CVE-2022-31030

Several security issues were fixed in containerd ...

Two vulnerabilities were discovered in the containerd container runtime, which could result in denial of service or incomplete restriction of capabilities For the stable distribution (bullseye), these problems have been fixed in version 1413~ds1-1~deb11u2 We recommend that you upgrade your containerd packages For the detailed security status o ...

A bug was found in containerd's CRI implementation where programs inside a container can cause the containerd daemon to consume memory without bound during invocation of the ExecSync API This can cause containerd to consume all available memory on the computer, denying service to other legitimate workloads Kubernetes and crictl can both be config ...

A bug was found in containerd's CRI implementation where programs inside a container can cause the containerd daemon to consume memory without bound during invocation of the ExecSync API This can cause containerd to consume all available memory on the computer, denying service to other legitimate workloads Kubernetes and crictl can both be config ...

A bug was found in containerd's CRI implementation where programs inside a container can cause the containerd daemon to consume memory without bound during invocation of the ExecSync API This can cause containerd to consume all available memory on the computer, denying service to other legitimate workloads Kubernetes and crictl can both be config ...

programs inside a container can cause the containerd daemon to consume memory without bound during invocation of the ExecSync API and cause containerd to consume all available memory on the computer ...

A bug was found in containerd's CRI implementation where programs inside a container can cause the containerd daemon to consume memory without bound during invocation of the ExecSync API This can cause containerd to consume all available memory on the computer, denying service to other legitimate workloads Kubernetes and crictl can both be config ...

A bug was found in containerd's CRI implementation where programs inside a container can cause the containerd daemon to consume memory without bound during invocation of the ExecSync API This can cause containerd to consume all available memory on the computer, denying service to other legitimate workloads Kubernetes and crictl can both be config ...

A bug was found in containerd where containers launched through containerd's CRI implementation with a specially-crafted image configuration could gain access to read-only copies of arbitrary files and directories on the host This may bypass any policy-based enforcement on container setup (including a Kubernetes Pod Security Policy) and expose pot ...