Explore top 10 tips to secure your open-source projects now. Read More
×
containerd would allow unintended access to files.
Software Description:
- containerd: daemon to control runC
Details:
It was discovered that containerd insufficiently restricted permissions on
container root and plugin directories. If a user or automated system were
tricked into launching a specially crafted container image, a remote
attacker could traverse directory contents and modify files and execute
programs on the host filesystem, possibly leading to privilege escalation.
The problem can be corrected by updating your system to the following package versions: Ubuntu 21.04: containerd 1.5.2-0ubuntu1~21.04.3 Ubuntu 20.04 LTS: containerd 1.5.2-0ubuntu1~20.04.3 Ubuntu 18.04 LTS: containerd 1.5.2-0ubuntu1~18.04.3 After a standard system update you need to restart containerd to make all the necessary changes.
https://ubuntu.com/security/notices/USN-5100-1
CVE-2021-41103
Get the latest Linux and open source security news straight to your inbox.