Описание
Security update for containerd
This update for containerd fixes the following issues:
- CVE-2024-40635: Fixed integer overflow in User ID handling (bsc#1239749)
Other fixes:
- Update to containerd v1.7.27.
Список пакетов
SUSE Linux Enterprise Server LTSS Extended Security 12 SP5
containerd-1.7.27-16.100.1
containerd-ctr-1.7.27-16.100.1
containerd-devel-1.7.27-16.100.1
Ссылки
- Link for SUSE-SU-2025:1346-1
- E-Mail link for SUSE-SU-2025:1346-1
- SUSE Security Ratings
- SUSE Bug 1239749
- SUSE CVE CVE-2024-40635 page
Описание
containerd is an open-source container runtime. A bug was found in containerd prior to versions 1.6.38, 1.7.27, and 2.0.4 where containers launched with a User set as a `UID:GID` larger than the maximum 32-bit signed integer can cause an overflow condition where the container ultimately runs as root (UID 0). This could cause unexpected behavior for environments that require containers to run as a non-root user. This bug has been fixed in containerd 1.6.38, 1.7.27, and 2.04. As a workaround, ensure that only trusted images are used and that only trusted users have permissions to import images.
Затронутые продукты
SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:containerd-1.7.27-16.100.1
SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:containerd-ctr-1.7.27-16.100.1
SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:containerd-devel-1.7.27-16.100.1
Ссылки
- CVE-2024-40635
- SUSE Bug 1239749