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990068 advisory. In the Linux kernel, the following vulnerability has been resolved: media: rc: bpf attach/detach requires write permission Note that bpf attach/detach also requires...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989012)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989012 advisory. In the Linux kernel, the following vulnerability has been resolved: media: mxl111sf: change mutexinit location Syzbot reported, that mxl111sfctrlmsg uses uninitializ...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989557)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989557 advisory. In the Linux kernel, the following vulnerability has been resolved: cgroup: Add missing cpusreadlock to cgroupattachtaskall syzbot is hitting...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988659)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988659 advisory. In the Linux kernel, the following vulnerability has been resolved: media: rc: bpf attach/detach requires write permission Note that bpf attach/detach also requires...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988767)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988767 advisory. In the Linux kernel, the following vulnerability has been resolved: driver: base: fix UAF when driverattach failed When driverattachdrv %NASLMINLEVEL 80900 C Tenabl...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: remoteproc: core: Releasing rproc-cleantable after rprocattach fails When rproc-state = RPROCDETACHED is attached to a remote processor through rprocattach, if rprochandleresources returns an error, the clean table should be...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: The issue related to comedi: a race between polling and detaching the device has been fixed. The syzbot report indicates a use-after-free in the comedi module. This occurs because comedi happily removes the allocated async area,...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: net: atm: Added lecmutex. The issue was discovered in net/atm/lec.c, and it was found that there is an error path in lecdattach, which may lead to a dangling pointer in devlec. A mutex was added to protect the usage of devlec...