This bug was fixed in the package containerd - 1.5.9-0ubuntu1~20.04.4
---
containerd (1.5.9-0ubuntu1~20.04.4) focal-security; urgency=medium
* SECURITY UPDATE: Insecure handling of image volumes
- debian/patches/CVE-2022-23648.patch: Use fs.RootPath when mounting
volumes. (L
This bug was fixed in the package containerd - 1.5.9-0ubuntu1~21.10.3
---
containerd (1.5.9-0ubuntu1~21.10.3) impish-security; urgency=medium
* SECURITY UPDATE: Insecure handling of image volumes
- debian/patches/CVE-2022-23648.patch: Use fs.RootPath when mounting
volumes. (
** Changed in: containerd (Ubuntu)
Assignee: (unassigned) => Paulo Flabiano Smorigo (pfsmorigo)
** Changed in: containerd (Ubuntu Focal)
Assignee: (unassigned) => Paulo Flabiano Smorigo (pfsmorigo)
** Changed in: containerd (Ubuntu Impish)
Assignee: (unassigned) => Paulo Flabiano S
** Description changed:
Hi,
CVE-2022-23648 allows leaking files on the host inside containers given
an attacker crafted image if you use containerd's CRI implementation
(e.g. Kubernetes). Ubuntu fixed this in `1.5.5-0ubuntu3~20.04.2` on
focal, as noted in [this security
advisory](ht
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1973054
Title:
containerd regression for CVE-2022-23648 in latest version
1.5.9-0
