CVE-2025-64329

Medium CVSS: 6.9

containerd is an open-source container runtime. Versions 1.7.28 and below, 2.0.0-beta.0 through 2.0.6, 2.1.0-beta.0 through 2.1.4, and 2.2.0-beta.0 through 2.2.0-rc.1 contain a bug in the CRI Attach implementation where a user can exhaust memory on the host due to goroutine leaks. This issue is fixed in versions 1.7.29, 2.0.7, 2.1.5 and 2.2.0. To workaround this vulnerability, users can set up an admission controller to control accesses to pods/attach resources.

Vendor

Linuxfoundation

Product

Containerd

CWE

CWE-401

Yayın Tarihi

2025-11-07 05:16:08

Güncelleme

2025-12-31 18:34:48

Source Identifier

security-advisories@github.com

KEV Date Added

Kategoriler

CWE-401 Containerd MEDIUM Linuxfoundation 2025

Referanslar

https://github.com/containerd/containerd/commit/083b53cd6f19b5de7717b0ce92c11bdf95e612df https://github.com/containerd/containerd/security/advisories/GHSA-m6hq-p25p-ffr2

Benzer Kayıtlar

Critical

CVE-2026-33701

OpenTelemetry Java Instrumentation provides OpenTelemetry auto-instrumentation and instrumentation libraries for Java. I…

Medium

CVE-2026-33015

EVerest is an EV charging software stack. Prior to version 2026.02.0, even immediately after CSMS performs a RemoteStop…

High

CVE-2026-33009

EVerest is an EV charging software stack. Versions prior to 2026.02.0 have a data race leading to C++ UB (potential memo…

Medium

CVE-2026-33014

EVerest is an EV charging software stack. Prior to version 2026.02.0, during RemoteStop processing, a delayed authorizat…

Medium

CVE-2026-27815

EVerest is an EV charging software stack. Prior to versions to 2026.02.0, ISO15118_chargerImpl::handle_session_setup cop…

Medium

CVE-2026-27816

EVerest is an EV charging software stack. Prior to versions to 2026.02.0, ISO15118_chargerImpl::handle_update_energy_tra…