CLSA-2026-1775825437 grafana: Fix of CVE-2026-21720

CVE-2026-21720: fix denial of service by preventing goroutine leaks and memory exhaustion triggered by unauthenticated avatar cache requests...

CLSA-2026-1775824794 grafana: Fix of CVE-2026-21720

CVE-2026-21720: fix denial of service by preventing goroutine leaks and memory exhaustion triggered by unauthenticated avatar cache requests...

Uncontrolled Resource Consumption

github.com/containerd/containerd is vulnerable to uncontrolled resource consumption. The vulnerability is due to goroutine leaks in the attach mechanism, which allows an attacker to exhaust host memory by repeatedly initiating attach requests...

Missing Release of Resource after Effective Lifetime

Overview github.com/grafana/grafana/pkg/api/avatar is a tool for beautiful monitoring and metric analytics & dashboards for Graphite, InfluxDB & Prometheus & More. Affected versions of this package are vulnerable to Missing Release of Resource after Effective Lifetime via the /avatar/:hash...

Security update for containerd

This update for containerd fixes the following issues: Update to containerd v1.7.29 CVE-2024-25621: Fixed an overly broad default permission vulnerability. bsc1253126 CVE-2025-64329: Fixed a goroutine leaks which can lead to memory exhaustion on the host. bsc1253132 Patch Instructions: To install...

CVE-2025-64329

A flaw was found in containerd. This vulnerability allows a user to exhaust memory on the host due to goroutine leaks via a bug in the CRI Container Runtime Interface Attach implementation...

SUSE-SU-2025:21057-1 Security update for containerd

This update for containerd fixes the following issues: - CVE-2024-25621: Fixed overly broad default permission vulnerability bsc1253126. - CVE-2025-64329: Fixed goroutine leaks can lead to memory exhaustion on the host bsc1253132...

SUSE-SU-2025:21042-1 Security update for containerd

This update for containerd fixes the following issues: Update to containerd v1.7.29: - CVE-2024-25621: Fixed overly broad default permission vulnerability bsc1253126. - CVE-2025-64329: Fixed goroutine leaks that could have led to memory exhaustion on the host bsc1253132...

SUSE SLES12 Security Update : containerd (SUSE-SU-2025:4072-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4072-1 advisory. - Update to containerd v1.7.29 - CVE-2024-25621: Fixed an overly broad default permission vulnerability. bsc1253126 - CVE-2025-64329: Fixed a...

Security update for containerd

This update for containerd fixes the following issues: Update to containerd v1.7.29 CVE-2024-25621: Fixed an overly broad default permission vulnerability. bsc1253126 CVE-2025-64329: Fixed a goroutine leaks which can lead to memory exhaustion on the host. bsc1253132 Patch Instructions: To install...

SUSE-SU-2025:4072-1 Security update for containerd

This update for containerd fixes the following issues: - Update to containerd v1.7.29 - CVE-2024-25621: Fixed an overly broad default permission vulnerability. bsc1253126 - CVE-2025-64329: Fixed a goroutine leaks which can lead to memory exhaustion on the host. bsc1253132...

CVE-2025-64329

containerd is an open-source container runtime. Versions 1.7.28 and below, 2.0.0-beta.0 through 2.0.6, 2.1.0-beta.0 through 2.1.4, and 2.2.0-beta.0 through 2.2.0-rc.1 contain a bug in the CRI Attach implementation where a user can exhaust memory on the host due to goroutine leaks. This issue is...

UBUNTU-CVE-2025-64329

containerd is an open-source container runtime. Versions 1.7.28 and below, 2.0.0-beta.0 through 2.0.6, 2.1.0-beta.0 through 2.1.4, and 2.2.0-beta.0 through 2.2.0-rc.1 contain a bug in the CRI Attach implementation where a user can exhaust memory on the host due to goroutine leaks. This issue is...

CVE-2025-64329

containerd is an open-source container runtime. Versions 1.7.28 and below, 2.0.0-beta.0 through 2.0.6, 2.1.0-beta.0 through 2.1.4, and 2.2.0-beta.0 through 2.2.0-rc.1 contain a bug in the CRI Attach implementation where a user can exhaust memory on the host due to goroutine leaks. This issue is...