USN-7983-1

Details

David Leadbeater discovered that containerd incorrectly set certain directory path permissions. An attacker could possibly use this issue to achieve unauthorised access to the files. (CVE-2024-25621)

It was discovered that containerd did not properly handle the execution of the goroutine of container attach. An attacker could possibly use this issue to cause a denial of service. (CVE-2025-64329)

Affected Packages

containerd

Ubuntu 22.04 LTS

Fixed in:

1.6.12-0ubuntu1~22.04.10

containerd-app

Ubuntu 24.04 LTS

Fixed in:

1.7.28-0ubuntu1~24.04.2

containerd

Ubuntu 25.10

Fixed in:

1.7.24~ds1-8ubuntu1.1

containerd-app

Ubuntu 25.10

Fixed in:

2.1.3-0ubuntu3.1

containerd

Ubuntu Pro 16.04 LTS

Fixed in:

1.2.6-0ubuntu1~16.04.6+esm6

containerd

Ubuntu Pro 18.04 LTS

Fixed in:

1.6.12-0ubuntu1~18.04.1+esm3

containerd

Ubuntu Pro 20.04 LTS

Fixed in:

1.6.12-0ubuntu1~20.04.8+esm1

containerd-app

Ubuntu Pro 20.04 LTS

Fixed in:

1.7.24-0ubuntu1~20.04.2+esm1

containerd-app

Ubuntu Pro 22.04 LTS

Fixed in:

1.7.28-0ubuntu1~22.04.1+esm1

containerd

Ubuntu Pro 24.04 LTS

Fixed in:

1.6.24~ds1-1ubuntu1.3+esm2

References

REPORT

https://ubuntu.com/security/CVE-2024-25621

REPORT

https://ubuntu.com/security/CVE-2025-64329

ADVISORY

https://ubuntu.com/security/notices/USN-7983-1