Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 573
Alerts This Week
Warning Icon 1 573

Ubuntu 20.10 & 20.04 LTS USN-4881-1 Moderate: Containerd Data Exposure

ubuntu
Calendar Grey March 17, 2021
Dist Ubuntu Esm H88
The Ubuntu Security Notice USN-4881-1 addresses a vulnerability within containerd that may lead to potential data leaks; prompt updates are advised.
The system could be made to expose sensitive information.

Summary

The system could be made to expose sensitive information.

Software Description:

- containerd: daemon to control runC

Details:

It was discovered that containerd incorrectly handled certain environment

variables. Contrary to expectations, a container could receive environment

variables defined for a different container, possibly containing sensitive

information.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 20.10:
  containerd                      1.3.7-0ubuntu3.3

Ubuntu 20.04 LTS:
  containerd                      1.3.3-0ubuntu2.3

After a standard system update you need to restart containerd to make
all the necessary changes.

References

https://ubuntu.com/security/notices/USN-4881-1

CVE-2021-21334

March 17, 2021

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.