Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2024-25621 (GCVE-0-2024-25621)
Vulnerability from cvelistv5 – Published: 2025-11-06 18:36 – Updated: 2025-11-06 19:35
VLAI?
EPSS
Summary
containerd is an open-source container runtime. Versions 0.1.0 through 1.7.28, 2.0.0-beta.0 through 2.0.6, 2.1.0-beta.0 through 2.1.4 and 2.2.0-beta.0 through 2.2.0-rc.1 have an overly broad default permission vulnerability. Directory paths `/var/lib/containerd`, `/run/containerd/io.containerd.grpc.v1.cri` and `/run/containerd/io.containerd.sandbox.controller.v1.shim` were all created with incorrect permissions. This issue is fixed in versions 1.7.29, 2.0.7, 2.1.5 and 2.2.0. Workarounds include updating system administrator permissions so the host can manually chmod the directories to not have group or world accessible permissions, or to run containerd in rootless mode.
Severity ?
7.3 (High)
CWE
- CWE-279 - Incorrect Execution-Assigned Permissions
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| containerd | containerd |
Affected:
< 1.7.29
Affected: >= 2.0.0-beta.0, < 2.0.7 Affected: >= 2.1.0-beta.0, < 2.1.5 Affected: >= 2.2.0-beta.0, < 2.2.0 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-25621",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-06T19:34:44.710425Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-06T19:35:13.415Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "containerd",
"vendor": "containerd",
"versions": [
{
"status": "affected",
"version": "\u003c 1.7.29"
},
{
"status": "affected",
"version": "\u003e= 2.0.0-beta.0, \u003c 2.0.7"
},
{
"status": "affected",
"version": "\u003e= 2.1.0-beta.0, \u003c 2.1.5"
},
{
"status": "affected",
"version": "\u003e= 2.2.0-beta.0, \u003c 2.2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "containerd is an open-source container runtime. Versions 0.1.0 through 1.7.28, 2.0.0-beta.0 through 2.0.6, 2.1.0-beta.0 through 2.1.4 and 2.2.0-beta.0 through 2.2.0-rc.1 have an overly broad default permission vulnerability. Directory paths `/var/lib/containerd`, `/run/containerd/io.containerd.grpc.v1.cri` and `/run/containerd/io.containerd.sandbox.controller.v1.shim` were all created with incorrect permissions. This issue is fixed in versions 1.7.29, 2.0.7, 2.1.5 and 2.2.0. Workarounds include updating system administrator permissions so the host can manually chmod the directories to not have group or world accessible permissions, or to run containerd in rootless mode."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-279",
"description": "CWE-279: Incorrect Execution-Assigned Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-06T18:36:21.566Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/containerd/containerd/security/advisories/GHSA-pwhc-rpq9-4c8w",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/containerd/containerd/security/advisories/GHSA-pwhc-rpq9-4c8w"
},
{
"name": "https://github.com/containerd/containerd/commit/7c59e8e9e970d38061a77b586b23655c352bfec5",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/containerd/containerd/commit/7c59e8e9e970d38061a77b586b23655c352bfec5"
},
{
"name": "https://github.com/containerd/containerd/blob/main/docs/rootless.md",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/containerd/containerd/blob/main/docs/rootless.md"
}
],
"source": {
"advisory": "GHSA-pwhc-rpq9-4c8w",
"discovery": "UNKNOWN"
},
"title": "containerd affected by a local privilege escalation via wide permissions on CRI directory"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-25621",
"datePublished": "2025-11-06T18:36:21.566Z",
"dateReserved": "2024-02-08T22:26:33.511Z",
"dateUpdated": "2025-11-06T19:35:13.415Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2024-25621\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2025-11-06T19:15:40.090\",\"lastModified\":\"2025-11-06T19:45:09.883\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"containerd is an open-source container runtime. Versions 0.1.0 through 1.7.28, 2.0.0-beta.0 through 2.0.6, 2.1.0-beta.0 through 2.1.4 and 2.2.0-beta.0 through 2.2.0-rc.1 have an overly broad default permission vulnerability. Directory paths `/var/lib/containerd`, `/run/containerd/io.containerd.grpc.v1.cri` and `/run/containerd/io.containerd.sandbox.controller.v1.shim` were all created with incorrect permissions. This issue is fixed in versions 1.7.29, 2.0.7, 2.1.5 and 2.2.0. Workarounds include updating system administrator permissions so the host can manually chmod the directories to not have group or world accessible permissions, or to run containerd in rootless mode.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":7.3,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.3,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-279\"}]}],\"references\":[{\"url\":\"https://github.com/containerd/containerd/blob/main/docs/rootless.md\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/containerd/containerd/commit/7c59e8e9e970d38061a77b586b23655c352bfec5\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/containerd/containerd/security/advisories/GHSA-pwhc-rpq9-4c8w\",\"source\":\"security-advisories@github.com\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-25621\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-11-06T19:34:44.710425Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-11-06T19:35:07.716Z\"}}], \"cna\": {\"title\": \"containerd affected by a local privilege escalation via wide permissions on CRI directory\", \"source\": {\"advisory\": \"GHSA-pwhc-rpq9-4c8w\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.3, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"vendor\": \"containerd\", \"product\": \"containerd\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003c 1.7.29\"}, {\"status\": \"affected\", \"version\": \"\u003e= 2.0.0-beta.0, \u003c 2.0.7\"}, {\"status\": \"affected\", \"version\": \"\u003e= 2.1.0-beta.0, \u003c 2.1.5\"}, {\"status\": \"affected\", \"version\": \"\u003e= 2.2.0-beta.0, \u003c 2.2.0\"}]}], \"references\": [{\"url\": \"https://github.com/containerd/containerd/security/advisories/GHSA-pwhc-rpq9-4c8w\", \"name\": \"https://github.com/containerd/containerd/security/advisories/GHSA-pwhc-rpq9-4c8w\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/containerd/containerd/commit/7c59e8e9e970d38061a77b586b23655c352bfec5\", \"name\": \"https://github.com/containerd/containerd/commit/7c59e8e9e970d38061a77b586b23655c352bfec5\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/containerd/containerd/blob/main/docs/rootless.md\", \"name\": \"https://github.com/containerd/containerd/blob/main/docs/rootless.md\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"containerd is an open-source container runtime. Versions 0.1.0 through 1.7.28, 2.0.0-beta.0 through 2.0.6, 2.1.0-beta.0 through 2.1.4 and 2.2.0-beta.0 through 2.2.0-rc.1 have an overly broad default permission vulnerability. Directory paths `/var/lib/containerd`, `/run/containerd/io.containerd.grpc.v1.cri` and `/run/containerd/io.containerd.sandbox.controller.v1.shim` were all created with incorrect permissions. This issue is fixed in versions 1.7.29, 2.0.7, 2.1.5 and 2.2.0. Workarounds include updating system administrator permissions so the host can manually chmod the directories to not have group or world accessible permissions, or to run containerd in rootless mode.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-279\", \"description\": \"CWE-279: Incorrect Execution-Assigned Permissions\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2025-11-06T18:36:21.566Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2024-25621\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-11-06T19:35:13.415Z\", \"dateReserved\": \"2024-02-08T22:26:33.511Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2025-11-06T18:36:21.566Z\", \"assignerShortName\": \"GitHub_M\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
OPENSUSE-SU-2025:15726-1
Vulnerability from csaf_opensuse - Published: 2025-11-11 00:00 - Updated: 2025-11-11 00:00Summary
containerd-1.7.29-1.1 on GA media
Notes
Title of the patch
containerd-1.7.29-1.1 on GA media
Description of the patch
These are all security issues fixed in the containerd-1.7.29-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2025-15726
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "containerd-1.7.29-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the containerd-1.7.29-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15726",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15726-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-25621 page",
"url": "https://www.suse.com/security/cve/CVE-2024-25621/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-64329 page",
"url": "https://www.suse.com/security/cve/CVE-2025-64329/"
}
],
"title": "containerd-1.7.29-1.1 on GA media",
"tracking": {
"current_release_date": "2025-11-11T00:00:00Z",
"generator": {
"date": "2025-11-11T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15726-1",
"initial_release_date": "2025-11-11T00:00:00Z",
"revision_history": [
{
"date": "2025-11-11T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "containerd-1.7.29-1.1.aarch64",
"product": {
"name": "containerd-1.7.29-1.1.aarch64",
"product_id": "containerd-1.7.29-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "containerd-ctr-1.7.29-1.1.aarch64",
"product": {
"name": "containerd-ctr-1.7.29-1.1.aarch64",
"product_id": "containerd-ctr-1.7.29-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "containerd-devel-1.7.29-1.1.aarch64",
"product": {
"name": "containerd-devel-1.7.29-1.1.aarch64",
"product_id": "containerd-devel-1.7.29-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "containerd-1.7.29-1.1.ppc64le",
"product": {
"name": "containerd-1.7.29-1.1.ppc64le",
"product_id": "containerd-1.7.29-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "containerd-ctr-1.7.29-1.1.ppc64le",
"product": {
"name": "containerd-ctr-1.7.29-1.1.ppc64le",
"product_id": "containerd-ctr-1.7.29-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "containerd-devel-1.7.29-1.1.ppc64le",
"product": {
"name": "containerd-devel-1.7.29-1.1.ppc64le",
"product_id": "containerd-devel-1.7.29-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "containerd-1.7.29-1.1.s390x",
"product": {
"name": "containerd-1.7.29-1.1.s390x",
"product_id": "containerd-1.7.29-1.1.s390x"
}
},
{
"category": "product_version",
"name": "containerd-ctr-1.7.29-1.1.s390x",
"product": {
"name": "containerd-ctr-1.7.29-1.1.s390x",
"product_id": "containerd-ctr-1.7.29-1.1.s390x"
}
},
{
"category": "product_version",
"name": "containerd-devel-1.7.29-1.1.s390x",
"product": {
"name": "containerd-devel-1.7.29-1.1.s390x",
"product_id": "containerd-devel-1.7.29-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "containerd-1.7.29-1.1.x86_64",
"product": {
"name": "containerd-1.7.29-1.1.x86_64",
"product_id": "containerd-1.7.29-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "containerd-ctr-1.7.29-1.1.x86_64",
"product": {
"name": "containerd-ctr-1.7.29-1.1.x86_64",
"product_id": "containerd-ctr-1.7.29-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "containerd-devel-1.7.29-1.1.x86_64",
"product": {
"name": "containerd-devel-1.7.29-1.1.x86_64",
"product_id": "containerd-devel-1.7.29-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.7.29-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:containerd-1.7.29-1.1.aarch64"
},
"product_reference": "containerd-1.7.29-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.7.29-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:containerd-1.7.29-1.1.ppc64le"
},
"product_reference": "containerd-1.7.29-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.7.29-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:containerd-1.7.29-1.1.s390x"
},
"product_reference": "containerd-1.7.29-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.7.29-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:containerd-1.7.29-1.1.x86_64"
},
"product_reference": "containerd-1.7.29-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-ctr-1.7.29-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:containerd-ctr-1.7.29-1.1.aarch64"
},
"product_reference": "containerd-ctr-1.7.29-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-ctr-1.7.29-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:containerd-ctr-1.7.29-1.1.ppc64le"
},
"product_reference": "containerd-ctr-1.7.29-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-ctr-1.7.29-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:containerd-ctr-1.7.29-1.1.s390x"
},
"product_reference": "containerd-ctr-1.7.29-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-ctr-1.7.29-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:containerd-ctr-1.7.29-1.1.x86_64"
},
"product_reference": "containerd-ctr-1.7.29-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-devel-1.7.29-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:containerd-devel-1.7.29-1.1.aarch64"
},
"product_reference": "containerd-devel-1.7.29-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-devel-1.7.29-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:containerd-devel-1.7.29-1.1.ppc64le"
},
"product_reference": "containerd-devel-1.7.29-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-devel-1.7.29-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:containerd-devel-1.7.29-1.1.s390x"
},
"product_reference": "containerd-devel-1.7.29-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-devel-1.7.29-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:containerd-devel-1.7.29-1.1.x86_64"
},
"product_reference": "containerd-devel-1.7.29-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-25621",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-25621"
}
],
"notes": [
{
"category": "general",
"text": "containerd is an open-source container runtime. Versions 0.1.0 through 1.7.28, 2.0.0-beta.0 through 2.0.6, 2.1.0-beta.0 through 2.1.4 and 2.2.0-beta.0 through 2.2.0-rc.1 have an overly broad default permission vulnerability. Directory paths `/var/lib/containerd`, `/run/containerd/io.containerd.grpc.v1.cri` and `/run/containerd/io.containerd.sandbox.controller.v1.shim` were all created with incorrect permissions. This issue is fixed in versions 1.7.29, 2.0.7, 2.1.5 and 2.2.0. Workarounds include updating system administrator permissions so the host can manually chmod the directories to not have group or world accessible permissions, or to run containerd in rootless mode.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:containerd-1.7.29-1.1.aarch64",
"openSUSE Tumbleweed:containerd-1.7.29-1.1.ppc64le",
"openSUSE Tumbleweed:containerd-1.7.29-1.1.s390x",
"openSUSE Tumbleweed:containerd-1.7.29-1.1.x86_64",
"openSUSE Tumbleweed:containerd-ctr-1.7.29-1.1.aarch64",
"openSUSE Tumbleweed:containerd-ctr-1.7.29-1.1.ppc64le",
"openSUSE Tumbleweed:containerd-ctr-1.7.29-1.1.s390x",
"openSUSE Tumbleweed:containerd-ctr-1.7.29-1.1.x86_64",
"openSUSE Tumbleweed:containerd-devel-1.7.29-1.1.aarch64",
"openSUSE Tumbleweed:containerd-devel-1.7.29-1.1.ppc64le",
"openSUSE Tumbleweed:containerd-devel-1.7.29-1.1.s390x",
"openSUSE Tumbleweed:containerd-devel-1.7.29-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-25621",
"url": "https://www.suse.com/security/cve/CVE-2024-25621"
},
{
"category": "external",
"summary": "SUSE Bug 1253126 for CVE-2024-25621",
"url": "https://bugzilla.suse.com/1253126"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:containerd-1.7.29-1.1.aarch64",
"openSUSE Tumbleweed:containerd-1.7.29-1.1.ppc64le",
"openSUSE Tumbleweed:containerd-1.7.29-1.1.s390x",
"openSUSE Tumbleweed:containerd-1.7.29-1.1.x86_64",
"openSUSE Tumbleweed:containerd-ctr-1.7.29-1.1.aarch64",
"openSUSE Tumbleweed:containerd-ctr-1.7.29-1.1.ppc64le",
"openSUSE Tumbleweed:containerd-ctr-1.7.29-1.1.s390x",
"openSUSE Tumbleweed:containerd-ctr-1.7.29-1.1.x86_64",
"openSUSE Tumbleweed:containerd-devel-1.7.29-1.1.aarch64",
"openSUSE Tumbleweed:containerd-devel-1.7.29-1.1.ppc64le",
"openSUSE Tumbleweed:containerd-devel-1.7.29-1.1.s390x",
"openSUSE Tumbleweed:containerd-devel-1.7.29-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:containerd-1.7.29-1.1.aarch64",
"openSUSE Tumbleweed:containerd-1.7.29-1.1.ppc64le",
"openSUSE Tumbleweed:containerd-1.7.29-1.1.s390x",
"openSUSE Tumbleweed:containerd-1.7.29-1.1.x86_64",
"openSUSE Tumbleweed:containerd-ctr-1.7.29-1.1.aarch64",
"openSUSE Tumbleweed:containerd-ctr-1.7.29-1.1.ppc64le",
"openSUSE Tumbleweed:containerd-ctr-1.7.29-1.1.s390x",
"openSUSE Tumbleweed:containerd-ctr-1.7.29-1.1.x86_64",
"openSUSE Tumbleweed:containerd-devel-1.7.29-1.1.aarch64",
"openSUSE Tumbleweed:containerd-devel-1.7.29-1.1.ppc64le",
"openSUSE Tumbleweed:containerd-devel-1.7.29-1.1.s390x",
"openSUSE Tumbleweed:containerd-devel-1.7.29-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-11T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2024-25621"
},
{
"cve": "CVE-2025-64329",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-64329"
}
],
"notes": [
{
"category": "general",
"text": "containerd is an open-source container runtime. Versions 1.7.28 and below, 2.0.0-beta.0 through 2.0.6, 2.1.0-beta.0 through 2.1.4, and 2.2.0-beta.0 through 2.2.0-rc.1 contain a bug in the CRI Attach implementation where a user can exhaust memory on the host due to goroutine leaks. This issue is fixed in versions 1.7.29, 2.0.7, 2.1.5 and 2.2.0. To workaround this vulnerability, users can set up an admission controller to control accesses to pods/attach resources.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:containerd-1.7.29-1.1.aarch64",
"openSUSE Tumbleweed:containerd-1.7.29-1.1.ppc64le",
"openSUSE Tumbleweed:containerd-1.7.29-1.1.s390x",
"openSUSE Tumbleweed:containerd-1.7.29-1.1.x86_64",
"openSUSE Tumbleweed:containerd-ctr-1.7.29-1.1.aarch64",
"openSUSE Tumbleweed:containerd-ctr-1.7.29-1.1.ppc64le",
"openSUSE Tumbleweed:containerd-ctr-1.7.29-1.1.s390x",
"openSUSE Tumbleweed:containerd-ctr-1.7.29-1.1.x86_64",
"openSUSE Tumbleweed:containerd-devel-1.7.29-1.1.aarch64",
"openSUSE Tumbleweed:containerd-devel-1.7.29-1.1.ppc64le",
"openSUSE Tumbleweed:containerd-devel-1.7.29-1.1.s390x",
"openSUSE Tumbleweed:containerd-devel-1.7.29-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-64329",
"url": "https://www.suse.com/security/cve/CVE-2025-64329"
},
{
"category": "external",
"summary": "SUSE Bug 1253132 for CVE-2025-64329",
"url": "https://bugzilla.suse.com/1253132"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:containerd-1.7.29-1.1.aarch64",
"openSUSE Tumbleweed:containerd-1.7.29-1.1.ppc64le",
"openSUSE Tumbleweed:containerd-1.7.29-1.1.s390x",
"openSUSE Tumbleweed:containerd-1.7.29-1.1.x86_64",
"openSUSE Tumbleweed:containerd-ctr-1.7.29-1.1.aarch64",
"openSUSE Tumbleweed:containerd-ctr-1.7.29-1.1.ppc64le",
"openSUSE Tumbleweed:containerd-ctr-1.7.29-1.1.s390x",
"openSUSE Tumbleweed:containerd-ctr-1.7.29-1.1.x86_64",
"openSUSE Tumbleweed:containerd-devel-1.7.29-1.1.aarch64",
"openSUSE Tumbleweed:containerd-devel-1.7.29-1.1.ppc64le",
"openSUSE Tumbleweed:containerd-devel-1.7.29-1.1.s390x",
"openSUSE Tumbleweed:containerd-devel-1.7.29-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:containerd-1.7.29-1.1.aarch64",
"openSUSE Tumbleweed:containerd-1.7.29-1.1.ppc64le",
"openSUSE Tumbleweed:containerd-1.7.29-1.1.s390x",
"openSUSE Tumbleweed:containerd-1.7.29-1.1.x86_64",
"openSUSE Tumbleweed:containerd-ctr-1.7.29-1.1.aarch64",
"openSUSE Tumbleweed:containerd-ctr-1.7.29-1.1.ppc64le",
"openSUSE Tumbleweed:containerd-ctr-1.7.29-1.1.s390x",
"openSUSE Tumbleweed:containerd-ctr-1.7.29-1.1.x86_64",
"openSUSE Tumbleweed:containerd-devel-1.7.29-1.1.aarch64",
"openSUSE Tumbleweed:containerd-devel-1.7.29-1.1.ppc64le",
"openSUSE Tumbleweed:containerd-devel-1.7.29-1.1.s390x",
"openSUSE Tumbleweed:containerd-devel-1.7.29-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-11T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-64329"
}
]
}
CERTFR-2025-AVI-1036
Vulnerability from certfr_avis - Published: 2025-11-24 - Updated: 2025-11-24
De multiples vulnérabilités ont été découvertes dans les produits VMware. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| VMware | Tanzu Kubernetes Runtime | App Metrics versions antérieures à 2.3.2 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy) versions antérieures à 1.954.x | ||
| VMware | Tanzu Kubernetes Runtime | Elastic Application Runtime Windows add-on pour VMware Tanzu Platform versions antérieures à 10.2.5 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Noble) versions antérieures à 1.126.x | ||
| VMware | Tanzu Kubernetes Runtime | Elastic Application Runtime pour VMware Tanzu Platform versions antérieures à 6.0.22 | ||
| VMware | Platform Services | Platform Services pour VMware Tanzu Platform versions antérieures à 10.3.1 | ||
| VMware | Tanzu Kubernetes Runtime | Isolation Segmentation pour VMware Tanzu Platform versions antérieures à 6.0.22 | ||
| VMware | Tanzu Kubernetes Runtime | Elastic Application Runtime Windows add-on pour VMware Tanzu Platform versions antérieures à 6.0.22 | ||
| VMware | Tanzu Kubernetes Runtime | Isolation Segmentation pour VMware Tanzu Platform versions antérieures à 10.2.5 | ||
| VMware | Tanzu Kubernetes Runtime | Metric Store versions antérieures à 1.8.1 | ||
| VMware | Tanzu Kubernetes Runtime | Elastic Application Runtime pour VMware Tanzu Platform versions antérieures à 10.3.1 | ||
| VMware | Tanzu Kubernetes Runtime | Isolation Segmentation pour VMware Tanzu Platform versions antérieures à 10.3.1 | ||
| VMware | Tanzu Kubernetes Runtime | AI Services pour VMware Tanzu Platform versions antérieures à 10.3.1 | ||
| VMware | Tanzu | VMware Tanzu pour Postgres on Tanzu Platform versions antérieures à 10.2.1 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy Azure Light) versions antérieures à 1.954.x | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Windows) versions antérieures à 2019.92.x | ||
| VMware | Tanzu Kubernetes Runtime | Elastic Application Runtime pour VMware Tanzu Platform versions antérieures à 10.2.5 | ||
| VMware | Tanzu Kubernetes Runtime | Elastic Application Runtime Windows add-on pour VMware Tanzu Platform versions antérieures à 10.3.1 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy FIPS) versions antérieures à 1.954.x |
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "App Metrics versions ant\u00e9rieures \u00e0 2.3.2",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy) versions ant\u00e9rieures \u00e0 1.954.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Elastic Application Runtime Windows add-on pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 10.2.5",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Noble) versions ant\u00e9rieures \u00e0 1.126.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Elastic Application Runtime pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 6.0.22",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Platform Services pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 10.3.1",
"product": {
"name": "Platform Services",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Isolation Segmentation pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 6.0.22",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Elastic Application Runtime Windows add-on pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 6.0.22",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Isolation Segmentation pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 10.2.5",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Metric Store versions ant\u00e9rieures \u00e0 1.8.1",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Elastic Application Runtime pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 10.3.1",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Isolation Segmentation pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 10.3.1",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "AI Services pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 10.3.1",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VMware Tanzu pour Postgres on Tanzu Platform versions ant\u00e9rieures \u00e0 10.2.1",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy Azure Light) versions ant\u00e9rieures \u00e0 1.954.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Windows) versions ant\u00e9rieures \u00e0 2019.92.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Elastic Application Runtime pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 10.2.5",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Elastic Application Runtime Windows add-on pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 10.3.1",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy FIPS) versions ant\u00e9rieures \u00e0 1.954.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-24790",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24790"
},
{
"name": "CVE-2025-58183",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58183"
},
{
"name": "CVE-2025-22872",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22872"
},
{
"name": "CVE-2025-13425",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-13425"
},
{
"name": "CVE-2025-0913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0913"
},
{
"name": "CVE-2025-47907",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47907"
},
{
"name": "CVE-2025-6069",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6069"
},
{
"name": "CVE-2024-6232",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6232"
},
{
"name": "CVE-2025-4330",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4330"
},
{
"name": "CVE-2025-58185",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58185"
},
{
"name": "CVE-2024-9287",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9287"
},
{
"name": "CVE-2025-4138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4138"
},
{
"name": "CVE-2024-24791",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24791"
},
{
"name": "CVE-2024-45341",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45341"
},
{
"name": "CVE-2024-13176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-13176"
},
{
"name": "CVE-2024-35255",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35255"
},
{
"name": "CVE-2022-40897",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40897"
},
{
"name": "CVE-2025-0938",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0938"
},
{
"name": "CVE-2025-64329",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-64329"
},
{
"name": "CVE-2025-22866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22866"
},
{
"name": "CVE-2024-34158",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34158"
},
{
"name": "CVE-2023-27043",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27043"
},
{
"name": "CVE-2024-51744",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-51744"
},
{
"name": "CVE-2024-10977",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10977"
},
{
"name": "CVE-2025-50182",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50182"
},
{
"name": "CVE-2025-47906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47906"
},
{
"name": "CVE-2025-8194",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8194"
},
{
"name": "CVE-2025-50181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50181"
},
{
"name": "CVE-2025-4517",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4517"
},
{
"name": "CVE-2025-58188",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58188"
},
{
"name": "CVE-2025-4674",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4674"
},
{
"name": "CVE-2022-29526",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29526"
},
{
"name": "CVE-2025-4435",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4435"
},
{
"name": "CVE-2024-45336",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45336"
},
{
"name": "CVE-2025-52881",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52881"
},
{
"name": "CVE-2024-5535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5535"
},
{
"name": "CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"name": "CVE-2024-12718",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12718"
},
{
"name": "CVE-2025-61724",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61724"
},
{
"name": "CVE-2025-61723",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61723"
},
{
"name": "CVE-2024-10976",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10976"
},
{
"name": "CVE-2025-61795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61795"
},
{
"name": "CVE-2024-45337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45337"
},
{
"name": "CVE-2024-7254",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7254"
},
{
"name": "CVE-2025-61725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61725"
},
{
"name": "CVE-2024-9143",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9143"
},
{
"name": "CVE-2025-22874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22874"
},
{
"name": "CVE-2024-34156",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34156"
},
{
"name": "CVE-2025-47912",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47912"
},
{
"name": "CVE-2024-7592",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7592"
},
{
"name": "CVE-2025-58186",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58186"
},
{
"name": "CVE-2025-58187",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58187"
},
{
"name": "CVE-2025-4673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4673"
},
{
"name": "CVE-2025-22871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22871"
},
{
"name": "CVE-2025-59530",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59530"
},
{
"name": "CVE-2024-47081",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47081"
},
{
"name": "CVE-2025-40300",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40300"
},
{
"name": "CVE-2024-6119",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6119"
},
{
"name": "CVE-2024-25621",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25621"
},
{
"name": "CVE-2024-12254",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12254"
},
{
"name": "CVE-2025-8114",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8114"
},
{
"name": "CVE-2025-4516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4516"
},
{
"name": "CVE-2025-58058",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58058"
},
{
"name": "CVE-2025-22869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
},
{
"name": "CVE-2025-58189",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58189"
},
{
"name": "CVE-2024-10978",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10978"
},
{
"name": "CVE-2024-4603",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4603"
},
{
"name": "CVE-2024-50602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50602"
},
{
"name": "CVE-2025-22870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22870"
},
{
"name": "CVE-2025-61748",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61748"
},
{
"name": "CVE-2025-9230",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9230"
},
{
"name": "CVE-2024-4741",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4741"
},
{
"name": "CVE-2024-4032",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4032"
},
{
"name": "CVE-2024-2511",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2511"
},
{
"name": "CVE-2025-53057",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53057"
},
{
"name": "CVE-2024-34155",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34155"
},
{
"name": "CVE-2025-53066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53066"
},
{
"name": "CVE-2024-24789",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24789"
},
{
"name": "CVE-2024-6345",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6345"
},
{
"name": "CVE-2024-10979",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10979"
},
{
"name": "CVE-2025-49014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49014"
},
{
"name": "CVE-2025-5981",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5981"
},
{
"name": "CVE-2024-6923",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6923"
},
{
"name": "CVE-2024-8088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8088"
},
{
"name": "CVE-2025-11226",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11226"
}
],
"initial_release_date": "2025-11-24T00:00:00",
"last_revision_date": "2025-11-24T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-1036",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-11-24T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits VMware. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware",
"vendor_advisories": [
{
"published_at": "2025-11-23",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36513",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36513"
},
{
"published_at": "2025-11-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36530",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36530"
},
{
"published_at": "2025-11-23",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36512",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36512"
},
{
"published_at": "2025-11-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36526",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36526"
},
{
"published_at": "2025-11-23",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36511",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36511"
},
{
"published_at": "2025-11-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36525",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36525"
},
{
"published_at": "2025-11-23",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36516",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36516"
},
{
"published_at": "2025-11-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36527",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36527"
},
{
"published_at": "2025-11-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36536",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36536"
},
{
"published_at": "2025-11-23",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36519",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36519"
},
{
"published_at": "2025-11-23",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36518",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36518"
},
{
"published_at": "2025-11-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36524",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36524"
},
{
"published_at": "2025-11-23",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36521",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36521"
},
{
"published_at": "2025-11-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36528",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36528"
},
{
"published_at": "2025-11-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36522",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36522"
},
{
"published_at": "2025-11-23",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36514",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36514"
},
{
"published_at": "2025-11-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36532",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36532"
},
{
"published_at": "2025-11-23",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36509",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36509"
},
{
"published_at": "2025-11-23",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36517",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36517"
},
{
"published_at": "2025-11-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36533",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36533"
},
{
"published_at": "2025-11-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36537",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36537"
},
{
"published_at": "2025-11-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36531",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36531"
},
{
"published_at": "2025-11-23",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36510",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36510"
},
{
"published_at": "2025-11-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36523",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36523"
},
{
"published_at": "2025-11-23",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36515",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36515"
},
{
"published_at": "2025-11-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36529",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36529"
},
{
"published_at": "2025-11-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36534",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36534"
},
{
"published_at": "2025-11-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36535",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36535"
},
{
"published_at": "2025-11-23",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36520",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36520"
}
]
}
CERTFR-2025-AVI-1036
Vulnerability from certfr_avis - Published: 2025-11-24 - Updated: 2025-11-24
De multiples vulnérabilités ont été découvertes dans les produits VMware. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| VMware | Tanzu Kubernetes Runtime | App Metrics versions antérieures à 2.3.2 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy) versions antérieures à 1.954.x | ||
| VMware | Tanzu Kubernetes Runtime | Elastic Application Runtime Windows add-on pour VMware Tanzu Platform versions antérieures à 10.2.5 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Noble) versions antérieures à 1.126.x | ||
| VMware | Tanzu Kubernetes Runtime | Elastic Application Runtime pour VMware Tanzu Platform versions antérieures à 6.0.22 | ||
| VMware | Platform Services | Platform Services pour VMware Tanzu Platform versions antérieures à 10.3.1 | ||
| VMware | Tanzu Kubernetes Runtime | Isolation Segmentation pour VMware Tanzu Platform versions antérieures à 6.0.22 | ||
| VMware | Tanzu Kubernetes Runtime | Elastic Application Runtime Windows add-on pour VMware Tanzu Platform versions antérieures à 6.0.22 | ||
| VMware | Tanzu Kubernetes Runtime | Isolation Segmentation pour VMware Tanzu Platform versions antérieures à 10.2.5 | ||
| VMware | Tanzu Kubernetes Runtime | Metric Store versions antérieures à 1.8.1 | ||
| VMware | Tanzu Kubernetes Runtime | Elastic Application Runtime pour VMware Tanzu Platform versions antérieures à 10.3.1 | ||
| VMware | Tanzu Kubernetes Runtime | Isolation Segmentation pour VMware Tanzu Platform versions antérieures à 10.3.1 | ||
| VMware | Tanzu Kubernetes Runtime | AI Services pour VMware Tanzu Platform versions antérieures à 10.3.1 | ||
| VMware | Tanzu | VMware Tanzu pour Postgres on Tanzu Platform versions antérieures à 10.2.1 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy Azure Light) versions antérieures à 1.954.x | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Windows) versions antérieures à 2019.92.x | ||
| VMware | Tanzu Kubernetes Runtime | Elastic Application Runtime pour VMware Tanzu Platform versions antérieures à 10.2.5 | ||
| VMware | Tanzu Kubernetes Runtime | Elastic Application Runtime Windows add-on pour VMware Tanzu Platform versions antérieures à 10.3.1 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy FIPS) versions antérieures à 1.954.x |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "App Metrics versions ant\u00e9rieures \u00e0 2.3.2",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy) versions ant\u00e9rieures \u00e0 1.954.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Elastic Application Runtime Windows add-on pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 10.2.5",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Noble) versions ant\u00e9rieures \u00e0 1.126.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Elastic Application Runtime pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 6.0.22",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Platform Services pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 10.3.1",
"product": {
"name": "Platform Services",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Isolation Segmentation pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 6.0.22",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Elastic Application Runtime Windows add-on pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 6.0.22",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Isolation Segmentation pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 10.2.5",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Metric Store versions ant\u00e9rieures \u00e0 1.8.1",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Elastic Application Runtime pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 10.3.1",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Isolation Segmentation pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 10.3.1",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "AI Services pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 10.3.1",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VMware Tanzu pour Postgres on Tanzu Platform versions ant\u00e9rieures \u00e0 10.2.1",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy Azure Light) versions ant\u00e9rieures \u00e0 1.954.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Windows) versions ant\u00e9rieures \u00e0 2019.92.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Elastic Application Runtime pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 10.2.5",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Elastic Application Runtime Windows add-on pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 10.3.1",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy FIPS) versions ant\u00e9rieures \u00e0 1.954.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-24790",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24790"
},
{
"name": "CVE-2025-58183",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58183"
},
{
"name": "CVE-2025-22872",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22872"
},
{
"name": "CVE-2025-13425",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-13425"
},
{
"name": "CVE-2025-0913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0913"
},
{
"name": "CVE-2025-47907",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47907"
},
{
"name": "CVE-2025-6069",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6069"
},
{
"name": "CVE-2024-6232",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6232"
},
{
"name": "CVE-2025-4330",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4330"
},
{
"name": "CVE-2025-58185",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58185"
},
{
"name": "CVE-2024-9287",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9287"
},
{
"name": "CVE-2025-4138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4138"
},
{
"name": "CVE-2024-24791",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24791"
},
{
"name": "CVE-2024-45341",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45341"
},
{
"name": "CVE-2024-13176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-13176"
},
{
"name": "CVE-2024-35255",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35255"
},
{
"name": "CVE-2022-40897",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40897"
},
{
"name": "CVE-2025-0938",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0938"
},
{
"name": "CVE-2025-64329",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-64329"
},
{
"name": "CVE-2025-22866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22866"
},
{
"name": "CVE-2024-34158",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34158"
},
{
"name": "CVE-2023-27043",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27043"
},
{
"name": "CVE-2024-51744",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-51744"
},
{
"name": "CVE-2024-10977",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10977"
},
{
"name": "CVE-2025-50182",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50182"
},
{
"name": "CVE-2025-47906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47906"
},
{
"name": "CVE-2025-8194",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8194"
},
{
"name": "CVE-2025-50181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50181"
},
{
"name": "CVE-2025-4517",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4517"
},
{
"name": "CVE-2025-58188",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58188"
},
{
"name": "CVE-2025-4674",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4674"
},
{
"name": "CVE-2022-29526",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29526"
},
{
"name": "CVE-2025-4435",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4435"
},
{
"name": "CVE-2024-45336",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45336"
},
{
"name": "CVE-2025-52881",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52881"
},
{
"name": "CVE-2024-5535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5535"
},
{
"name": "CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"name": "CVE-2024-12718",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12718"
},
{
"name": "CVE-2025-61724",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61724"
},
{
"name": "CVE-2025-61723",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61723"
},
{
"name": "CVE-2024-10976",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10976"
},
{
"name": "CVE-2025-61795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61795"
},
{
"name": "CVE-2024-45337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45337"
},
{
"name": "CVE-2024-7254",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7254"
},
{
"name": "CVE-2025-61725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61725"
},
{
"name": "CVE-2024-9143",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9143"
},
{
"name": "CVE-2025-22874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22874"
},
{
"name": "CVE-2024-34156",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34156"
},
{
"name": "CVE-2025-47912",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47912"
},
{
"name": "CVE-2024-7592",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7592"
},
{
"name": "CVE-2025-58186",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58186"
},
{
"name": "CVE-2025-58187",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58187"
},
{
"name": "CVE-2025-4673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4673"
},
{
"name": "CVE-2025-22871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22871"
},
{
"name": "CVE-2025-59530",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59530"
},
{
"name": "CVE-2024-47081",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47081"
},
{
"name": "CVE-2025-40300",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40300"
},
{
"name": "CVE-2024-6119",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6119"
},
{
"name": "CVE-2024-25621",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25621"
},
{
"name": "CVE-2024-12254",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12254"
},
{
"name": "CVE-2025-8114",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8114"
},
{
"name": "CVE-2025-4516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4516"
},
{
"name": "CVE-2025-58058",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58058"
},
{
"name": "CVE-2025-22869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
},
{
"name": "CVE-2025-58189",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58189"
},
{
"name": "CVE-2024-10978",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10978"
},
{
"name": "CVE-2024-4603",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4603"
},
{
"name": "CVE-2024-50602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50602"
},
{
"name": "CVE-2025-22870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22870"
},
{
"name": "CVE-2025-61748",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61748"
},
{
"name": "CVE-2025-9230",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9230"
},
{
"name": "CVE-2024-4741",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4741"
},
{
"name": "CVE-2024-4032",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4032"
},
{
"name": "CVE-2024-2511",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2511"
},
{
"name": "CVE-2025-53057",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53057"
},
{
"name": "CVE-2024-34155",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34155"
},
{
"name": "CVE-2025-53066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53066"
},
{
"name": "CVE-2024-24789",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24789"
},
{
"name": "CVE-2024-6345",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6345"
},
{
"name": "CVE-2024-10979",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10979"
},
{
"name": "CVE-2025-49014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49014"
},
{
"name": "CVE-2025-5981",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5981"
},
{
"name": "CVE-2024-6923",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6923"
},
{
"name": "CVE-2024-8088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8088"
},
{
"name": "CVE-2025-11226",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11226"
}
],
"initial_release_date": "2025-11-24T00:00:00",
"last_revision_date": "2025-11-24T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-1036",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-11-24T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits VMware. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware",
"vendor_advisories": [
{
"published_at": "2025-11-23",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36513",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36513"
},
{
"published_at": "2025-11-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36530",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36530"
},
{
"published_at": "2025-11-23",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36512",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36512"
},
{
"published_at": "2025-11-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36526",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36526"
},
{
"published_at": "2025-11-23",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36511",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36511"
},
{
"published_at": "2025-11-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36525",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36525"
},
{
"published_at": "2025-11-23",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36516",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36516"
},
{
"published_at": "2025-11-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36527",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36527"
},
{
"published_at": "2025-11-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36536",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36536"
},
{
"published_at": "2025-11-23",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36519",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36519"
},
{
"published_at": "2025-11-23",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36518",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36518"
},
{
"published_at": "2025-11-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36524",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36524"
},
{
"published_at": "2025-11-23",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36521",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36521"
},
{
"published_at": "2025-11-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36528",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36528"
},
{
"published_at": "2025-11-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36522",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36522"
},
{
"published_at": "2025-11-23",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36514",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36514"
},
{
"published_at": "2025-11-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36532",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36532"
},
{
"published_at": "2025-11-23",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36509",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36509"
},
{
"published_at": "2025-11-23",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36517",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36517"
},
{
"published_at": "2025-11-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36533",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36533"
},
{
"published_at": "2025-11-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36537",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36537"
},
{
"published_at": "2025-11-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36531",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36531"
},
{
"published_at": "2025-11-23",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36510",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36510"
},
{
"published_at": "2025-11-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36523",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36523"
},
{
"published_at": "2025-11-23",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36515",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36515"
},
{
"published_at": "2025-11-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36529",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36529"
},
{
"published_at": "2025-11-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36534",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36534"
},
{
"published_at": "2025-11-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36535",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36535"
},
{
"published_at": "2025-11-23",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36520",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36520"
}
]
}
MSRC_CVE-2024-25621
Vulnerability from csaf_microsoft - Published: 2025-11-02 00:00 - Updated: 2025-11-19 01:52Summary
containerd affected by a local privilege escalation via wide permissions on CRI directory
Notes
Additional Resources
To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle
Disclaimer
The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.
{
"document": {
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Public",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
"title": "Disclaimer"
}
],
"publisher": {
"category": "vendor",
"contact_details": "secure@microsoft.com",
"name": "Microsoft Security Response Center",
"namespace": "https://msrc.microsoft.com"
},
"references": [
{
"category": "self",
"summary": "CVE-2024-25621 containerd affected by a local privilege escalation via wide permissions on CRI directory - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2025/msrc_cve-2024-25621.json"
},
{
"category": "external",
"summary": "Microsoft Support Lifecycle",
"url": "https://support.microsoft.com/lifecycle"
},
{
"category": "external",
"summary": "Common Vulnerability Scoring System",
"url": "https://www.first.org/cvss"
}
],
"title": "containerd affected by a local privilege escalation via wide permissions on CRI directory",
"tracking": {
"current_release_date": "2025-11-19T01:52:07.000Z",
"generator": {
"date": "2025-12-03T22:59:15.056Z",
"engine": {
"name": "MSRC Generator",
"version": "1.0"
}
},
"id": "msrc_CVE-2024-25621",
"initial_release_date": "2025-11-02T00:00:00.000Z",
"revision_history": [
{
"date": "2025-11-08T01:08:33.000Z",
"legacy_version": "1",
"number": "1",
"summary": "Information published."
},
{
"date": "2025-11-19T01:52:07.000Z",
"legacy_version": "2",
"number": "2",
"summary": "Information published."
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "2.0",
"product": {
"name": "CBL Mariner 2.0",
"product_id": "17086"
}
},
{
"category": "product_version",
"name": "3.0",
"product": {
"name": "Azure Linux 3.0",
"product_id": "17084"
}
}
],
"category": "product_name",
"name": "Azure Linux"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003ccbl2 moby-containerd 1.6.26-12",
"product": {
"name": "\u003ccbl2 moby-containerd 1.6.26-12",
"product_id": "2"
}
},
{
"category": "product_version",
"name": "cbl2 moby-containerd 1.6.26-12",
"product": {
"name": "cbl2 moby-containerd 1.6.26-12",
"product_id": "20657"
}
}
],
"category": "product_name",
"name": "moby-containerd"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cazl3 moby-containerd-cc 1.7.7-9",
"product": {
"name": "\u003cazl3 moby-containerd-cc 1.7.7-9",
"product_id": "4"
}
},
{
"category": "product_version",
"name": "azl3 moby-containerd-cc 1.7.7-9",
"product": {
"name": "azl3 moby-containerd-cc 1.7.7-9",
"product_id": "17461"
}
},
{
"category": "product_version_range",
"name": "\u003ccbl2 moby-containerd-cc 1.7.7-12",
"product": {
"name": "\u003ccbl2 moby-containerd-cc 1.7.7-12",
"product_id": "1"
}
},
{
"category": "product_version",
"name": "cbl2 moby-containerd-cc 1.7.7-12",
"product": {
"name": "cbl2 moby-containerd-cc 1.7.7-12",
"product_id": "20658"
}
}
],
"category": "product_name",
"name": "moby-containerd-cc"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cazl3 containerd2 2.0.0-14",
"product": {
"name": "\u003cazl3 containerd2 2.0.0-14",
"product_id": "3"
}
},
{
"category": "product_version",
"name": "azl3 containerd2 2.0.0-14",
"product": {
"name": "azl3 containerd2 2.0.0-14",
"product_id": "20654"
}
}
],
"category": "product_name",
"name": "containerd2"
}
],
"category": "vendor",
"name": "Microsoft"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccbl2 moby-containerd 1.6.26-12 as a component of CBL Mariner 2.0",
"product_id": "17086-2"
},
"product_reference": "2",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 moby-containerd 1.6.26-12 as a component of CBL Mariner 2.0",
"product_id": "20657-17086"
},
"product_reference": "20657",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 moby-containerd-cc 1.7.7-9 as a component of Azure Linux 3.0",
"product_id": "17084-4"
},
"product_reference": "4",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 moby-containerd-cc 1.7.7-9 as a component of Azure Linux 3.0",
"product_id": "17461-17084"
},
"product_reference": "17461",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 containerd2 2.0.0-14 as a component of Azure Linux 3.0",
"product_id": "17084-3"
},
"product_reference": "3",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 containerd2 2.0.0-14 as a component of Azure Linux 3.0",
"product_id": "20654-17084"
},
"product_reference": "20654",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccbl2 moby-containerd-cc 1.7.7-12 as a component of CBL Mariner 2.0",
"product_id": "17086-1"
},
"product_reference": "1",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 moby-containerd-cc 1.7.7-12 as a component of CBL Mariner 2.0",
"product_id": "20658-17086"
},
"product_reference": "20658",
"relates_to_product_reference": "17086"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-25621",
"cwe": {
"id": "CWE-279",
"name": "Incorrect Execution-Assigned Permissions"
},
"notes": [
{
"category": "general",
"text": "GitHub_M",
"title": "Assigning CNA"
}
],
"product_status": {
"fixed": [
"20657-17086",
"17461-17084",
"20654-17084",
"20658-17086"
],
"known_affected": [
"17086-2",
"17084-4",
"17084-3",
"17086-1"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-25621 containerd affected by a local privilege escalation via wide permissions on CRI directory - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2025/msrc_cve-2024-25621.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-08T01:08:33.000Z",
"details": "1.6.26-13:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17086-2"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
},
{
"category": "vendor_fix",
"date": "2025-11-08T01:08:33.000Z",
"details": "1.7.7-10:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17084-4"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
},
{
"category": "vendor_fix",
"date": "2025-11-08T01:08:33.000Z",
"details": "2.0.0-15:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17084-3"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
},
{
"category": "vendor_fix",
"date": "2025-11-08T01:08:33.000Z",
"details": "1.7.7-13:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17086-1"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalsScore": 0.0,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 7.3,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"17086-2",
"17084-4",
"17084-3",
"17086-1"
]
}
],
"title": "containerd affected by a local privilege escalation via wide permissions on CRI directory"
}
]
}
SUSE-SU-2025:4072-1
Vulnerability from csaf_suse - Published: 2025-11-12 10:33 - Updated: 2025-11-12 10:33Summary
Security update for containerd
Notes
Title of the patch
Security update for containerd
Description of the patch
This update for containerd fixes the following issues:
- Update to containerd v1.7.29
- CVE-2024-25621: Fixed an overly broad default permission vulnerability. (bsc#1253126)
- CVE-2025-64329: Fixed a goroutine leaks which can lead to memory exhaustion on the host. (bsc#1253132)
Patchnames
SUSE-2025-4072,SUSE-SLE-SERVER-12-SP5-LTSS-2025-4072,SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-4072
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for containerd",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for containerd fixes the following issues:\n\n- Update to containerd v1.7.29\n- CVE-2024-25621: Fixed an overly broad default permission vulnerability. (bsc#1253126)\n- CVE-2025-64329: Fixed a goroutine leaks which can lead to memory exhaustion on the host. (bsc#1253132)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-4072,SUSE-SLE-SERVER-12-SP5-LTSS-2025-4072,SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-4072",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_4072-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:4072-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20254072-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:4072-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-November/023266.html"
},
{
"category": "self",
"summary": "SUSE Bug 1253126",
"url": "https://bugzilla.suse.com/1253126"
},
{
"category": "self",
"summary": "SUSE Bug 1253132",
"url": "https://bugzilla.suse.com/1253132"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-25621 page",
"url": "https://www.suse.com/security/cve/CVE-2024-25621/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-64329 page",
"url": "https://www.suse.com/security/cve/CVE-2025-64329/"
}
],
"title": "Security update for containerd",
"tracking": {
"current_release_date": "2025-11-12T10:33:38Z",
"generator": {
"date": "2025-11-12T10:33:38Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:4072-1",
"initial_release_date": "2025-11-12T10:33:38Z",
"revision_history": [
{
"date": "2025-11-12T10:33:38Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "containerd-1.7.29-16.105.1.aarch64",
"product": {
"name": "containerd-1.7.29-16.105.1.aarch64",
"product_id": "containerd-1.7.29-16.105.1.aarch64"
}
},
{
"category": "product_version",
"name": "containerd-ctr-1.7.29-16.105.1.aarch64",
"product": {
"name": "containerd-ctr-1.7.29-16.105.1.aarch64",
"product_id": "containerd-ctr-1.7.29-16.105.1.aarch64"
}
},
{
"category": "product_version",
"name": "containerd-devel-1.7.29-16.105.1.aarch64",
"product": {
"name": "containerd-devel-1.7.29-16.105.1.aarch64",
"product_id": "containerd-devel-1.7.29-16.105.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "containerd-1.7.29-16.105.1.i586",
"product": {
"name": "containerd-1.7.29-16.105.1.i586",
"product_id": "containerd-1.7.29-16.105.1.i586"
}
},
{
"category": "product_version",
"name": "containerd-ctr-1.7.29-16.105.1.i586",
"product": {
"name": "containerd-ctr-1.7.29-16.105.1.i586",
"product_id": "containerd-ctr-1.7.29-16.105.1.i586"
}
},
{
"category": "product_version",
"name": "containerd-devel-1.7.29-16.105.1.i586",
"product": {
"name": "containerd-devel-1.7.29-16.105.1.i586",
"product_id": "containerd-devel-1.7.29-16.105.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "containerd-1.7.29-16.105.1.ppc64le",
"product": {
"name": "containerd-1.7.29-16.105.1.ppc64le",
"product_id": "containerd-1.7.29-16.105.1.ppc64le"
}
},
{
"category": "product_version",
"name": "containerd-ctr-1.7.29-16.105.1.ppc64le",
"product": {
"name": "containerd-ctr-1.7.29-16.105.1.ppc64le",
"product_id": "containerd-ctr-1.7.29-16.105.1.ppc64le"
}
},
{
"category": "product_version",
"name": "containerd-devel-1.7.29-16.105.1.ppc64le",
"product": {
"name": "containerd-devel-1.7.29-16.105.1.ppc64le",
"product_id": "containerd-devel-1.7.29-16.105.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "containerd-1.7.29-16.105.1.s390x",
"product": {
"name": "containerd-1.7.29-16.105.1.s390x",
"product_id": "containerd-1.7.29-16.105.1.s390x"
}
},
{
"category": "product_version",
"name": "containerd-ctr-1.7.29-16.105.1.s390x",
"product": {
"name": "containerd-ctr-1.7.29-16.105.1.s390x",
"product_id": "containerd-ctr-1.7.29-16.105.1.s390x"
}
},
{
"category": "product_version",
"name": "containerd-devel-1.7.29-16.105.1.s390x",
"product": {
"name": "containerd-devel-1.7.29-16.105.1.s390x",
"product_id": "containerd-devel-1.7.29-16.105.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "containerd-1.7.29-16.105.1.x86_64",
"product": {
"name": "containerd-1.7.29-16.105.1.x86_64",
"product_id": "containerd-1.7.29-16.105.1.x86_64"
}
},
{
"category": "product_version",
"name": "containerd-ctr-1.7.29-16.105.1.x86_64",
"product": {
"name": "containerd-ctr-1.7.29-16.105.1.x86_64",
"product_id": "containerd-ctr-1.7.29-16.105.1.x86_64"
}
},
{
"category": "product_version",
"name": "containerd-devel-1.7.29-16.105.1.x86_64",
"product": {
"name": "containerd-devel-1.7.29-16.105.1.x86_64",
"product_id": "containerd-devel-1.7.29-16.105.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss-extended-security:12:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.7.29-16.105.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:containerd-1.7.29-16.105.1.aarch64"
},
"product_reference": "containerd-1.7.29-16.105.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.7.29-16.105.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:containerd-1.7.29-16.105.1.ppc64le"
},
"product_reference": "containerd-1.7.29-16.105.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.7.29-16.105.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:containerd-1.7.29-16.105.1.s390x"
},
"product_reference": "containerd-1.7.29-16.105.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.7.29-16.105.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:containerd-1.7.29-16.105.1.x86_64"
},
"product_reference": "containerd-1.7.29-16.105.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-ctr-1.7.29-16.105.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:containerd-ctr-1.7.29-16.105.1.aarch64"
},
"product_reference": "containerd-ctr-1.7.29-16.105.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-ctr-1.7.29-16.105.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:containerd-ctr-1.7.29-16.105.1.ppc64le"
},
"product_reference": "containerd-ctr-1.7.29-16.105.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-ctr-1.7.29-16.105.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:containerd-ctr-1.7.29-16.105.1.s390x"
},
"product_reference": "containerd-ctr-1.7.29-16.105.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-ctr-1.7.29-16.105.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:containerd-ctr-1.7.29-16.105.1.x86_64"
},
"product_reference": "containerd-ctr-1.7.29-16.105.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-devel-1.7.29-16.105.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:containerd-devel-1.7.29-16.105.1.aarch64"
},
"product_reference": "containerd-devel-1.7.29-16.105.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-devel-1.7.29-16.105.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:containerd-devel-1.7.29-16.105.1.ppc64le"
},
"product_reference": "containerd-devel-1.7.29-16.105.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-devel-1.7.29-16.105.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:containerd-devel-1.7.29-16.105.1.s390x"
},
"product_reference": "containerd-devel-1.7.29-16.105.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-devel-1.7.29-16.105.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:containerd-devel-1.7.29-16.105.1.x86_64"
},
"product_reference": "containerd-devel-1.7.29-16.105.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.7.29-16.105.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:containerd-1.7.29-16.105.1.x86_64"
},
"product_reference": "containerd-1.7.29-16.105.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-ctr-1.7.29-16.105.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:containerd-ctr-1.7.29-16.105.1.x86_64"
},
"product_reference": "containerd-ctr-1.7.29-16.105.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-devel-1.7.29-16.105.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:containerd-devel-1.7.29-16.105.1.x86_64"
},
"product_reference": "containerd-devel-1.7.29-16.105.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-25621",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-25621"
}
],
"notes": [
{
"category": "general",
"text": "containerd is an open-source container runtime. Versions 0.1.0 through 1.7.28, 2.0.0-beta.0 through 2.0.6, 2.1.0-beta.0 through 2.1.4 and 2.2.0-beta.0 through 2.2.0-rc.1 have an overly broad default permission vulnerability. Directory paths `/var/lib/containerd`, `/run/containerd/io.containerd.grpc.v1.cri` and `/run/containerd/io.containerd.sandbox.controller.v1.shim` were all created with incorrect permissions. This issue is fixed in versions 1.7.29, 2.0.7, 2.1.5 and 2.2.0. Workarounds include updating system administrator permissions so the host can manually chmod the directories to not have group or world accessible permissions, or to run containerd in rootless mode.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:containerd-1.7.29-16.105.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:containerd-1.7.29-16.105.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:containerd-1.7.29-16.105.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:containerd-1.7.29-16.105.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:containerd-ctr-1.7.29-16.105.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:containerd-ctr-1.7.29-16.105.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:containerd-ctr-1.7.29-16.105.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:containerd-ctr-1.7.29-16.105.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:containerd-devel-1.7.29-16.105.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:containerd-devel-1.7.29-16.105.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:containerd-devel-1.7.29-16.105.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:containerd-devel-1.7.29-16.105.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:containerd-1.7.29-16.105.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:containerd-ctr-1.7.29-16.105.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:containerd-devel-1.7.29-16.105.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-25621",
"url": "https://www.suse.com/security/cve/CVE-2024-25621"
},
{
"category": "external",
"summary": "SUSE Bug 1253126 for CVE-2024-25621",
"url": "https://bugzilla.suse.com/1253126"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:containerd-1.7.29-16.105.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:containerd-1.7.29-16.105.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:containerd-1.7.29-16.105.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:containerd-1.7.29-16.105.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:containerd-ctr-1.7.29-16.105.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:containerd-ctr-1.7.29-16.105.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:containerd-ctr-1.7.29-16.105.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:containerd-ctr-1.7.29-16.105.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:containerd-devel-1.7.29-16.105.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:containerd-devel-1.7.29-16.105.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:containerd-devel-1.7.29-16.105.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:containerd-devel-1.7.29-16.105.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:containerd-1.7.29-16.105.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:containerd-ctr-1.7.29-16.105.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:containerd-devel-1.7.29-16.105.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:containerd-1.7.29-16.105.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:containerd-1.7.29-16.105.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:containerd-1.7.29-16.105.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:containerd-1.7.29-16.105.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:containerd-ctr-1.7.29-16.105.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:containerd-ctr-1.7.29-16.105.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:containerd-ctr-1.7.29-16.105.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:containerd-ctr-1.7.29-16.105.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:containerd-devel-1.7.29-16.105.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:containerd-devel-1.7.29-16.105.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:containerd-devel-1.7.29-16.105.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:containerd-devel-1.7.29-16.105.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:containerd-1.7.29-16.105.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:containerd-ctr-1.7.29-16.105.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:containerd-devel-1.7.29-16.105.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-12T10:33:38Z",
"details": "important"
}
],
"title": "CVE-2024-25621"
},
{
"cve": "CVE-2025-64329",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-64329"
}
],
"notes": [
{
"category": "general",
"text": "containerd is an open-source container runtime. Versions 1.7.28 and below, 2.0.0-beta.0 through 2.0.6, 2.1.0-beta.0 through 2.1.4, and 2.2.0-beta.0 through 2.2.0-rc.1 contain a bug in the CRI Attach implementation where a user can exhaust memory on the host due to goroutine leaks. This issue is fixed in versions 1.7.29, 2.0.7, 2.1.5 and 2.2.0. To workaround this vulnerability, users can set up an admission controller to control accesses to pods/attach resources.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:containerd-1.7.29-16.105.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:containerd-1.7.29-16.105.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:containerd-1.7.29-16.105.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:containerd-1.7.29-16.105.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:containerd-ctr-1.7.29-16.105.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:containerd-ctr-1.7.29-16.105.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:containerd-ctr-1.7.29-16.105.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:containerd-ctr-1.7.29-16.105.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:containerd-devel-1.7.29-16.105.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:containerd-devel-1.7.29-16.105.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:containerd-devel-1.7.29-16.105.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:containerd-devel-1.7.29-16.105.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:containerd-1.7.29-16.105.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:containerd-ctr-1.7.29-16.105.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:containerd-devel-1.7.29-16.105.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-64329",
"url": "https://www.suse.com/security/cve/CVE-2025-64329"
},
{
"category": "external",
"summary": "SUSE Bug 1253132 for CVE-2025-64329",
"url": "https://bugzilla.suse.com/1253132"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:containerd-1.7.29-16.105.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:containerd-1.7.29-16.105.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:containerd-1.7.29-16.105.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:containerd-1.7.29-16.105.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:containerd-ctr-1.7.29-16.105.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:containerd-ctr-1.7.29-16.105.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:containerd-ctr-1.7.29-16.105.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:containerd-ctr-1.7.29-16.105.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:containerd-devel-1.7.29-16.105.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:containerd-devel-1.7.29-16.105.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:containerd-devel-1.7.29-16.105.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:containerd-devel-1.7.29-16.105.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:containerd-1.7.29-16.105.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:containerd-ctr-1.7.29-16.105.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:containerd-devel-1.7.29-16.105.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:containerd-1.7.29-16.105.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:containerd-1.7.29-16.105.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:containerd-1.7.29-16.105.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:containerd-1.7.29-16.105.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:containerd-ctr-1.7.29-16.105.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:containerd-ctr-1.7.29-16.105.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:containerd-ctr-1.7.29-16.105.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:containerd-ctr-1.7.29-16.105.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:containerd-devel-1.7.29-16.105.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:containerd-devel-1.7.29-16.105.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:containerd-devel-1.7.29-16.105.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:containerd-devel-1.7.29-16.105.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:containerd-1.7.29-16.105.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:containerd-ctr-1.7.29-16.105.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:containerd-devel-1.7.29-16.105.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-12T10:33:38Z",
"details": "moderate"
}
],
"title": "CVE-2025-64329"
}
]
}
SUSE-SU-2025:4288-1
Vulnerability from csaf_suse - Published: 2025-11-28 08:25 - Updated: 2025-11-28 08:25Summary
Security update for containerd
Notes
Title of the patch
Security update for containerd
Description of the patch
This update for containerd fixes the following issues:
- Update to containerd v1.7.29
- CVE-2024-25621: Fixed an overly broad default permission vulnerability. (bsc#1253126)
- CVE-2025-64329: Fixed a goroutine leaks which can lead to memory exhaustion on the host. (bsc#1253132)
Patchnames
SUSE-2025-4288,SUSE-SLE-Micro-5.3-2025-4288,SUSE-SLE-Micro-5.4-2025-4288,SUSE-SLE-Micro-5.5-2025-4288,SUSE-SLE-Module-Basesystem-15-SP7-2025-4288,SUSE-SLE-Module-Containers-15-SP6-2025-4288,SUSE-SLE-Module-Containers-15-SP7-2025-4288,SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-4288,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-4288,SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-4288,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-4288,SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-4288,SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-4288,SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-4288,SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-4288,SUSE-SLE-Product-SLES_SAP-15-SP3-2025-4288,SUSE-SLE-Product-SLES_SAP-15-SP4-2025-4288,SUSE-SLE-Product-SLES_SAP-15-SP5-2025-4288,SUSE-SUSE-MicroOS-5.2-2025-4288,SUSE-Storage-7.1-2025-4288,openSUSE-SLE-15.6-2025-4288
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for containerd",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for containerd fixes the following issues:\n\n- Update to containerd v1.7.29\n- CVE-2024-25621: Fixed an overly broad default permission vulnerability. (bsc#1253126)\n- CVE-2025-64329: Fixed a goroutine leaks which can lead to memory exhaustion on the host. (bsc#1253132)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-4288,SUSE-SLE-Micro-5.3-2025-4288,SUSE-SLE-Micro-5.4-2025-4288,SUSE-SLE-Micro-5.5-2025-4288,SUSE-SLE-Module-Basesystem-15-SP7-2025-4288,SUSE-SLE-Module-Containers-15-SP6-2025-4288,SUSE-SLE-Module-Containers-15-SP7-2025-4288,SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-4288,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-4288,SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-4288,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-4288,SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-4288,SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-4288,SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-4288,SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-4288,SUSE-SLE-Product-SLES_SAP-15-SP3-2025-4288,SUSE-SLE-Product-SLES_SAP-15-SP4-2025-4288,SUSE-SLE-Product-SLES_SAP-15-SP5-2025-4288,SUSE-SUSE-MicroOS-5.2-2025-4288,SUSE-Storage-7.1-2025-4288,openSUSE-SLE-15.6-2025-4288",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_4288-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:4288-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20254288-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:4288-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-November/023426.html"
},
{
"category": "self",
"summary": "SUSE Bug 1253126",
"url": "https://bugzilla.suse.com/1253126"
},
{
"category": "self",
"summary": "SUSE Bug 1253132",
"url": "https://bugzilla.suse.com/1253132"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-25621 page",
"url": "https://www.suse.com/security/cve/CVE-2024-25621/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-64329 page",
"url": "https://www.suse.com/security/cve/CVE-2025-64329/"
}
],
"title": "Security update for containerd",
"tracking": {
"current_release_date": "2025-11-28T08:25:49Z",
"generator": {
"date": "2025-11-28T08:25:49Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:4288-1",
"initial_release_date": "2025-11-28T08:25:49Z",
"revision_history": [
{
"date": "2025-11-28T08:25:49Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "containerd-1.7.29-150000.128.1.aarch64",
"product": {
"name": "containerd-1.7.29-150000.128.1.aarch64",
"product_id": "containerd-1.7.29-150000.128.1.aarch64"
}
},
{
"category": "product_version",
"name": "containerd-ctr-1.7.29-150000.128.1.aarch64",
"product": {
"name": "containerd-ctr-1.7.29-150000.128.1.aarch64",
"product_id": "containerd-ctr-1.7.29-150000.128.1.aarch64"
}
},
{
"category": "product_version",
"name": "containerd-devel-1.7.29-150000.128.1.aarch64",
"product": {
"name": "containerd-devel-1.7.29-150000.128.1.aarch64",
"product_id": "containerd-devel-1.7.29-150000.128.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "containerd-1.7.29-150000.128.1.i586",
"product": {
"name": "containerd-1.7.29-150000.128.1.i586",
"product_id": "containerd-1.7.29-150000.128.1.i586"
}
},
{
"category": "product_version",
"name": "containerd-ctr-1.7.29-150000.128.1.i586",
"product": {
"name": "containerd-ctr-1.7.29-150000.128.1.i586",
"product_id": "containerd-ctr-1.7.29-150000.128.1.i586"
}
},
{
"category": "product_version",
"name": "containerd-devel-1.7.29-150000.128.1.i586",
"product": {
"name": "containerd-devel-1.7.29-150000.128.1.i586",
"product_id": "containerd-devel-1.7.29-150000.128.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "containerd-1.7.29-150000.128.1.ppc64le",
"product": {
"name": "containerd-1.7.29-150000.128.1.ppc64le",
"product_id": "containerd-1.7.29-150000.128.1.ppc64le"
}
},
{
"category": "product_version",
"name": "containerd-ctr-1.7.29-150000.128.1.ppc64le",
"product": {
"name": "containerd-ctr-1.7.29-150000.128.1.ppc64le",
"product_id": "containerd-ctr-1.7.29-150000.128.1.ppc64le"
}
},
{
"category": "product_version",
"name": "containerd-devel-1.7.29-150000.128.1.ppc64le",
"product": {
"name": "containerd-devel-1.7.29-150000.128.1.ppc64le",
"product_id": "containerd-devel-1.7.29-150000.128.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "containerd-1.7.29-150000.128.1.s390x",
"product": {
"name": "containerd-1.7.29-150000.128.1.s390x",
"product_id": "containerd-1.7.29-150000.128.1.s390x"
}
},
{
"category": "product_version",
"name": "containerd-ctr-1.7.29-150000.128.1.s390x",
"product": {
"name": "containerd-ctr-1.7.29-150000.128.1.s390x",
"product_id": "containerd-ctr-1.7.29-150000.128.1.s390x"
}
},
{
"category": "product_version",
"name": "containerd-devel-1.7.29-150000.128.1.s390x",
"product": {
"name": "containerd-devel-1.7.29-150000.128.1.s390x",
"product_id": "containerd-devel-1.7.29-150000.128.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "containerd-1.7.29-150000.128.1.x86_64",
"product": {
"name": "containerd-1.7.29-150000.128.1.x86_64",
"product_id": "containerd-1.7.29-150000.128.1.x86_64"
}
},
{
"category": "product_version",
"name": "containerd-ctr-1.7.29-150000.128.1.x86_64",
"product": {
"name": "containerd-ctr-1.7.29-150000.128.1.x86_64",
"product_id": "containerd-ctr-1.7.29-150000.128.1.x86_64"
}
},
{
"category": "product_version",
"name": "containerd-devel-1.7.29-150000.128.1.x86_64",
"product": {
"name": "containerd-devel-1.7.29-150000.128.1.x86_64",
"product_id": "containerd-devel-1.7.29-150000.128.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.3",
"product": {
"name": "SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-micro:5.3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.4",
"product": {
"name": "SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-micro:5.4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.5",
"product": {
"name": "SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-micro:5.5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-basesystem:15:sp7"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Containers 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-containers:15:sp6"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Containers 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Containers 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-containers:15:sp7"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.2",
"product": {
"name": "SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-microos:5.2"
}
}
},
{
"category": "product_name",
"name": "SUSE Enterprise Storage 7.1",
"product": {
"name": "SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:ses:7.1"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.7.29-150000.128.1.aarch64 as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:containerd-1.7.29-150000.128.1.aarch64"
},
"product_reference": "containerd-1.7.29-150000.128.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.7.29-150000.128.1.s390x as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:containerd-1.7.29-150000.128.1.s390x"
},
"product_reference": "containerd-1.7.29-150000.128.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.7.29-150000.128.1.x86_64 as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:containerd-1.7.29-150000.128.1.x86_64"
},
"product_reference": "containerd-1.7.29-150000.128.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.7.29-150000.128.1.aarch64 as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:containerd-1.7.29-150000.128.1.aarch64"
},
"product_reference": "containerd-1.7.29-150000.128.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.7.29-150000.128.1.s390x as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:containerd-1.7.29-150000.128.1.s390x"
},
"product_reference": "containerd-1.7.29-150000.128.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.7.29-150000.128.1.x86_64 as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:containerd-1.7.29-150000.128.1.x86_64"
},
"product_reference": "containerd-1.7.29-150000.128.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.7.29-150000.128.1.aarch64 as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:containerd-1.7.29-150000.128.1.aarch64"
},
"product_reference": "containerd-1.7.29-150000.128.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.7.29-150000.128.1.ppc64le as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:containerd-1.7.29-150000.128.1.ppc64le"
},
"product_reference": "containerd-1.7.29-150000.128.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.7.29-150000.128.1.s390x as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:containerd-1.7.29-150000.128.1.s390x"
},
"product_reference": "containerd-1.7.29-150000.128.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.7.29-150000.128.1.x86_64 as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:containerd-1.7.29-150000.128.1.x86_64"
},
"product_reference": "containerd-1.7.29-150000.128.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.7.29-150000.128.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:containerd-1.7.29-150000.128.1.aarch64"
},
"product_reference": "containerd-1.7.29-150000.128.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.7.29-150000.128.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:containerd-1.7.29-150000.128.1.ppc64le"
},
"product_reference": "containerd-1.7.29-150000.128.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.7.29-150000.128.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:containerd-1.7.29-150000.128.1.s390x"
},
"product_reference": "containerd-1.7.29-150000.128.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.7.29-150000.128.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:containerd-1.7.29-150000.128.1.x86_64"
},
"product_reference": "containerd-1.7.29-150000.128.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.7.29-150000.128.1.aarch64 as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:containerd-1.7.29-150000.128.1.aarch64"
},
"product_reference": "containerd-1.7.29-150000.128.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.7.29-150000.128.1.ppc64le as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:containerd-1.7.29-150000.128.1.ppc64le"
},
"product_reference": "containerd-1.7.29-150000.128.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.7.29-150000.128.1.s390x as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:containerd-1.7.29-150000.128.1.s390x"
},
"product_reference": "containerd-1.7.29-150000.128.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.7.29-150000.128.1.x86_64 as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:containerd-1.7.29-150000.128.1.x86_64"
},
"product_reference": "containerd-1.7.29-150000.128.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-ctr-1.7.29-150000.128.1.aarch64 as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:containerd-ctr-1.7.29-150000.128.1.aarch64"
},
"product_reference": "containerd-ctr-1.7.29-150000.128.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-ctr-1.7.29-150000.128.1.ppc64le as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:containerd-ctr-1.7.29-150000.128.1.ppc64le"
},
"product_reference": "containerd-ctr-1.7.29-150000.128.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-ctr-1.7.29-150000.128.1.s390x as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:containerd-ctr-1.7.29-150000.128.1.s390x"
},
"product_reference": "containerd-ctr-1.7.29-150000.128.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-ctr-1.7.29-150000.128.1.x86_64 as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:containerd-ctr-1.7.29-150000.128.1.x86_64"
},
"product_reference": "containerd-ctr-1.7.29-150000.128.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-devel-1.7.29-150000.128.1.aarch64 as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:containerd-devel-1.7.29-150000.128.1.aarch64"
},
"product_reference": "containerd-devel-1.7.29-150000.128.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-devel-1.7.29-150000.128.1.ppc64le as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:containerd-devel-1.7.29-150000.128.1.ppc64le"
},
"product_reference": "containerd-devel-1.7.29-150000.128.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-devel-1.7.29-150000.128.1.s390x as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:containerd-devel-1.7.29-150000.128.1.s390x"
},
"product_reference": "containerd-devel-1.7.29-150000.128.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-devel-1.7.29-150000.128.1.x86_64 as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:containerd-devel-1.7.29-150000.128.1.x86_64"
},
"product_reference": "containerd-devel-1.7.29-150000.128.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-ctr-1.7.29-150000.128.1.aarch64 as component of SUSE Linux Enterprise Module for Containers 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP7:containerd-ctr-1.7.29-150000.128.1.aarch64"
},
"product_reference": "containerd-ctr-1.7.29-150000.128.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-ctr-1.7.29-150000.128.1.ppc64le as component of SUSE Linux Enterprise Module for Containers 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP7:containerd-ctr-1.7.29-150000.128.1.ppc64le"
},
"product_reference": "containerd-ctr-1.7.29-150000.128.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-ctr-1.7.29-150000.128.1.s390x as component of SUSE Linux Enterprise Module for Containers 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP7:containerd-ctr-1.7.29-150000.128.1.s390x"
},
"product_reference": "containerd-ctr-1.7.29-150000.128.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-ctr-1.7.29-150000.128.1.x86_64 as component of SUSE Linux Enterprise Module for Containers 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP7:containerd-ctr-1.7.29-150000.128.1.x86_64"
},
"product_reference": "containerd-ctr-1.7.29-150000.128.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-devel-1.7.29-150000.128.1.aarch64 as component of SUSE Linux Enterprise Module for Containers 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP7:containerd-devel-1.7.29-150000.128.1.aarch64"
},
"product_reference": "containerd-devel-1.7.29-150000.128.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-devel-1.7.29-150000.128.1.ppc64le as component of SUSE Linux Enterprise Module for Containers 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP7:containerd-devel-1.7.29-150000.128.1.ppc64le"
},
"product_reference": "containerd-devel-1.7.29-150000.128.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-devel-1.7.29-150000.128.1.s390x as component of SUSE Linux Enterprise Module for Containers 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP7:containerd-devel-1.7.29-150000.128.1.s390x"
},
"product_reference": "containerd-devel-1.7.29-150000.128.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-devel-1.7.29-150000.128.1.x86_64 as component of SUSE Linux Enterprise Module for Containers 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP7:containerd-devel-1.7.29-150000.128.1.x86_64"
},
"product_reference": "containerd-devel-1.7.29-150000.128.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.7.29-150000.128.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:containerd-1.7.29-150000.128.1.aarch64"
},
"product_reference": "containerd-1.7.29-150000.128.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.7.29-150000.128.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:containerd-1.7.29-150000.128.1.x86_64"
},
"product_reference": "containerd-1.7.29-150000.128.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-ctr-1.7.29-150000.128.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:containerd-ctr-1.7.29-150000.128.1.aarch64"
},
"product_reference": "containerd-ctr-1.7.29-150000.128.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-ctr-1.7.29-150000.128.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:containerd-ctr-1.7.29-150000.128.1.x86_64"
},
"product_reference": "containerd-ctr-1.7.29-150000.128.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.7.29-150000.128.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:containerd-1.7.29-150000.128.1.aarch64"
},
"product_reference": "containerd-1.7.29-150000.128.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.7.29-150000.128.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:containerd-1.7.29-150000.128.1.x86_64"
},
"product_reference": "containerd-1.7.29-150000.128.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-ctr-1.7.29-150000.128.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:containerd-ctr-1.7.29-150000.128.1.aarch64"
},
"product_reference": "containerd-ctr-1.7.29-150000.128.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-ctr-1.7.29-150000.128.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:containerd-ctr-1.7.29-150000.128.1.x86_64"
},
"product_reference": "containerd-ctr-1.7.29-150000.128.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-devel-1.7.29-150000.128.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:containerd-devel-1.7.29-150000.128.1.aarch64"
},
"product_reference": "containerd-devel-1.7.29-150000.128.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-devel-1.7.29-150000.128.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:containerd-devel-1.7.29-150000.128.1.x86_64"
},
"product_reference": "containerd-devel-1.7.29-150000.128.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.7.29-150000.128.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:containerd-1.7.29-150000.128.1.aarch64"
},
"product_reference": "containerd-1.7.29-150000.128.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.7.29-150000.128.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:containerd-1.7.29-150000.128.1.x86_64"
},
"product_reference": "containerd-1.7.29-150000.128.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-ctr-1.7.29-150000.128.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:containerd-ctr-1.7.29-150000.128.1.aarch64"
},
"product_reference": "containerd-ctr-1.7.29-150000.128.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-ctr-1.7.29-150000.128.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:containerd-ctr-1.7.29-150000.128.1.x86_64"
},
"product_reference": "containerd-ctr-1.7.29-150000.128.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-devel-1.7.29-150000.128.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:containerd-devel-1.7.29-150000.128.1.aarch64"
},
"product_reference": "containerd-devel-1.7.29-150000.128.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-devel-1.7.29-150000.128.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:containerd-devel-1.7.29-150000.128.1.x86_64"
},
"product_reference": "containerd-devel-1.7.29-150000.128.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.7.29-150000.128.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:containerd-1.7.29-150000.128.1.aarch64"
},
"product_reference": "containerd-1.7.29-150000.128.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.7.29-150000.128.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:containerd-1.7.29-150000.128.1.x86_64"
},
"product_reference": "containerd-1.7.29-150000.128.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-ctr-1.7.29-150000.128.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:containerd-ctr-1.7.29-150000.128.1.aarch64"
},
"product_reference": "containerd-ctr-1.7.29-150000.128.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-ctr-1.7.29-150000.128.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:containerd-ctr-1.7.29-150000.128.1.x86_64"
},
"product_reference": "containerd-ctr-1.7.29-150000.128.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-devel-1.7.29-150000.128.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:containerd-devel-1.7.29-150000.128.1.aarch64"
},
"product_reference": "containerd-devel-1.7.29-150000.128.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-devel-1.7.29-150000.128.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:containerd-devel-1.7.29-150000.128.1.x86_64"
},
"product_reference": "containerd-devel-1.7.29-150000.128.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.7.29-150000.128.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:containerd-1.7.29-150000.128.1.aarch64"
},
"product_reference": "containerd-1.7.29-150000.128.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.7.29-150000.128.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:containerd-1.7.29-150000.128.1.x86_64"
},
"product_reference": "containerd-1.7.29-150000.128.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-ctr-1.7.29-150000.128.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:containerd-ctr-1.7.29-150000.128.1.aarch64"
},
"product_reference": "containerd-ctr-1.7.29-150000.128.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-ctr-1.7.29-150000.128.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:containerd-ctr-1.7.29-150000.128.1.x86_64"
},
"product_reference": "containerd-ctr-1.7.29-150000.128.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-devel-1.7.29-150000.128.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:containerd-devel-1.7.29-150000.128.1.aarch64"
},
"product_reference": "containerd-devel-1.7.29-150000.128.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-devel-1.7.29-150000.128.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:containerd-devel-1.7.29-150000.128.1.x86_64"
},
"product_reference": "containerd-devel-1.7.29-150000.128.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.7.29-150000.128.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:containerd-1.7.29-150000.128.1.aarch64"
},
"product_reference": "containerd-1.7.29-150000.128.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.7.29-150000.128.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:containerd-1.7.29-150000.128.1.ppc64le"
},
"product_reference": "containerd-1.7.29-150000.128.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.7.29-150000.128.1.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:containerd-1.7.29-150000.128.1.s390x"
},
"product_reference": "containerd-1.7.29-150000.128.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.7.29-150000.128.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:containerd-1.7.29-150000.128.1.x86_64"
},
"product_reference": "containerd-1.7.29-150000.128.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-ctr-1.7.29-150000.128.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:containerd-ctr-1.7.29-150000.128.1.aarch64"
},
"product_reference": "containerd-ctr-1.7.29-150000.128.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-ctr-1.7.29-150000.128.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:containerd-ctr-1.7.29-150000.128.1.ppc64le"
},
"product_reference": "containerd-ctr-1.7.29-150000.128.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-ctr-1.7.29-150000.128.1.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:containerd-ctr-1.7.29-150000.128.1.s390x"
},
"product_reference": "containerd-ctr-1.7.29-150000.128.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-ctr-1.7.29-150000.128.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:containerd-ctr-1.7.29-150000.128.1.x86_64"
},
"product_reference": "containerd-ctr-1.7.29-150000.128.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.7.29-150000.128.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:containerd-1.7.29-150000.128.1.aarch64"
},
"product_reference": "containerd-1.7.29-150000.128.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.7.29-150000.128.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:containerd-1.7.29-150000.128.1.ppc64le"
},
"product_reference": "containerd-1.7.29-150000.128.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.7.29-150000.128.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:containerd-1.7.29-150000.128.1.s390x"
},
"product_reference": "containerd-1.7.29-150000.128.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.7.29-150000.128.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:containerd-1.7.29-150000.128.1.x86_64"
},
"product_reference": "containerd-1.7.29-150000.128.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-ctr-1.7.29-150000.128.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:containerd-ctr-1.7.29-150000.128.1.aarch64"
},
"product_reference": "containerd-ctr-1.7.29-150000.128.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-ctr-1.7.29-150000.128.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:containerd-ctr-1.7.29-150000.128.1.ppc64le"
},
"product_reference": "containerd-ctr-1.7.29-150000.128.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-ctr-1.7.29-150000.128.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:containerd-ctr-1.7.29-150000.128.1.s390x"
},
"product_reference": "containerd-ctr-1.7.29-150000.128.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-ctr-1.7.29-150000.128.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:containerd-ctr-1.7.29-150000.128.1.x86_64"
},
"product_reference": "containerd-ctr-1.7.29-150000.128.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-devel-1.7.29-150000.128.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:containerd-devel-1.7.29-150000.128.1.aarch64"
},
"product_reference": "containerd-devel-1.7.29-150000.128.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-devel-1.7.29-150000.128.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:containerd-devel-1.7.29-150000.128.1.ppc64le"
},
"product_reference": "containerd-devel-1.7.29-150000.128.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-devel-1.7.29-150000.128.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:containerd-devel-1.7.29-150000.128.1.s390x"
},
"product_reference": "containerd-devel-1.7.29-150000.128.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-devel-1.7.29-150000.128.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:containerd-devel-1.7.29-150000.128.1.x86_64"
},
"product_reference": "containerd-devel-1.7.29-150000.128.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.7.29-150000.128.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:containerd-1.7.29-150000.128.1.aarch64"
},
"product_reference": "containerd-1.7.29-150000.128.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.7.29-150000.128.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:containerd-1.7.29-150000.128.1.ppc64le"
},
"product_reference": "containerd-1.7.29-150000.128.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.7.29-150000.128.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:containerd-1.7.29-150000.128.1.s390x"
},
"product_reference": "containerd-1.7.29-150000.128.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.7.29-150000.128.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:containerd-1.7.29-150000.128.1.x86_64"
},
"product_reference": "containerd-1.7.29-150000.128.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-ctr-1.7.29-150000.128.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:containerd-ctr-1.7.29-150000.128.1.aarch64"
},
"product_reference": "containerd-ctr-1.7.29-150000.128.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-ctr-1.7.29-150000.128.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:containerd-ctr-1.7.29-150000.128.1.ppc64le"
},
"product_reference": "containerd-ctr-1.7.29-150000.128.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-ctr-1.7.29-150000.128.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:containerd-ctr-1.7.29-150000.128.1.s390x"
},
"product_reference": "containerd-ctr-1.7.29-150000.128.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-ctr-1.7.29-150000.128.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:containerd-ctr-1.7.29-150000.128.1.x86_64"
},
"product_reference": "containerd-ctr-1.7.29-150000.128.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-devel-1.7.29-150000.128.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:containerd-devel-1.7.29-150000.128.1.aarch64"
},
"product_reference": "containerd-devel-1.7.29-150000.128.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-devel-1.7.29-150000.128.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:containerd-devel-1.7.29-150000.128.1.ppc64le"
},
"product_reference": "containerd-devel-1.7.29-150000.128.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-devel-1.7.29-150000.128.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:containerd-devel-1.7.29-150000.128.1.s390x"
},
"product_reference": "containerd-devel-1.7.29-150000.128.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-devel-1.7.29-150000.128.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:containerd-devel-1.7.29-150000.128.1.x86_64"
},
"product_reference": "containerd-devel-1.7.29-150000.128.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.7.29-150000.128.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:containerd-1.7.29-150000.128.1.ppc64le"
},
"product_reference": "containerd-1.7.29-150000.128.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.7.29-150000.128.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:containerd-1.7.29-150000.128.1.x86_64"
},
"product_reference": "containerd-1.7.29-150000.128.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-ctr-1.7.29-150000.128.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:containerd-ctr-1.7.29-150000.128.1.ppc64le"
},
"product_reference": "containerd-ctr-1.7.29-150000.128.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-ctr-1.7.29-150000.128.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:containerd-ctr-1.7.29-150000.128.1.x86_64"
},
"product_reference": "containerd-ctr-1.7.29-150000.128.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.7.29-150000.128.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:containerd-1.7.29-150000.128.1.ppc64le"
},
"product_reference": "containerd-1.7.29-150000.128.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.7.29-150000.128.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:containerd-1.7.29-150000.128.1.x86_64"
},
"product_reference": "containerd-1.7.29-150000.128.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-ctr-1.7.29-150000.128.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:containerd-ctr-1.7.29-150000.128.1.ppc64le"
},
"product_reference": "containerd-ctr-1.7.29-150000.128.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-ctr-1.7.29-150000.128.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:containerd-ctr-1.7.29-150000.128.1.x86_64"
},
"product_reference": "containerd-ctr-1.7.29-150000.128.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-devel-1.7.29-150000.128.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:containerd-devel-1.7.29-150000.128.1.ppc64le"
},
"product_reference": "containerd-devel-1.7.29-150000.128.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-devel-1.7.29-150000.128.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:containerd-devel-1.7.29-150000.128.1.x86_64"
},
"product_reference": "containerd-devel-1.7.29-150000.128.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.7.29-150000.128.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:containerd-1.7.29-150000.128.1.ppc64le"
},
"product_reference": "containerd-1.7.29-150000.128.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.7.29-150000.128.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:containerd-1.7.29-150000.128.1.x86_64"
},
"product_reference": "containerd-1.7.29-150000.128.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-ctr-1.7.29-150000.128.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:containerd-ctr-1.7.29-150000.128.1.ppc64le"
},
"product_reference": "containerd-ctr-1.7.29-150000.128.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-ctr-1.7.29-150000.128.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:containerd-ctr-1.7.29-150000.128.1.x86_64"
},
"product_reference": "containerd-ctr-1.7.29-150000.128.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-devel-1.7.29-150000.128.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:containerd-devel-1.7.29-150000.128.1.ppc64le"
},
"product_reference": "containerd-devel-1.7.29-150000.128.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-devel-1.7.29-150000.128.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:containerd-devel-1.7.29-150000.128.1.x86_64"
},
"product_reference": "containerd-devel-1.7.29-150000.128.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.7.29-150000.128.1.aarch64 as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:containerd-1.7.29-150000.128.1.aarch64"
},
"product_reference": "containerd-1.7.29-150000.128.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.7.29-150000.128.1.s390x as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:containerd-1.7.29-150000.128.1.s390x"
},
"product_reference": "containerd-1.7.29-150000.128.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.7.29-150000.128.1.x86_64 as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:containerd-1.7.29-150000.128.1.x86_64"
},
"product_reference": "containerd-1.7.29-150000.128.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.7.29-150000.128.1.aarch64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:containerd-1.7.29-150000.128.1.aarch64"
},
"product_reference": "containerd-1.7.29-150000.128.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.7.29-150000.128.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:containerd-1.7.29-150000.128.1.x86_64"
},
"product_reference": "containerd-1.7.29-150000.128.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-ctr-1.7.29-150000.128.1.aarch64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:containerd-ctr-1.7.29-150000.128.1.aarch64"
},
"product_reference": "containerd-ctr-1.7.29-150000.128.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-ctr-1.7.29-150000.128.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:containerd-ctr-1.7.29-150000.128.1.x86_64"
},
"product_reference": "containerd-ctr-1.7.29-150000.128.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.7.29-150000.128.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:containerd-1.7.29-150000.128.1.aarch64"
},
"product_reference": "containerd-1.7.29-150000.128.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.7.29-150000.128.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:containerd-1.7.29-150000.128.1.ppc64le"
},
"product_reference": "containerd-1.7.29-150000.128.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.7.29-150000.128.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:containerd-1.7.29-150000.128.1.s390x"
},
"product_reference": "containerd-1.7.29-150000.128.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.7.29-150000.128.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:containerd-1.7.29-150000.128.1.x86_64"
},
"product_reference": "containerd-1.7.29-150000.128.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-ctr-1.7.29-150000.128.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:containerd-ctr-1.7.29-150000.128.1.aarch64"
},
"product_reference": "containerd-ctr-1.7.29-150000.128.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-ctr-1.7.29-150000.128.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:containerd-ctr-1.7.29-150000.128.1.ppc64le"
},
"product_reference": "containerd-ctr-1.7.29-150000.128.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-ctr-1.7.29-150000.128.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:containerd-ctr-1.7.29-150000.128.1.s390x"
},
"product_reference": "containerd-ctr-1.7.29-150000.128.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-ctr-1.7.29-150000.128.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:containerd-ctr-1.7.29-150000.128.1.x86_64"
},
"product_reference": "containerd-ctr-1.7.29-150000.128.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-devel-1.7.29-150000.128.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:containerd-devel-1.7.29-150000.128.1.aarch64"
},
"product_reference": "containerd-devel-1.7.29-150000.128.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-devel-1.7.29-150000.128.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:containerd-devel-1.7.29-150000.128.1.ppc64le"
},
"product_reference": "containerd-devel-1.7.29-150000.128.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-devel-1.7.29-150000.128.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:containerd-devel-1.7.29-150000.128.1.s390x"
},
"product_reference": "containerd-devel-1.7.29-150000.128.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-devel-1.7.29-150000.128.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:containerd-devel-1.7.29-150000.128.1.x86_64"
},
"product_reference": "containerd-devel-1.7.29-150000.128.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-25621",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-25621"
}
],
"notes": [
{
"category": "general",
"text": "containerd is an open-source container runtime. Versions 0.1.0 through 1.7.28, 2.0.0-beta.0 through 2.0.6, 2.1.0-beta.0 through 2.1.4 and 2.2.0-beta.0 through 2.2.0-rc.1 have an overly broad default permission vulnerability. Directory paths `/var/lib/containerd`, `/run/containerd/io.containerd.grpc.v1.cri` and `/run/containerd/io.containerd.sandbox.controller.v1.shim` were all created with incorrect permissions. This issue is fixed in versions 1.7.29, 2.0.7, 2.1.5 and 2.2.0. Workarounds include updating system administrator permissions so the host can manually chmod the directories to not have group or world accessible permissions, or to run containerd in rootless mode.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:containerd-1.7.29-150000.128.1.aarch64",
"SUSE Enterprise Storage 7.1:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Enterprise Storage 7.1:containerd-ctr-1.7.29-150000.128.1.aarch64",
"SUSE Enterprise Storage 7.1:containerd-ctr-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:containerd-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:containerd-ctr-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:containerd-ctr-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:containerd-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:containerd-ctr-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:containerd-ctr-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:containerd-devel-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:containerd-devel-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:containerd-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:containerd-ctr-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:containerd-ctr-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:containerd-devel-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:containerd-devel-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:containerd-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:containerd-ctr-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:containerd-ctr-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:containerd-devel-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:containerd-devel-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:containerd-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:containerd-ctr-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:containerd-ctr-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:containerd-devel-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:containerd-devel-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:containerd-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:containerd-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Micro 5.2:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:containerd-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:containerd-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Micro 5.3:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:containerd-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:containerd-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Micro 5.4:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:containerd-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:containerd-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:containerd-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Micro 5.5:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:containerd-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:containerd-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:containerd-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:containerd-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:containerd-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:containerd-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:containerd-ctr-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:containerd-ctr-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:containerd-ctr-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:containerd-ctr-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:containerd-devel-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:containerd-devel-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:containerd-devel-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:containerd-devel-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:containerd-ctr-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:containerd-ctr-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:containerd-ctr-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP7:containerd-ctr-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:containerd-devel-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:containerd-devel-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:containerd-devel-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP7:containerd-devel-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:containerd-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:containerd-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:containerd-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:containerd-ctr-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:containerd-ctr-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:containerd-ctr-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:containerd-ctr-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:containerd-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:containerd-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:containerd-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:containerd-ctr-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:containerd-ctr-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:containerd-ctr-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:containerd-ctr-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:containerd-devel-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:containerd-devel-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:containerd-devel-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:containerd-devel-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:containerd-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:containerd-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:containerd-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:containerd-ctr-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:containerd-ctr-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:containerd-ctr-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:containerd-ctr-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:containerd-devel-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:containerd-devel-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:containerd-devel-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:containerd-devel-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:containerd-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:containerd-ctr-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:containerd-ctr-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:containerd-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:containerd-ctr-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:containerd-ctr-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:containerd-devel-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:containerd-devel-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:containerd-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:containerd-ctr-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:containerd-ctr-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:containerd-devel-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:containerd-devel-1.7.29-150000.128.1.x86_64",
"openSUSE Leap 15.6:containerd-1.7.29-150000.128.1.aarch64",
"openSUSE Leap 15.6:containerd-1.7.29-150000.128.1.ppc64le",
"openSUSE Leap 15.6:containerd-1.7.29-150000.128.1.s390x",
"openSUSE Leap 15.6:containerd-1.7.29-150000.128.1.x86_64",
"openSUSE Leap 15.6:containerd-ctr-1.7.29-150000.128.1.aarch64",
"openSUSE Leap 15.6:containerd-ctr-1.7.29-150000.128.1.ppc64le",
"openSUSE Leap 15.6:containerd-ctr-1.7.29-150000.128.1.s390x",
"openSUSE Leap 15.6:containerd-ctr-1.7.29-150000.128.1.x86_64",
"openSUSE Leap 15.6:containerd-devel-1.7.29-150000.128.1.aarch64",
"openSUSE Leap 15.6:containerd-devel-1.7.29-150000.128.1.ppc64le",
"openSUSE Leap 15.6:containerd-devel-1.7.29-150000.128.1.s390x",
"openSUSE Leap 15.6:containerd-devel-1.7.29-150000.128.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-25621",
"url": "https://www.suse.com/security/cve/CVE-2024-25621"
},
{
"category": "external",
"summary": "SUSE Bug 1253126 for CVE-2024-25621",
"url": "https://bugzilla.suse.com/1253126"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:containerd-1.7.29-150000.128.1.aarch64",
"SUSE Enterprise Storage 7.1:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Enterprise Storage 7.1:containerd-ctr-1.7.29-150000.128.1.aarch64",
"SUSE Enterprise Storage 7.1:containerd-ctr-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:containerd-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:containerd-ctr-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:containerd-ctr-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:containerd-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:containerd-ctr-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:containerd-ctr-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:containerd-devel-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:containerd-devel-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:containerd-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:containerd-ctr-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:containerd-ctr-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:containerd-devel-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:containerd-devel-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:containerd-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:containerd-ctr-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:containerd-ctr-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:containerd-devel-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:containerd-devel-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:containerd-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:containerd-ctr-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:containerd-ctr-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:containerd-devel-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:containerd-devel-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:containerd-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:containerd-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Micro 5.2:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:containerd-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:containerd-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Micro 5.3:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:containerd-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:containerd-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Micro 5.4:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:containerd-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:containerd-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:containerd-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Micro 5.5:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:containerd-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:containerd-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:containerd-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:containerd-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:containerd-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:containerd-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:containerd-ctr-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:containerd-ctr-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:containerd-ctr-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:containerd-ctr-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:containerd-devel-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:containerd-devel-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:containerd-devel-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:containerd-devel-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:containerd-ctr-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:containerd-ctr-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:containerd-ctr-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP7:containerd-ctr-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:containerd-devel-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:containerd-devel-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:containerd-devel-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP7:containerd-devel-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:containerd-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:containerd-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:containerd-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:containerd-ctr-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:containerd-ctr-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:containerd-ctr-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:containerd-ctr-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:containerd-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:containerd-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:containerd-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:containerd-ctr-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:containerd-ctr-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:containerd-ctr-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:containerd-ctr-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:containerd-devel-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:containerd-devel-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:containerd-devel-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:containerd-devel-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:containerd-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:containerd-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:containerd-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:containerd-ctr-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:containerd-ctr-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:containerd-ctr-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:containerd-ctr-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:containerd-devel-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:containerd-devel-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:containerd-devel-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:containerd-devel-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:containerd-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:containerd-ctr-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:containerd-ctr-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:containerd-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:containerd-ctr-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:containerd-ctr-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:containerd-devel-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:containerd-devel-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:containerd-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:containerd-ctr-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:containerd-ctr-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:containerd-devel-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:containerd-devel-1.7.29-150000.128.1.x86_64",
"openSUSE Leap 15.6:containerd-1.7.29-150000.128.1.aarch64",
"openSUSE Leap 15.6:containerd-1.7.29-150000.128.1.ppc64le",
"openSUSE Leap 15.6:containerd-1.7.29-150000.128.1.s390x",
"openSUSE Leap 15.6:containerd-1.7.29-150000.128.1.x86_64",
"openSUSE Leap 15.6:containerd-ctr-1.7.29-150000.128.1.aarch64",
"openSUSE Leap 15.6:containerd-ctr-1.7.29-150000.128.1.ppc64le",
"openSUSE Leap 15.6:containerd-ctr-1.7.29-150000.128.1.s390x",
"openSUSE Leap 15.6:containerd-ctr-1.7.29-150000.128.1.x86_64",
"openSUSE Leap 15.6:containerd-devel-1.7.29-150000.128.1.aarch64",
"openSUSE Leap 15.6:containerd-devel-1.7.29-150000.128.1.ppc64le",
"openSUSE Leap 15.6:containerd-devel-1.7.29-150000.128.1.s390x",
"openSUSE Leap 15.6:containerd-devel-1.7.29-150000.128.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:containerd-1.7.29-150000.128.1.aarch64",
"SUSE Enterprise Storage 7.1:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Enterprise Storage 7.1:containerd-ctr-1.7.29-150000.128.1.aarch64",
"SUSE Enterprise Storage 7.1:containerd-ctr-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:containerd-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:containerd-ctr-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:containerd-ctr-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:containerd-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:containerd-ctr-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:containerd-ctr-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:containerd-devel-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:containerd-devel-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:containerd-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:containerd-ctr-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:containerd-ctr-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:containerd-devel-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:containerd-devel-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:containerd-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:containerd-ctr-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:containerd-ctr-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:containerd-devel-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:containerd-devel-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:containerd-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:containerd-ctr-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:containerd-ctr-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:containerd-devel-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:containerd-devel-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:containerd-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:containerd-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Micro 5.2:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:containerd-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:containerd-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Micro 5.3:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:containerd-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:containerd-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Micro 5.4:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:containerd-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:containerd-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:containerd-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Micro 5.5:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:containerd-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:containerd-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:containerd-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:containerd-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:containerd-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:containerd-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:containerd-ctr-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:containerd-ctr-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:containerd-ctr-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:containerd-ctr-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:containerd-devel-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:containerd-devel-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:containerd-devel-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:containerd-devel-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:containerd-ctr-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:containerd-ctr-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:containerd-ctr-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP7:containerd-ctr-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:containerd-devel-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:containerd-devel-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:containerd-devel-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP7:containerd-devel-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:containerd-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:containerd-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:containerd-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:containerd-ctr-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:containerd-ctr-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:containerd-ctr-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:containerd-ctr-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:containerd-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:containerd-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:containerd-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:containerd-ctr-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:containerd-ctr-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:containerd-ctr-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:containerd-ctr-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:containerd-devel-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:containerd-devel-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:containerd-devel-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:containerd-devel-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:containerd-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:containerd-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:containerd-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:containerd-ctr-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:containerd-ctr-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:containerd-ctr-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:containerd-ctr-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:containerd-devel-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:containerd-devel-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:containerd-devel-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:containerd-devel-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:containerd-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:containerd-ctr-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:containerd-ctr-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:containerd-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:containerd-ctr-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:containerd-ctr-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:containerd-devel-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:containerd-devel-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:containerd-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:containerd-ctr-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:containerd-ctr-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:containerd-devel-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:containerd-devel-1.7.29-150000.128.1.x86_64",
"openSUSE Leap 15.6:containerd-1.7.29-150000.128.1.aarch64",
"openSUSE Leap 15.6:containerd-1.7.29-150000.128.1.ppc64le",
"openSUSE Leap 15.6:containerd-1.7.29-150000.128.1.s390x",
"openSUSE Leap 15.6:containerd-1.7.29-150000.128.1.x86_64",
"openSUSE Leap 15.6:containerd-ctr-1.7.29-150000.128.1.aarch64",
"openSUSE Leap 15.6:containerd-ctr-1.7.29-150000.128.1.ppc64le",
"openSUSE Leap 15.6:containerd-ctr-1.7.29-150000.128.1.s390x",
"openSUSE Leap 15.6:containerd-ctr-1.7.29-150000.128.1.x86_64",
"openSUSE Leap 15.6:containerd-devel-1.7.29-150000.128.1.aarch64",
"openSUSE Leap 15.6:containerd-devel-1.7.29-150000.128.1.ppc64le",
"openSUSE Leap 15.6:containerd-devel-1.7.29-150000.128.1.s390x",
"openSUSE Leap 15.6:containerd-devel-1.7.29-150000.128.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-28T08:25:49Z",
"details": "important"
}
],
"title": "CVE-2024-25621"
},
{
"cve": "CVE-2025-64329",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-64329"
}
],
"notes": [
{
"category": "general",
"text": "containerd is an open-source container runtime. Versions 1.7.28 and below, 2.0.0-beta.0 through 2.0.6, 2.1.0-beta.0 through 2.1.4, and 2.2.0-beta.0 through 2.2.0-rc.1 contain a bug in the CRI Attach implementation where a user can exhaust memory on the host due to goroutine leaks. This issue is fixed in versions 1.7.29, 2.0.7, 2.1.5 and 2.2.0. To workaround this vulnerability, users can set up an admission controller to control accesses to pods/attach resources.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:containerd-1.7.29-150000.128.1.aarch64",
"SUSE Enterprise Storage 7.1:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Enterprise Storage 7.1:containerd-ctr-1.7.29-150000.128.1.aarch64",
"SUSE Enterprise Storage 7.1:containerd-ctr-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:containerd-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:containerd-ctr-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:containerd-ctr-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:containerd-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:containerd-ctr-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:containerd-ctr-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:containerd-devel-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:containerd-devel-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:containerd-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:containerd-ctr-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:containerd-ctr-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:containerd-devel-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:containerd-devel-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:containerd-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:containerd-ctr-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:containerd-ctr-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:containerd-devel-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:containerd-devel-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:containerd-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:containerd-ctr-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:containerd-ctr-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:containerd-devel-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:containerd-devel-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:containerd-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:containerd-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Micro 5.2:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:containerd-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:containerd-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Micro 5.3:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:containerd-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:containerd-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Micro 5.4:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:containerd-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:containerd-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:containerd-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Micro 5.5:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:containerd-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:containerd-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:containerd-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:containerd-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:containerd-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:containerd-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:containerd-ctr-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:containerd-ctr-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:containerd-ctr-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:containerd-ctr-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:containerd-devel-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:containerd-devel-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:containerd-devel-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:containerd-devel-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:containerd-ctr-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:containerd-ctr-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:containerd-ctr-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP7:containerd-ctr-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:containerd-devel-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:containerd-devel-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:containerd-devel-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP7:containerd-devel-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:containerd-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:containerd-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:containerd-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:containerd-ctr-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:containerd-ctr-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:containerd-ctr-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:containerd-ctr-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:containerd-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:containerd-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:containerd-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:containerd-ctr-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:containerd-ctr-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:containerd-ctr-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:containerd-ctr-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:containerd-devel-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:containerd-devel-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:containerd-devel-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:containerd-devel-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:containerd-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:containerd-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:containerd-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:containerd-ctr-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:containerd-ctr-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:containerd-ctr-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:containerd-ctr-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:containerd-devel-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:containerd-devel-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:containerd-devel-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:containerd-devel-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:containerd-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:containerd-ctr-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:containerd-ctr-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:containerd-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:containerd-ctr-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:containerd-ctr-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:containerd-devel-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:containerd-devel-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:containerd-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:containerd-ctr-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:containerd-ctr-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:containerd-devel-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:containerd-devel-1.7.29-150000.128.1.x86_64",
"openSUSE Leap 15.6:containerd-1.7.29-150000.128.1.aarch64",
"openSUSE Leap 15.6:containerd-1.7.29-150000.128.1.ppc64le",
"openSUSE Leap 15.6:containerd-1.7.29-150000.128.1.s390x",
"openSUSE Leap 15.6:containerd-1.7.29-150000.128.1.x86_64",
"openSUSE Leap 15.6:containerd-ctr-1.7.29-150000.128.1.aarch64",
"openSUSE Leap 15.6:containerd-ctr-1.7.29-150000.128.1.ppc64le",
"openSUSE Leap 15.6:containerd-ctr-1.7.29-150000.128.1.s390x",
"openSUSE Leap 15.6:containerd-ctr-1.7.29-150000.128.1.x86_64",
"openSUSE Leap 15.6:containerd-devel-1.7.29-150000.128.1.aarch64",
"openSUSE Leap 15.6:containerd-devel-1.7.29-150000.128.1.ppc64le",
"openSUSE Leap 15.6:containerd-devel-1.7.29-150000.128.1.s390x",
"openSUSE Leap 15.6:containerd-devel-1.7.29-150000.128.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-64329",
"url": "https://www.suse.com/security/cve/CVE-2025-64329"
},
{
"category": "external",
"summary": "SUSE Bug 1253132 for CVE-2025-64329",
"url": "https://bugzilla.suse.com/1253132"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:containerd-1.7.29-150000.128.1.aarch64",
"SUSE Enterprise Storage 7.1:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Enterprise Storage 7.1:containerd-ctr-1.7.29-150000.128.1.aarch64",
"SUSE Enterprise Storage 7.1:containerd-ctr-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:containerd-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:containerd-ctr-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:containerd-ctr-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:containerd-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:containerd-ctr-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:containerd-ctr-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:containerd-devel-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:containerd-devel-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:containerd-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:containerd-ctr-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:containerd-ctr-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:containerd-devel-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:containerd-devel-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:containerd-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:containerd-ctr-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:containerd-ctr-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:containerd-devel-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:containerd-devel-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:containerd-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:containerd-ctr-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:containerd-ctr-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:containerd-devel-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:containerd-devel-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:containerd-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:containerd-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Micro 5.2:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:containerd-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:containerd-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Micro 5.3:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:containerd-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:containerd-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Micro 5.4:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:containerd-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:containerd-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:containerd-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Micro 5.5:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:containerd-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:containerd-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:containerd-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:containerd-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:containerd-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:containerd-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:containerd-ctr-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:containerd-ctr-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:containerd-ctr-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:containerd-ctr-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:containerd-devel-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:containerd-devel-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:containerd-devel-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:containerd-devel-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:containerd-ctr-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:containerd-ctr-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:containerd-ctr-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP7:containerd-ctr-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:containerd-devel-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:containerd-devel-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:containerd-devel-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP7:containerd-devel-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:containerd-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:containerd-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:containerd-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:containerd-ctr-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:containerd-ctr-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:containerd-ctr-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:containerd-ctr-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:containerd-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:containerd-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:containerd-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:containerd-ctr-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:containerd-ctr-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:containerd-ctr-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:containerd-ctr-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:containerd-devel-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:containerd-devel-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:containerd-devel-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:containerd-devel-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:containerd-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:containerd-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:containerd-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:containerd-ctr-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:containerd-ctr-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:containerd-ctr-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:containerd-ctr-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:containerd-devel-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:containerd-devel-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:containerd-devel-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:containerd-devel-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:containerd-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:containerd-ctr-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:containerd-ctr-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:containerd-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:containerd-ctr-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:containerd-ctr-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:containerd-devel-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:containerd-devel-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:containerd-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:containerd-ctr-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:containerd-ctr-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:containerd-devel-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:containerd-devel-1.7.29-150000.128.1.x86_64",
"openSUSE Leap 15.6:containerd-1.7.29-150000.128.1.aarch64",
"openSUSE Leap 15.6:containerd-1.7.29-150000.128.1.ppc64le",
"openSUSE Leap 15.6:containerd-1.7.29-150000.128.1.s390x",
"openSUSE Leap 15.6:containerd-1.7.29-150000.128.1.x86_64",
"openSUSE Leap 15.6:containerd-ctr-1.7.29-150000.128.1.aarch64",
"openSUSE Leap 15.6:containerd-ctr-1.7.29-150000.128.1.ppc64le",
"openSUSE Leap 15.6:containerd-ctr-1.7.29-150000.128.1.s390x",
"openSUSE Leap 15.6:containerd-ctr-1.7.29-150000.128.1.x86_64",
"openSUSE Leap 15.6:containerd-devel-1.7.29-150000.128.1.aarch64",
"openSUSE Leap 15.6:containerd-devel-1.7.29-150000.128.1.ppc64le",
"openSUSE Leap 15.6:containerd-devel-1.7.29-150000.128.1.s390x",
"openSUSE Leap 15.6:containerd-devel-1.7.29-150000.128.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:containerd-1.7.29-150000.128.1.aarch64",
"SUSE Enterprise Storage 7.1:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Enterprise Storage 7.1:containerd-ctr-1.7.29-150000.128.1.aarch64",
"SUSE Enterprise Storage 7.1:containerd-ctr-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:containerd-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:containerd-ctr-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:containerd-ctr-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:containerd-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:containerd-ctr-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:containerd-ctr-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:containerd-devel-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:containerd-devel-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:containerd-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:containerd-ctr-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:containerd-ctr-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:containerd-devel-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:containerd-devel-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:containerd-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:containerd-ctr-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:containerd-ctr-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:containerd-devel-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:containerd-devel-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:containerd-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:containerd-ctr-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:containerd-ctr-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:containerd-devel-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:containerd-devel-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:containerd-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:containerd-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Micro 5.2:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:containerd-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:containerd-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Micro 5.3:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:containerd-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:containerd-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Micro 5.4:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:containerd-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:containerd-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:containerd-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Micro 5.5:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:containerd-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:containerd-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:containerd-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:containerd-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:containerd-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:containerd-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:containerd-ctr-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:containerd-ctr-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:containerd-ctr-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:containerd-ctr-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:containerd-devel-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:containerd-devel-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:containerd-devel-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:containerd-devel-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:containerd-ctr-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:containerd-ctr-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:containerd-ctr-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP7:containerd-ctr-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:containerd-devel-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:containerd-devel-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:containerd-devel-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP7:containerd-devel-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:containerd-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:containerd-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:containerd-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:containerd-ctr-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:containerd-ctr-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:containerd-ctr-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:containerd-ctr-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:containerd-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:containerd-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:containerd-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:containerd-ctr-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:containerd-ctr-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:containerd-ctr-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:containerd-ctr-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:containerd-devel-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:containerd-devel-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:containerd-devel-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:containerd-devel-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:containerd-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:containerd-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:containerd-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:containerd-ctr-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:containerd-ctr-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:containerd-ctr-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:containerd-ctr-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:containerd-devel-1.7.29-150000.128.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:containerd-devel-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:containerd-devel-1.7.29-150000.128.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:containerd-devel-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:containerd-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:containerd-ctr-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:containerd-ctr-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:containerd-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:containerd-ctr-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:containerd-ctr-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:containerd-devel-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:containerd-devel-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:containerd-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:containerd-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:containerd-ctr-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:containerd-ctr-1.7.29-150000.128.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:containerd-devel-1.7.29-150000.128.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:containerd-devel-1.7.29-150000.128.1.x86_64",
"openSUSE Leap 15.6:containerd-1.7.29-150000.128.1.aarch64",
"openSUSE Leap 15.6:containerd-1.7.29-150000.128.1.ppc64le",
"openSUSE Leap 15.6:containerd-1.7.29-150000.128.1.s390x",
"openSUSE Leap 15.6:containerd-1.7.29-150000.128.1.x86_64",
"openSUSE Leap 15.6:containerd-ctr-1.7.29-150000.128.1.aarch64",
"openSUSE Leap 15.6:containerd-ctr-1.7.29-150000.128.1.ppc64le",
"openSUSE Leap 15.6:containerd-ctr-1.7.29-150000.128.1.s390x",
"openSUSE Leap 15.6:containerd-ctr-1.7.29-150000.128.1.x86_64",
"openSUSE Leap 15.6:containerd-devel-1.7.29-150000.128.1.aarch64",
"openSUSE Leap 15.6:containerd-devel-1.7.29-150000.128.1.ppc64le",
"openSUSE Leap 15.6:containerd-devel-1.7.29-150000.128.1.s390x",
"openSUSE Leap 15.6:containerd-devel-1.7.29-150000.128.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-28T08:25:49Z",
"details": "moderate"
}
],
"title": "CVE-2025-64329"
}
]
}
SUSE-SU-2025:21057-1
Vulnerability from csaf_suse - Published: 2025-11-14 10:08 - Updated: 2025-11-14 10:08Summary
Security update for containerd
Notes
Title of the patch
Security update for containerd
Description of the patch
This update for containerd fixes the following issues:
- CVE-2024-25621: Fixed overly broad default permission vulnerability (bsc#1253126).
- CVE-2025-64329: Fixed goroutine leaks can lead to memory exhaustion on the host (bsc#1253132).
Patchnames
SUSE-SLE-Micro-6.1-336
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for containerd",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for containerd fixes the following issues:\n\n- CVE-2024-25621: Fixed overly broad default permission vulnerability (bsc#1253126).\n- CVE-2025-64329: Fixed goroutine leaks can lead to memory exhaustion on the host (bsc#1253132).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.1-336",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_21057-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:21057-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202521057-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:21057-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-November/023418.html"
},
{
"category": "self",
"summary": "SUSE Bug 1253126",
"url": "https://bugzilla.suse.com/1253126"
},
{
"category": "self",
"summary": "SUSE Bug 1253132",
"url": "https://bugzilla.suse.com/1253132"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-25621 page",
"url": "https://www.suse.com/security/cve/CVE-2024-25621/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-64329 page",
"url": "https://www.suse.com/security/cve/CVE-2025-64329/"
}
],
"title": "Security update for containerd",
"tracking": {
"current_release_date": "2025-11-14T10:08:48Z",
"generator": {
"date": "2025-11-14T10:08:48Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:21057-1",
"initial_release_date": "2025-11-14T10:08:48Z",
"revision_history": [
{
"date": "2025-11-14T10:08:48Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "containerd-1.7.29-slfo.1.1_1.1.aarch64",
"product": {
"name": "containerd-1.7.29-slfo.1.1_1.1.aarch64",
"product_id": "containerd-1.7.29-slfo.1.1_1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "containerd-1.7.29-slfo.1.1_1.1.ppc64le",
"product": {
"name": "containerd-1.7.29-slfo.1.1_1.1.ppc64le",
"product_id": "containerd-1.7.29-slfo.1.1_1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "containerd-1.7.29-slfo.1.1_1.1.s390x",
"product": {
"name": "containerd-1.7.29-slfo.1.1_1.1.s390x",
"product_id": "containerd-1.7.29-slfo.1.1_1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "containerd-1.7.29-slfo.1.1_1.1.x86_64",
"product": {
"name": "containerd-1.7.29-slfo.1.1_1.1.x86_64",
"product_id": "containerd-1.7.29-slfo.1.1_1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.1",
"product": {
"name": "SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.7.29-slfo.1.1_1.1.aarch64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:containerd-1.7.29-slfo.1.1_1.1.aarch64"
},
"product_reference": "containerd-1.7.29-slfo.1.1_1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.7.29-slfo.1.1_1.1.ppc64le as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:containerd-1.7.29-slfo.1.1_1.1.ppc64le"
},
"product_reference": "containerd-1.7.29-slfo.1.1_1.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.7.29-slfo.1.1_1.1.s390x as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:containerd-1.7.29-slfo.1.1_1.1.s390x"
},
"product_reference": "containerd-1.7.29-slfo.1.1_1.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.7.29-slfo.1.1_1.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:containerd-1.7.29-slfo.1.1_1.1.x86_64"
},
"product_reference": "containerd-1.7.29-slfo.1.1_1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-25621",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-25621"
}
],
"notes": [
{
"category": "general",
"text": "containerd is an open-source container runtime. Versions 0.1.0 through 1.7.28, 2.0.0-beta.0 through 2.0.6, 2.1.0-beta.0 through 2.1.4 and 2.2.0-beta.0 through 2.2.0-rc.1 have an overly broad default permission vulnerability. Directory paths `/var/lib/containerd`, `/run/containerd/io.containerd.grpc.v1.cri` and `/run/containerd/io.containerd.sandbox.controller.v1.shim` were all created with incorrect permissions. This issue is fixed in versions 1.7.29, 2.0.7, 2.1.5 and 2.2.0. Workarounds include updating system administrator permissions so the host can manually chmod the directories to not have group or world accessible permissions, or to run containerd in rootless mode.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:containerd-1.7.29-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:containerd-1.7.29-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:containerd-1.7.29-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:containerd-1.7.29-slfo.1.1_1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-25621",
"url": "https://www.suse.com/security/cve/CVE-2024-25621"
},
{
"category": "external",
"summary": "SUSE Bug 1253126 for CVE-2024-25621",
"url": "https://bugzilla.suse.com/1253126"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:containerd-1.7.29-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:containerd-1.7.29-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:containerd-1.7.29-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:containerd-1.7.29-slfo.1.1_1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:containerd-1.7.29-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:containerd-1.7.29-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:containerd-1.7.29-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:containerd-1.7.29-slfo.1.1_1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-14T10:08:48Z",
"details": "important"
}
],
"title": "CVE-2024-25621"
},
{
"cve": "CVE-2025-64329",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-64329"
}
],
"notes": [
{
"category": "general",
"text": "containerd is an open-source container runtime. Versions 1.7.28 and below, 2.0.0-beta.0 through 2.0.6, 2.1.0-beta.0 through 2.1.4, and 2.2.0-beta.0 through 2.2.0-rc.1 contain a bug in the CRI Attach implementation where a user can exhaust memory on the host due to goroutine leaks. This issue is fixed in versions 1.7.29, 2.0.7, 2.1.5 and 2.2.0. To workaround this vulnerability, users can set up an admission controller to control accesses to pods/attach resources.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:containerd-1.7.29-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:containerd-1.7.29-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:containerd-1.7.29-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:containerd-1.7.29-slfo.1.1_1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-64329",
"url": "https://www.suse.com/security/cve/CVE-2025-64329"
},
{
"category": "external",
"summary": "SUSE Bug 1253132 for CVE-2025-64329",
"url": "https://bugzilla.suse.com/1253132"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:containerd-1.7.29-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:containerd-1.7.29-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:containerd-1.7.29-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:containerd-1.7.29-slfo.1.1_1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:containerd-1.7.29-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:containerd-1.7.29-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:containerd-1.7.29-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:containerd-1.7.29-slfo.1.1_1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-14T10:08:48Z",
"details": "moderate"
}
],
"title": "CVE-2025-64329"
}
]
}
SUSE-SU-2025:21042-1
Vulnerability from csaf_suse - Published: 2025-11-14 08:36 - Updated: 2025-11-14 08:36Summary
Security update for containerd
Notes
Title of the patch
Security update for containerd
Description of the patch
This update for containerd fixes the following issues:
Update to containerd v1.7.29:
- CVE-2024-25621: Fixed overly broad default permission vulnerability (bsc#1253126).
- CVE-2025-64329: Fixed goroutine leaks that could have led to memory exhaustion on the host (bsc#1253132).
Patchnames
SUSE-SLE-Micro-6.0-517
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for containerd",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for containerd fixes the following issues:\n\nUpdate to containerd v1.7.29:\n\n- CVE-2024-25621: Fixed overly broad default permission vulnerability (bsc#1253126).\n- CVE-2025-64329: Fixed goroutine leaks that could have led to memory exhaustion on the host (bsc#1253132).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.0-517",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_21042-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:21042-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202521042-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:21042-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-November/023393.html"
},
{
"category": "self",
"summary": "SUSE Bug 1253126",
"url": "https://bugzilla.suse.com/1253126"
},
{
"category": "self",
"summary": "SUSE Bug 1253132",
"url": "https://bugzilla.suse.com/1253132"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-25621 page",
"url": "https://www.suse.com/security/cve/CVE-2024-25621/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-64329 page",
"url": "https://www.suse.com/security/cve/CVE-2025-64329/"
}
],
"title": "Security update for containerd",
"tracking": {
"current_release_date": "2025-11-14T08:36:43Z",
"generator": {
"date": "2025-11-14T08:36:43Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:21042-1",
"initial_release_date": "2025-11-14T08:36:43Z",
"revision_history": [
{
"date": "2025-11-14T08:36:43Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "containerd-1.7.29-1.1.aarch64",
"product": {
"name": "containerd-1.7.29-1.1.aarch64",
"product_id": "containerd-1.7.29-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "containerd-1.7.29-1.1.s390x",
"product": {
"name": "containerd-1.7.29-1.1.s390x",
"product_id": "containerd-1.7.29-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "containerd-1.7.29-1.1.x86_64",
"product": {
"name": "containerd-1.7.29-1.1.x86_64",
"product_id": "containerd-1.7.29-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.0",
"product": {
"name": "SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.0"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.7.29-1.1.aarch64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:containerd-1.7.29-1.1.aarch64"
},
"product_reference": "containerd-1.7.29-1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.7.29-1.1.s390x as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:containerd-1.7.29-1.1.s390x"
},
"product_reference": "containerd-1.7.29-1.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.7.29-1.1.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:containerd-1.7.29-1.1.x86_64"
},
"product_reference": "containerd-1.7.29-1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-25621",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-25621"
}
],
"notes": [
{
"category": "general",
"text": "containerd is an open-source container runtime. Versions 0.1.0 through 1.7.28, 2.0.0-beta.0 through 2.0.6, 2.1.0-beta.0 through 2.1.4 and 2.2.0-beta.0 through 2.2.0-rc.1 have an overly broad default permission vulnerability. Directory paths `/var/lib/containerd`, `/run/containerd/io.containerd.grpc.v1.cri` and `/run/containerd/io.containerd.sandbox.controller.v1.shim` were all created with incorrect permissions. This issue is fixed in versions 1.7.29, 2.0.7, 2.1.5 and 2.2.0. Workarounds include updating system administrator permissions so the host can manually chmod the directories to not have group or world accessible permissions, or to run containerd in rootless mode.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:containerd-1.7.29-1.1.aarch64",
"SUSE Linux Micro 6.0:containerd-1.7.29-1.1.s390x",
"SUSE Linux Micro 6.0:containerd-1.7.29-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-25621",
"url": "https://www.suse.com/security/cve/CVE-2024-25621"
},
{
"category": "external",
"summary": "SUSE Bug 1253126 for CVE-2024-25621",
"url": "https://bugzilla.suse.com/1253126"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:containerd-1.7.29-1.1.aarch64",
"SUSE Linux Micro 6.0:containerd-1.7.29-1.1.s390x",
"SUSE Linux Micro 6.0:containerd-1.7.29-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:containerd-1.7.29-1.1.aarch64",
"SUSE Linux Micro 6.0:containerd-1.7.29-1.1.s390x",
"SUSE Linux Micro 6.0:containerd-1.7.29-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-14T08:36:43Z",
"details": "important"
}
],
"title": "CVE-2024-25621"
},
{
"cve": "CVE-2025-64329",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-64329"
}
],
"notes": [
{
"category": "general",
"text": "containerd is an open-source container runtime. Versions 1.7.28 and below, 2.0.0-beta.0 through 2.0.6, 2.1.0-beta.0 through 2.1.4, and 2.2.0-beta.0 through 2.2.0-rc.1 contain a bug in the CRI Attach implementation where a user can exhaust memory on the host due to goroutine leaks. This issue is fixed in versions 1.7.29, 2.0.7, 2.1.5 and 2.2.0. To workaround this vulnerability, users can set up an admission controller to control accesses to pods/attach resources.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:containerd-1.7.29-1.1.aarch64",
"SUSE Linux Micro 6.0:containerd-1.7.29-1.1.s390x",
"SUSE Linux Micro 6.0:containerd-1.7.29-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-64329",
"url": "https://www.suse.com/security/cve/CVE-2025-64329"
},
{
"category": "external",
"summary": "SUSE Bug 1253132 for CVE-2025-64329",
"url": "https://bugzilla.suse.com/1253132"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:containerd-1.7.29-1.1.aarch64",
"SUSE Linux Micro 6.0:containerd-1.7.29-1.1.s390x",
"SUSE Linux Micro 6.0:containerd-1.7.29-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:containerd-1.7.29-1.1.aarch64",
"SUSE Linux Micro 6.0:containerd-1.7.29-1.1.s390x",
"SUSE Linux Micro 6.0:containerd-1.7.29-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-14T08:36:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-64329"
}
]
}
GHSA-PWHC-RPQ9-4C8W
Vulnerability from github – Published: 2025-11-06 15:12 – Updated: 2025-11-06 23:12
VLAI?
Summary
containerd affected by a local privilege escalation via wide permissions on CRI directory
Details
Impact
An overly broad default permission vulnerability was found in containerd.
/var/lib/containerdwas created with the permission bits 0o711, while it should be created with 0o700- Allowed local users on the host to potentially access the metadata store and the content store
/run/containerd/io.containerd.grpc.v1.criwas created with 0o755, while it should be created with 0o700- Allowed local users on the host to potentially access the contents of Kubernetes local volumes. The contents of volumes might include setuid binaries, which could allow a local user on the host to elevate privileges on the host.
/run/containerd/io.containerd.sandbox.controller.v1.shimwas created with 0o711, while it should be created with 0o700
The directory paths may differ depending on the daemon configuration.
When the temp directory path is specified in the daemon configuration, that directory was also created with 0o711, while it should be created with 0o700.
Patches
This bug has been fixed in the following containerd versions:
- 2.2.0
- 2.1.5
- 2.0.7
- 1.7.29
Users should update to these versions to resolve the issue. These updates automatically change the permissions of the existing directories.
[!NOTE]
/run/containerdand/run/containerd/io.containerd.runtime.v2.taskare still created with 0o711. This is an expected behavior for supporting userns-remapped containers.
Workarounds
The system administrator on the host can manually chmod the directories to not have group or world accessible permisisons:
chmod 700 /var/lib/containerd
chmod 700 /run/containerd/io.containerd.grpc.v1.cri
chmod 700 /run/containerd/io.containerd.sandbox.controller.v1.shim
An alternative mitigation would be to run containerd in rootless mode.
Credits
The containerd project would like to thank David Leadbeater for responsibly disclosing this issue in accordance with the containerd security policy.
For more information
If you have any questions or comments about this advisory:
- Open an issue in containerd
- Email us at security@containerd.io
To report a security issue in containerd:
Severity ?
7.3 (High)
{
"affected": [
{
"package": {
"ecosystem": "Go",
"name": "github.com/containerd/containerd"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.7.29"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Go",
"name": "github.com/containerd/containerd/v2"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.0.7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Go",
"name": "github.com/containerd/containerd/v2"
},
"ranges": [
{
"events": [
{
"introduced": "2.1.0-beta.0"
},
{
"fixed": "2.1.5"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Go",
"name": "github.com/containerd/containerd/v2"
},
"ranges": [
{
"events": [
{
"introduced": "2.2.0-beta.0"
},
{
"fixed": "2.2.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2024-25621"
],
"database_specific": {
"cwe_ids": [
"CWE-279"
],
"github_reviewed": true,
"github_reviewed_at": "2025-11-06T15:12:08Z",
"nvd_published_at": "2025-11-06T19:15:40Z",
"severity": "HIGH"
},
"details": "### Impact\n\nAn overly broad default permission vulnerability was found in containerd.\n\n- `/var/lib/containerd` was created with the permission bits 0o711, while it should be created with 0o700\n - Allowed local users on the host to potentially access the metadata store and the content store\n- `/run/containerd/io.containerd.grpc.v1.cri` was created with 0o755, while it should be created with 0o700\n - Allowed local users on the host to potentially access the contents of Kubernetes local volumes. The contents of volumes might include setuid binaries, which could allow a local user on the host to elevate privileges on the host.\n- `/run/containerd/io.containerd.sandbox.controller.v1.shim` was created with 0o711, while it should be created with 0o700\n\nThe directory paths may differ depending on the daemon configuration.\nWhen the `temp` directory path is specified in the daemon configuration, that directory was also created with 0o711, while it should be created with 0o700.\n\n### Patches\n\nThis bug has been fixed in the following containerd versions:\n\n* 2.2.0\n* 2.1.5\n* 2.0.7\n* 1.7.29\n\nUsers should update to these versions to resolve the issue.\nThese updates automatically change the permissions of the existing directories.\n\n\u003e [!NOTE]\n\u003e\n\u003e `/run/containerd` and `/run/containerd/io.containerd.runtime.v2.task` are still created with 0o711.\n\u003e This is an expected behavior for supporting userns-remapped containers.\n\n### Workarounds\n\nThe system administrator on the host can manually chmod the directories to not \nhave group or world accessible permisisons:\n\n```\nchmod 700 /var/lib/containerd\nchmod 700 /run/containerd/io.containerd.grpc.v1.cri\nchmod 700 /run/containerd/io.containerd.sandbox.controller.v1.shim\n```\n\nAn alternative mitigation would be to run containerd in [rootless mode](https://github.com/containerd/containerd/blob/main/docs/rootless.md).\n\n### Credits\n\nThe containerd project would like to thank David Leadbeater for responsibly disclosing this issue in accordance with the [containerd security policy](https://github.com/containerd/project/blob/main/SECURITY.md).\n\n### For more information\n\nIf you have any questions or comments about this advisory:\n\n* Open an issue in [containerd](https://github.com/containerd/containerd/issues/new/choose)\n* Email us at [security@containerd.io](mailto:security@containerd.io)\n\nTo report a security issue in containerd:\n\n* [Report a new vulnerability](https://github.com/containerd/containerd/security/advisories/new)",
"id": "GHSA-pwhc-rpq9-4c8w",
"modified": "2025-11-06T23:12:26Z",
"published": "2025-11-06T15:12:08Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/containerd/containerd/security/advisories/GHSA-pwhc-rpq9-4c8w"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-25621"
},
{
"type": "WEB",
"url": "https://github.com/containerd/containerd/commit/7c59e8e9e970d38061a77b586b23655c352bfec5"
},
{
"type": "PACKAGE",
"url": "https://github.com/containerd/containerd"
},
{
"type": "WEB",
"url": "https://github.com/containerd/containerd/blob/main/docs/rootless.md"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "containerd affected by a local privilege escalation via wide permissions on CRI directory"
}
FKIE_CVE-2024-25621
Vulnerability from fkie_nvd - Published: 2025-11-06 19:15 - Updated: 2025-11-06 19:45
Severity ?
Summary
containerd is an open-source container runtime. Versions 0.1.0 through 1.7.28, 2.0.0-beta.0 through 2.0.6, 2.1.0-beta.0 through 2.1.4 and 2.2.0-beta.0 through 2.2.0-rc.1 have an overly broad default permission vulnerability. Directory paths `/var/lib/containerd`, `/run/containerd/io.containerd.grpc.v1.cri` and `/run/containerd/io.containerd.sandbox.controller.v1.shim` were all created with incorrect permissions. This issue is fixed in versions 1.7.29, 2.0.7, 2.1.5 and 2.2.0. Workarounds include updating system administrator permissions so the host can manually chmod the directories to not have group or world accessible permissions, or to run containerd in rootless mode.
References
| URL | Tags | ||
|---|---|---|---|
| security-advisories@github.com | https://github.com/containerd/containerd/blob/main/docs/rootless.md | ||
| security-advisories@github.com | https://github.com/containerd/containerd/commit/7c59e8e9e970d38061a77b586b23655c352bfec5 | ||
| security-advisories@github.com | https://github.com/containerd/containerd/security/advisories/GHSA-pwhc-rpq9-4c8w |
Impacted products
| Vendor | Product | Version |
|---|
{
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "containerd is an open-source container runtime. Versions 0.1.0 through 1.7.28, 2.0.0-beta.0 through 2.0.6, 2.1.0-beta.0 through 2.1.4 and 2.2.0-beta.0 through 2.2.0-rc.1 have an overly broad default permission vulnerability. Directory paths `/var/lib/containerd`, `/run/containerd/io.containerd.grpc.v1.cri` and `/run/containerd/io.containerd.sandbox.controller.v1.shim` were all created with incorrect permissions. This issue is fixed in versions 1.7.29, 2.0.7, 2.1.5 and 2.2.0. Workarounds include updating system administrator permissions so the host can manually chmod the directories to not have group or world accessible permissions, or to run containerd in rootless mode."
}
],
"id": "CVE-2024-25621",
"lastModified": "2025-11-06T19:45:09.883",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.3,
"impactScore": 5.9,
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
},
"published": "2025-11-06T19:15:40.090",
"references": [
{
"source": "security-advisories@github.com",
"url": "https://github.com/containerd/containerd/blob/main/docs/rootless.md"
},
{
"source": "security-advisories@github.com",
"url": "https://github.com/containerd/containerd/commit/7c59e8e9e970d38061a77b586b23655c352bfec5"
},
{
"source": "security-advisories@github.com",
"url": "https://github.com/containerd/containerd/security/advisories/GHSA-pwhc-rpq9-4c8w"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Awaiting Analysis",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-279"
}
],
"source": "security-advisories@github.com",
"type": "Primary"
}
]
}
GSD-2024-25621
Vulnerability from gsd - Updated: 2024-02-09 06:02Details
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
Aliases
{
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2024-25621"
],
"id": "GSD-2024-25621",
"modified": "2024-02-09T06:02:34.345928Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2024-25621",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…