Ubuntu 26.04 containerd Denial of Service Arbitrary Code Exec USN-8471-1

ubuntu

June 25, 2026

Several security issues were fixed in containerd.

Summary

Several security issues were fixed in containerd.

Software Description:

- containerd: open and reliable container runtime library

Details:

It was discovered that containerd incorrectly handled HTTP/2 SETTINGS

frames. A remote attacker could possibly use this issue to cause containerd

to enter an infinite loop, resulting in a denial of service. This issue

only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and

Ubuntu 22.04 LTS. (CVE-2026-33814)

Jakub Ciolek and Kyle Elliott discovered that containerd incorrectly

handled group parsing when creating containers from images. An attacker

could possibly use this issue to cause containerd to consume excessive

memory, resulting in a denial of service. (CVE-2026-47262)

Robert Prast discovered that containerd incorrectly propagated labels

from image configurations to containers. An attacker could possibly use

this issue to execute arbitrary code on the host. This issue only affected

Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubun...

Read the Full Advisory

Topics Covered

security advisory denial of service critical Ubuntu CVE containerd

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 26.04 LTS
  golang-github-containerd-containerd-api-dev  1.7.24~ds1-10ubuntu1+esm1
                                  Available with Ubuntu Pro
  golang-github-containerd-containerd-dev  1.7.24~ds1-10ubuntu1+esm1
                                  Available with Ubuntu Pro

Ubuntu 24.04 LTS
  golang-github-containerd-containerd-dev  1.6.24~ds1-1ubuntu1.3+esm3
                                  Available with Ubuntu Pro

Ubuntu 22.04 LTS
  golang-github-containerd-containerd-dev  1.6.12-0ubuntu1~22.04.11

Ubuntu 20.04 LTS
  golang-github-containerd-containerd-dev  1.6.12-0ubuntu1~20.04.8+esm2
                                  Available with Ubuntu Pro

Ubuntu 18.04 LTS
  containerd                      1.6.12-0ubuntu1~18.04.1+esm4
                                  Available with Ubuntu Pro
  golang-github-containerd-containerd-dev  1.6.12-0ubuntu1~18.04.1+esm4
                                  Available with Ubuntu Pro

Ubuntu 16.04 LTS
  containerd                      1.2.6-0ubuntu1~16.04.6+esm7
                                  Available with Ubuntu Pro
  golang-github-docker-containerd-dev  1.2.6-0ubuntu1~16.04.6+esm7
                                  Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-8471-1

CVE-2026-33814, CVE-2026-47262, CVE-2026-53488

Severity

critical

Lowest

Low

Medium

High

Critical

Ubuntu Security Notice USN-8471-1

Topics Covered

security advisory denial of service critical Ubuntu CVE containerd

Package Information

https://launchpad.net/ubuntu/+source/containerd/1.6.12-0ubuntu1~22.04.11

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Ubuntu 26.04 containerd Denial of Service Arbitrary Code Exec USN-8471-1

Summary

Topics Covered

Update Instructions

References

Topics Covered

Package Information

Get the latest News and Insights

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Ubuntu 26.04 containerd Denial of Service Arbitrary Code Exec USN-8471-1

Summary

Topics Covered

Update Instructions

References

Topics Covered

Package Information

Get the latest News and Insights

Related Articles

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!