OESA-2026-1271 runc security update

runc is a CLI tool for spawning and running containers according to the OCI specification. Security Fixes: A denial-of-service vulnerability exists in github.com/sirupsen/logrus when using Entry.Writer to log a single-line payload larger than 64KB without newline characters. Due to limitations in...

MiracleLinux 8 : container-tools:3.0 (AXSA:2022-4431:02)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-4431:02 advisory. golang: net/http: improper sanitization of Transfer-Encoding header CVE-2022-1705 cri-o: memory exhaustion on the node when access to the kube api...

[SECURITY] Fedora 43 Update: cri-o1.34-1.34.2-1.fc43

Open Container Initiative-based implementation of Kubernetes Container Runtime Interface...

[SECURITY] Fedora 43 Update: cri-o1.32-1.32.10-1.fc43

Open Container Initiative-based implementation of Kubernetes Container Runtime Interface...

[SECURITY] Fedora 42 Update: cri-o1.34-1.34.2-1.fc42

Open Container Initiative-based implementation of Kubernetes Container Runtime Interface...

[SECURITY] Fedora 42 Update: cri-o1.32-1.32.10-1.fc42

Open Container Initiative-based implementation of Kubernetes Container Runtime Interface...

[SECURITY] Fedora 41 Update: cri-o1.34-1.34.2-1.fc41

Open Container Initiative-based implementation of Kubernetes Container Runtime Interface...

[SECURITY] Fedora 41 Update: cri-o1.32-1.32.10-1.fc41

Open Container Initiative-based implementation of Kubernetes Container Runtime Interface...

Fedora 42 : cri-o1.34 (2025-1e7710541e)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-1e7710541e advisory. - Update to release 1.34.2 - Resolves: rhbz2407595, rhbz2407866, rhbz2408142, rhbz2408577 - Resolves: rhbz2408640, rhbz2408703, rhbz2409050,...

TencentOS Server 4: crun (TSSA-2025:0244)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0244 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

RHEL 9 : podman (RHSA-2025:21702)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:21702 advisory. The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods...

GO-2025-4100 containerd affected by a local privilege escalation via wide permissions on CRI directory in github.com/containerd/containerd

containerd affected by a local privilege escalation via wide permissions on CRI directory in github.com/containerd/containerd...

[SECURITY] Fedora 41 Update: containerd-1.7.29-1.fc41

Containerd is an industry-standard container runtime with an emphasis on simplicity, robustness and portability. It is available as a daemon for Linux and Windows, which can manage the complete container lifecycle of its host system: image transfer and storage, container execution and supervision...

[SECURITY] Fedora 43 Update: containerd-2.1.5-1.fc43

Containerd is an industry-standard container runtime with an emphasis on simplicity, robustness and portability. It is available as a daemon for Linux and Windows, which can manage the complete container lifecycle of its host system: image transfer and storage, container execution and supervision...

[SECURITY] Fedora 42 Update: runc-1.3.3-1.fc42

The runc command can be used to start containers which are packaged in accordance with the Open Container Initiative's specifications, and to manage containers running under runc...

AZL-70316 CVE-2025-47913 affecting package cri-o 1.30.1-1

SSH clients receiving SSHAGENTSUCCESS when expecting a typed response will panic and cause early termination of the client process...

containerd affected by a local privilege escalation via wide permissions on CRI directory

...

SUSE CVE-2025-64329

containerd is an open-source container runtime. Versions 1.7.28 and below, 2.0.0-beta.0 through 2.0.6, 2.1.0-beta.0 through 2.1.4, and 2.2.0-beta.0 through 2.2.0-rc.1 contain a bug in the CRI Attach implementation where a user can exhaust memory on the host due to goroutine leaks. This issue is...

AZL-69976 CVE-2025-64329 affecting package moby-containerd-cc for versions less than 1.7.7-13

containerd is an open-source container runtime. Versions 1.7.28 and below, 2.0.0-beta.0 through 2.0.6, 2.1.0-beta.0 through 2.1.4, and 2.2.0-beta.0 through 2.2.0-rc.1 contain a bug in the CRI Attach implementation where a user can exhaust memory on the host due to goroutine leaks. This issue is...

AZL-69745 CVE-2025-64329 affecting package moby-containerd-cc for versions less than 1.7.7-10

containerd is an open-source container runtime. Versions 1.7.28 and below, 2.0.0-beta.0 through 2.0.6, 2.1.0-beta.0 through 2.1.4, and 2.2.0-beta.0 through 2.2.0-rc.1 contain a bug in the CRI Attach implementation where a user can exhaust memory on the host due to goroutine leaks. This issue is...