Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2024-40635

Опубликовано: 17 мар. 2025
Источник: nvd
CVSS3: 4.6
CVSS3: 7.8
EPSS Низкий

Описание

containerd is an open-source container runtime. A bug was found in containerd prior to versions 1.6.38, 1.7.27, and 2.0.4 where containers launched with a User set as a UID:GID larger than the maximum 32-bit signed integer can cause an overflow condition where the container ultimately runs as root (UID 0). This could cause unexpected behavior for environments that require containers to run as a non-root user. This bug has been fixed in containerd 1.6.38, 1.7.27, and 2.04. As a workaround, ensure that only trusted images are used and that only trusted users have permissions to import images.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:linuxfoundation:containerd:*:*:*:*:*:*:*:*
Версия до 1.6.38 (исключая)
cpe:2.3:a:linuxfoundation:containerd:*:*:*:*:*:*:*:*
Версия от 1.7.0 (включая) до 1.7.27 (исключая)
cpe:2.3:a:linuxfoundation:containerd:*:*:*:*:*:*:*:*
Версия от 2.0.0 (включая) до 2.0.4 (исключая)
Конфигурация 2
cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*

EPSS

Процентиль: 2%
0.00014
Низкий

4.6 Medium

CVSS3

7.8 High

CVSS3

Дефекты

CWE-190

Связанные уязвимости

ubuntu логотип

CVE-2024-40635

CVSS3: 4.6
ubuntu
11 месяцев назад

containerd is an open-source container runtime. A bug was found in containerd prior to versions 1.6.38, 1.7.27, and 2.0.4 where containers launched with a User set as a `UID:GID` larger than the maximum 32-bit signed integer can cause an overflow condition where the container ultimately runs as root (UID 0). This could cause unexpected behavior for environments that require containers to run as a non-root user. This bug has been fixed in containerd 1.6.38, 1.7.27, and 2.04. As a workaround, ensure that only trusted images are used and that only trusted users have permissions to import images.

redhat логотип

CVE-2024-40635

CVSS3: 4.6
redhat
11 месяцев назад

containerd is an open-source container runtime. A bug was found in containerd prior to versions 1.6.38, 1.7.27, and 2.0.4 where containers launched with a User set as a `UID:GID` larger than the maximum 32-bit signed integer can cause an overflow condition where the container ultimately runs as root (UID 0). This could cause unexpected behavior for environments that require containers to run as a non-root user. This bug has been fixed in containerd 1.6.38, 1.7.27, and 2.04. As a workaround, ensure that only trusted images are used and that only trusted users have permissions to import images.

msrc логотип

CVE-2024-40635

CVSS3: 4.6
msrc
9 месяцев назад

Описание отсутствует

debian логотип

CVE-2024-40635

CVSS3: 4.6
debian
11 месяцев назад

containerd is an open-source container runtime. A bug was found in con ...

suse-cvrf логотип

SUSE-SU-2025:1346-1

suse-cvrf
10 месяцев назад

Security update for containerd

EPSS

Процентиль: 2%
0.00014
Низкий

4.6 Medium

CVSS3

7.8 High

CVSS3

Дефекты

CWE-190