CNNVD-202511-521 Information
CNNVD ID
CNNVD-202511-521
Related CVE
- CNNVD Published: 2025-11-06
Description (Chinese)
containerd是containerd开源的一个行业标准的容器运行时。 containerd 0.1.0版本至1.7.28版本、2.0.0-beta.0版本至2.0.6版本、2.1.0-beta.0版本至2.1.4版本和2.2.0-beta.0版本至2.2.0-rc.1版本存在安全漏洞,该漏洞源于目录路径/var/lib/containerd、/run/containerd/io.containerd.grpc.v1.cri和/run/containerd/io.containerd.sandbox.controller.v1.shim的权限设置不当。
Description (English)
Containerd is an industry standard for the open source of containerd. Versions 0.1.0 to 1.7.28, 2.0-beta.0 to 2.0.6, 2.1.0-beta.0 to 2.1.4 and 2.2.0-beta.0 to 2.2.0-rc.1 contain security loopholes stemming from inappropriate authorization settings for directory paths/var/lib/containerd/io.containerd.grpc.v1.cri and/run/containerd/io.containerd.sandbox.controller.v1.shim.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
containerd
Published
2025-11-06
Last Modified
2026-02-24
References
https://github.com/containerd/containerd/blob/main/docs/rootless.md https://github.com/containerd/containerd/commit/7c59e8e9e970d38061a77b586b23655c352bfec5 https://github.com/containerd/containerd/security/advisories/GHSA-pwhc-rpq9-4c8w https://vigilance.fr/vulnerability/containerd-read-write-access-via-Directory-Permissions-48738 https://access.redhat.com/security/cve/cve-2024-25621 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-25621
Patch
https://containerd.io/downloads/
Share on: