Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

Fedora 41: Critical Advisory for containerd Update v1.7.29 Threats

fedora
Calendar Grey November 15, 2025
Dist Fedora Esm H88
Update to containerd v1.7.29 for Fedora 41 addresses critical issues and enhances container runtime reliability.
Update to v1.7.29

Summary

Containerd is an industry-standard container runtime with an emphasis on

simplicity, robustness and portability. It is available as a daemon for Linux

and Windows, which can manage the complete container lifecycle of its host

system: image transfer and storage, container execution and supervision,

low-level storage and network attachments, etc.

Update Information:

Update to v1.7.29

Topics%20covered

Topics Covered

security advisory fedora update remote code execution CVE containerd

Change Log

* Thu Nov 6 2025 Bradley G Smith - 1.7.29-1 - Update to v1.7.29 - Resolves: GHSA-pwhc-rpq9-4c8w (CVE-2024-25621) - Resolves: GHSA-m6hq-p25p-ffr2 - Resolves: rhbz#2352144, rhbz#2398401, rhbz#2407587, rhbz#2408565 - Resolves: rhbz#2409042, rhbz#2409990, rhbz#2410922, rhbz#2412519 - Upstream fixes * Sat Jul 26 2025 Bradley G Smith - 1.7.28-1 - Update to release v1.7.28 - Resolves: rhbz#2352144 - Upstream fixes

References


[ 1 ] Bug #2352144 - CVE-2025-22870 containerd: HTTP Proxy bypass using IPv6 Zone IDs in golang.org/x/net [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2352144 [ 2 ] Bug #2398401 - CVE-2025-47910 containerd: CrossOriginProtection bypass in net/http [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2398401 [ 3 ] Bug #2407587 - CVE-2025-58189 containerd: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2407587 [ 4 ] Bug #2408565 - CVE-2025-61725 containerd: Excessive CPU consumption in ParseAddress in net/mail [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2408565 [ 5 ] Bug #2409042 - CVE-2025-61723 containerd: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2409042 [ 6 ] Bug #2409990 - CVE-2025-58185 containerd: Parsing DER payload can ca...

Read the Full Advisory

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-80ed98504b' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: containerd
Product: Fedora 41
Version: 1.7.29
Release: 1.fc41
URL: https://github.com/containerd/containerd
Summary: An open and reliable container runtime

Topics%20covered

Topics Covered

security advisory fedora update remote code execution CVE containerd

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here