CNNVD-202511-819 Information

Nov 07, 2025 cve

CNNVD ID

CNNVD-202511-819

CVE-2025-64329

CNNVD Published: 2025-11-07

Description (Chinese)

containerd是containerd开源的一个行业标准的容器运行时。 containerd 1.7.28及之前版本、2.0.0-beta.0版本至2.0.6版本、2.1.0-beta.0版本至2.1.4版本和2.2.0-beta.0版本至2.2.0-rc.1版本存在安全漏洞，该漏洞源于CRI Attach实现中存在goroutine泄漏问题，可能导致主机内存耗尽。

Description (English)

Containerd is an industry standard for the open source of containerd. There is a security loophole in the containerd 1.7.28 et seq., 2.0.0-beta.0 to 2.0.6, 2.1.0-beta.0 to 2.1.4 and 2.2.0-beta.0 to 2.2.0-rc.1, resulting from the Goroutine leak in the implementation of CRI Attach, which may lead to the depletion of the mainframe memory.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

containerd

Published

2025-11-07

Last Modified

2026-02-24

References

https://github.com/containerd/containerd/commit/083b53cd6f19b5de7717b0ce92c11bdf95e612df https://github.com/containerd/containerd/security/advisories/GHSA-m6hq-p25p-ffr2 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-64329 https://vigilance.fr/vulnerability/containerd-memory-leak-via-CRI-Attach-48739

Patch

https://github.com/containerd/containerd/releases

Share on: