Lucene search
+L

65 matches found

OSV
OSV
added 2026/07/09 12:52 p.m.3 views

OESA-2026-2929 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: ipc: limit nextid allocation to the valid ID range The checkpoint/restore sysctl path can request the next SysV IPC id through ids-nextid. ipcidralloc currently...

9.8CVSS6.1AI score0.00742EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/07/02 9:30 p.m.9 views

CVE-2026-53489

A flaw was found in containerd, an open-source container runtime. The Container Runtime Interface CRI plugin incorrectly restores container logs from a checkpoint image. This vulnerability, categorized as a Path Traversal CWE-61, allows an attacker to read arbitrary files on the host system by...

8.2CVSS5.9AI score0.00208EPSS
Exploits0References4
AlpineLinux
AlpineLinux
added 2026/07/01 6:10 p.m.9 views

CVE-2026-53489

containerd is an open-source container runtime. Versions prior to 2.3.2, 2.2.5 and 2.1.9 contain a bug where the CRI plugin restores container.log from a checkpoint image without validating a symlinked path. This could result in reading an arbitrary file on the host via kubectl logs. This issue h...

8.2CVSS5.9AI score0.00208EPSS
Exploits0
Cvelist
Cvelist
added 2026/07/01 6:10 p.m.40 views

CVE-2026-53489 containerd: Arbitrary host CRI log file read via symlink following in CRI checkpoint restore

containerd is an open-source container runtime. Versions prior to 2.3.2, 2.2.5 and 2.1.9 contain a bug where the CRI plugin restores container.log from a checkpoint image without validating a symlinked path. This could result in reading an arbitrary file on the host via kubectl logs. This issue h...

8.2CVSS0.00208EPSS
Exploits0References1
CVE
CVE
added 2026/07/01 6:10 p.m.53 views

CVE-2026-53489

CVE-2026-53489 affects containerd CRI: when checkpoint restore occurs, the CRI plugin may read a host file by following a symlink for container.log. Vulnerable versions are prior to 2.3.2, 2.2.5 and 2.1.9. Impact described as arbitrary host file read via kubectl logs, with LOCAL attack potential ...

8.2CVSS5.9AI score0.00208EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2026/07/01 6:10 p.m.3 views

CVE-2026-53489 containerd: Arbitrary host CRI log file read via symlink following in CRI checkpoint restore

containerd is an open-source container runtime. Versions prior to 2.3.2, 2.2.5 and 2.1.9 contain a bug where the CRI plugin restores container.log from a checkpoint image without validating a symlinked path. This could result in reading an arbitrary file on the host via kubectl logs. This issue h...

8.2CVSS6AI score0.00208EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/07/01 5:59 p.m.41 views

CVE-2026-53492 containerd CRI checkpoint restore CDI annotation smuggling

containerd is an open-source container runtime. In Versions prior to 2.3.2, 2.2.5 and 2.1.9, the CRI implementation improperly trusts Container Device Interface CDI annotations found within untrusted checkpoint image metadata during container restoration. When restoring a container from a...

8.4CVSS0.00412EPSS
Exploits0References1
CVE
CVE
added 2026/07/01 5:59 p.m.55 views

CVE-2026-53492

Summary: CVE-2026-53492 affects containerd’s CRI checkpoint restoration, where CDI annotations in untrusted checkpoint metadata are trusted, allowing injection of CDI edits (device nodes/host mounts) into restored containers if CDI is enabled and a matching host CDI spec exists. The issue affects...

9.6CVSS5.9AI score0.00412EPSS
Exploits0References1Affected Software1
RedHat Linux
RedHat Linux
added 2026/06/29 9:51 a.m.3 views

github.com/containerd/containerd: containerd: Arbitrary host file read via symlink following in CRI checkpoint restore

A flaw was found in containerd, an open-source container runtime. The Container Runtime Interface CRI plugin incorrectly restores container logs from a checkpoint image. This vulnerability, categorized as a Path Traversal CWE-61, allows an attacker to read arbitrary files on the host system by...

8.2CVSS6.1AI score0.00208EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/29 9:13 a.m.3 views

github.com/containerd/containerd: containerd: Arbitrary host file read via symlink following in CRI checkpoint restore

A flaw was found in containerd, an open-source container runtime. The Container Runtime Interface CRI plugin incorrectly restores container logs from a checkpoint image. This vulnerability, categorized as a Path Traversal CWE-61, allows an attacker to read arbitrary files on the host system by...

8.2CVSS6.1AI score0.00208EPSS
Exploits0References5
Amazon
Amazon
added 2026/06/29 12:0 a.m.7 views

Important: containerd

Issue Overview: Memory exhaustion DoS causing OOM kill of containerd process NOTE: https://github.com/containerd/containerd/security/advisories/GHSA-jpcc-p29g-p8mq CVE-2026-47262 Image cache poisoning via unvalidated checkpoint image references, enabling cross-pod code execution NOTE:...

9.9CVSS6AI score0.00412EPSS
Exploits0
NVD
NVD
added 2026/06/28 1:16 p.m.11 views

CVE-2026-13493

A flaw has been found in AIDC-AI ComfyUI-Copilot up to 2.0.28. This issue affects some unknown processing of the file backend/controller/conversationapi.py of the component Workflow Checkpoint Restore Handler. Executing a manipulation can lead to improper control of resource identifiers. The atta...

3.1CVSS0.00232EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/06/28 12:0 p.m.36 views

CVE-2026-13493 AIDC-AI ComfyUI-Copilot Workflow Checkpoint Restore conversation_api.py resource injection

A flaw has been found in AIDC-AI ComfyUI-Copilot up to 2.0.28. This issue affects some unknown processing of the file backend/controller/conversationapi.py of the component Workflow Checkpoint Restore Handler. Executing a manipulation can lead to improper control of resource identifiers. The atta...

3.1CVSS0.00232EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/06/28 12:0 p.m.10 views

CVE-2026-13493

A flaw has been found in AIDC-AI ComfyUI-Copilot up to 2.0.28. This issue affects some unknown processing of the file backend/controller/conversationapi.py of the component Workflow Checkpoint Restore Handler. Executing a manipulation can lead to improper control of resource identifiers. The atta...

3.1CVSS5.1AI score0.00232EPSS
Exploits0References7Affected Software1
EUVD
EUVD
added 2026/06/28 12:0 p.m.11 views

EUVD-2026-39992

A flaw has been found in AIDC-AI ComfyUI-Copilot up to 2.0.28. This issue affects some unknown processing of the file backend/controller/conversationapi.py of the component Workflow Checkpoint Restore Handler. Executing a manipulation can lead to improper control of resource identifiers. The atta...

3.1CVSS5.1AI score0.00232EPSS
Exploits0References7
CVE
CVE
added 2026/06/28 12:0 p.m.17 views

CVE-2026-13493

Technical details are not publicly available in the provided documents. Monitor for updates on affected components, remediation status, and any vendor advisories.

3.1CVSS5.1AI score0.00232EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-53143

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/amdkfd: Fix buffer overflow in SDMA queue checkpoint/restore on GFX11 The v11 MQD manager incorrectly assigned the CP-compute variants of...

7.8CVSS6.3AI score0.00142EPSS
Exploits0References3
Microsoft CVE
Microsoft CVE
added 2026/06/27 8:10 a.m.5 views

drm/amdkfd: Fix buffer overflow in SDMA queue checkpoint/restore on GFX11

...

7.8CVSS5.8AI score0.00142EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/06/26 2:12 a.m.8 views

SUSE CVE-2026-53143

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix buffer overflow in SDMA queue checkpoint/restore on GFX11 The v11 MQD manager incorrectly assigned the CP-compute variants of checkpointmqd/restoremqd for KFDMQDTYPESDMA queues. These functions use sizeofstruct...

7CVSS6AI score0.00142EPSS
Exploits0References3
OSV
OSV
added 2026/06/25 10:34 p.m.8 views

GO-2026-5622 Arbitrary host CRI log file read via symlink following in CRI checkpoint restore in github.com/containerd/containerd

Arbitrary host CRI log file read via symlink following in CRI checkpoint restore in github.com/containerd/containerd...

8.2CVSS5.8AI score0.00208EPSS
Exploits0References1
Rows per page
Query Builder