Debian Security Advisory
DSA-5091-1 containerd -- security update
- Date Reported:
- 06 Mar 2022
- Affected Packages:
- containerd
- Vulnerable:
- Yes
- Security database references:
- In Mitre's CVE dictionary: CVE-2022-23648.
- More information:
-
Felix Wilhelm discovered that the containerd container runtime was susceptible to information disclosure via malformed container images.
For the stable distribution (bullseye), this problem has been fixed in version 1.4.13~ds1-1~deb11u1.
We recommend that you upgrade your containerd packages.
For the detailed security status of containerd please refer to its security tracker page at: https://security-tracker.debian.org/tracker/containerd