Ce mail provient de l'extérieur, restons vigilants

=====================================================================

                            CERT-Renater

                Note d'Information No. 2026/VULN656
_____________________________________________________________________

DATE                : 19/06/2026

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): Systems running containerd (Go) versions prior
                                        to 1.7.33,
                  containerd/v2 (Go) versions prior to 2.3.2, 2.2.5,
                                   2.1.9, 2.0.10.
 
=====================================================================
https://github.com/containerd/containerd/security/advisories/GHSA-xhf5-7wjv-pqxp
https://github.com/containerd/containerd/security/advisories/GHSA-cvxm-645q-p574
https://github.com/containerd/containerd/security/advisories/GHSA-33vj-92qq-66hc
https://github.com/containerd/containerd/security/advisories/GHSA-rgh6-rfwx-v388
https://github.com/containerd/containerd/security/advisories/GHSA-jpcc-p29g-p8mq
_____________________________________________________________________

containerd CRI — image-config LABEL flows to host-root command
execution from an image pull

Critical
samuelkarp published GHSA-xhf5-7wjv-pqxp Jun 19, 2026

Package
github.com/containerd/containerd (Go)

Affected versions
>= 1.7.0, < 1.7.33
Patched versions
1.7.33

github.com/containerd/containerd/v2 (Go)

Affected versions
>= 2.0.0, < 2.0.10, >= 2.1.0, < 2.1.9, >= 2.2.0, < 2.2.5, >= 2.3.0, < 2.3.2
Patched versions
2.3.2, 2.2.5, 2.1.9, 2.0.10

Description

Impact

A bug was found in containerd where the CRI plugin propagates labels
from an image config (LABEL instruction in Dockerfile) to a container
without validation. This may result in executing an arbitrary command
on the host, via a plugin that consumes container labels for some
operations.


Patches

This bug has been fixed in the following containerd versions:

    2.3.2
    2.2.5
    2.1.9
    2.0.10
    1.7.33

Users should update to these versions to resolve the issue.


Workarounds

Ensure that only trusted images are used.
Credits

The containerd project would like to thank Anthropic Research, in
collaboration with Claude, the GKE Security Team using Gemini,
and Robert Prast (@robertprast) for independently discovering
and responsibly disclosing this issue in accordance with the
containerd security policy.


For more information

If you have any questions or comments about this advisory:

    Open an issue in containerd
    Email us at security@containerd.io

To report a security issue in containerd:

    Report a new vulnerability
    Email us at security@containerd.io

Severity
Critical

CVE ID
CVE-2026-53488

Weaknesses
No CWEs

Credits

    @robertprast robertprast Reporter

_____________________________________________________________________


CRI checkpoint import allows local image tag poisoning
Critical
samuelkarp published GHSA-cvxm-645q-p574 Jun 19, 2026

Package
github.com/containerd/containerd/v2 (Go)

Affected versions
>= 2.1.0, < 2.1.9, >= 2.2.0, < 2.2.5, >= 2.3.0, < 2.3.2

Patched versions
2.3.2, 2.2.5, 2.1.9

Description
Impact

containerd's CRI checkpoint import process contains a
vulnerability where it fails to validate the image
references specified within a checkpoint image's
configuration. An attacker with permissions to create
pods can use a crafted checkpoint image to force
containerd to pull a malicious image and assign it an
arbitrary local tag, thereby poisoning the node's
local image cache. Subsequently, if other pods on the
same node attempt to use the poisoned tag with an
IfNotPresent (or Never) pull policy, they will
unknowingly execute the attacker's malicious image
instead of the legitimate one. This can lead to a
compromise of the affected pods, allowing the attacker
to execute arbitrary code under the victim pod's
identity.


Patches

This bug has been fixed in the following containerd
versions:

    2.3.2
    2.2.5
    2.1.9

Users should update to these versions to resolve the
issue.


Workarounds

Users should only allow trusted images to be pulled.


Credits

The containerd project would like to thank Henry Beberman
(@hbeberman) of Microsoft, the GKE Security Team using
Gemini, Anthropic Research, in collaboration with Claude,
and Robert Prast (@robertprast) who independently
discovered and responsibly disclosed this issue in
accordance with the containerd security policy.


For more information

If you have any questions or comments about this advisory:

    Open an issue in containerd
    Email us at security@containerd.io

To report a security issue in containerd:

    Report a new vulnerability
    Email us at security@containerd.io

Severity
Critical

CVE ID
CVE-2026-50195

Weaknesses
Weakness CWE-345
Weakness CWE-829

Credits

    @hbeberman hbeberman Reporter
    @robertprast robertprast Reporter

_____________________________________________________________________

CDI annotation smuggling during CRI checkpoint restore
Critical
samuelkarp published GHSA-33vj-92qq-66hc Jun 19, 2026

Package
github.com/containerd/containerd/v2 (Go)

Affected versions
>= 2.1.0, < 2.1.9, >= 2.2.0, < 2.2.5, >= 2.3.0, < 2.3.2

Patched versions
2.3.2, 2.2.5, 2.1.9

Description

Impact

containerd's CRI implementation improperly trusts Container Device
Interface (CDI) annotations found within untrusted checkpoint
image metadata during container restoration. When restoring a
container from a checkpoint, containerd preserves CDI-related
annotations from the checkpoint archive rather than relying
solely on the pod's create-time specification. This allows a user
with pod creation permissions to bypass standard Kubernetes
resource allocation and device plugin enforcement, injecting
arbitrary CDI edits (such as device nodes and host mounts) into
the restored container. Successful exploitation requires that
the node has CDI enabled and contains a matching host CDI
specification for the requested device; environments where CDI
is disabled or lacking sensitive device specifications are not
affected.


Patches

This bug has been fixed in the following containerd versions:

    2.3.2
    2.2.5
    2.1.9

Users should update to these versions to resolve the issue.
Recreating existing containers restored from untrusted
checkpoints may be necessary to remove smuggled
configuration.


Workarounds

Users can mitigate this issue by restricting the restoration
of containers from untrusted checkpoint images. If Container
Device Interface (CDI) capabilities are not utilized on the
node, removing or temporarily relocating host CDI
specifications from the default directories
(/etc/cdi and /var/run/cdi) will eliminate the reachability
of this vulnerability.


Credits

The containerd project would like to thank Robert Prast
(@robertprast) for responsibly disclosing this issue in
accordance with the containerd security policy.

For more information

If you have any questions or comments about this advisory:

    Open an issue in containerd
    Email us at security@containerd.io

To report a security issue in containerd:

    Report a new vulnerability
    Email us at security@containerd.io

Severity
Critical

CVE ID
CVE-2026-53492

Weaknesses
Weakness CWE-20
Weakness CWE-863

Credits

    @robertprast robertprast Reporter

_____________________________________________________________________

Arbitrary host file read via symlink following in CRI checkpoint
restore

High
samuelkarp published GHSA-rgh6-rfwx-v388 Jun 19, 2026

Package
github.com/containerd/containerd/v2 (Go)

Affected versions
>= 2.1.0, < 2.1.9, >= 2.2.0, < 2.2.5, >= 2.3.0, < 2.3.2

Patched versions
2.3.2, 2.2.5, 2.1.9

Description

Impact

A bug was found in containerd where the CRI plugin restores
container.log from a checkpoint image without validating a
symlinked path. This could result in reading an arbitrary file
on the host via kubectl logs.


Patches

This bug has been fixed in the following containerd versions:

    2.3.2
    2.2.5
    2.1.9

Users should update to these versions to resolve the issue.


Workarounds

Ensure that only trusted images and checkpoints are used.


Credits

The containerd project would like to thank @gouldnicholas
and @davidrxchester, Yuming Zhang and Song Li of Zhejiang
University, Sangwon Ryu (@sangwon090), Henry Beberman
(@hbeberman) of Microsoft, the GKE Security Team using Gemini,
Anthropic Research, in collaboration with Claude, Robert
Prast (@robertprast),
Kyle Elliott (@kyle-elliott-tob) of Trail of Bits, and
Zhenchen Wang (@Plucky923), who independently discovered
and responsibly disclosed this issue in accordance with
the containerd security policy.


For more information

If you have any questions or comments about this advisory:

    Open an issue in containerd
    Email us at security@containerd.io

To report a security issue in containerd:

    Report a new vulnerability
    Email us at security@containerd.io

Severity
High

CVE ID
CVE-2026-53489

Weaknesses
Weakness CWE-61

Credits

    @gouldnicholas gouldnicholas Reporter
    @davidrxchester davidrxchester Reporter
    @sangwon090 sangwon090 Reporter
    @robertprast robertprast Reporter
    @Plucky923 Plucky923 Reporter
_____________________________________________________________________

containerd image-triggered runtime DoS via unbounded group parsing
Moderate
samuelkarp published GHSA-jpcc-p29g-p8mq Jun 19, 2026

Package
github.com/containerd/containerd (Go)

Affected versions
>= 1.7.0, < 1.7.33

Patched versions
1.7.33

github.com/containerd/containerd/v2 (Go)
Affected versions
>= 2.0.0, < 2.0.10, >= 2.1.0, < 2.1.9, >= 2.2.0, < 2.2.5, >= 2.3.0, < 2.3.2
Patched versions
2.3.2, 2.2.5, 2.1.9, 2.0.10


Description

Impact

A vulnerability in containerd allows a maliciously crafted image to cause
a Denial of Service (DoS) condition. When creating a container from this
image, memory exhaustion occurs, leading to an Out Of Memory (OOM) kill
of the containerd process. This renders the container runtime API
unavailable and can disrupt clients such as the Docker Engine or
Kubernetes control-plane components.


Patches

This bug has been fixed in the following containerd versions:

    2.3.2
    2.2.5
    2.1.9
    2.0.10
    1.7.33

Users should update to these versions to resolve the issue.


Workarounds

Ensure that only trusted images are used and that only trusted
users have permissions to import images or schedule pods.


Credits

The containerd project would like to thank Jakub Ciolek
(@jake-ciolek) at AlphaSense and Kyle Elliott @ Trail of Bits
who independently discovered and responsibly disclosed this
issue in accordance with the containerd security policy.


For more information

If you have any questions or comments about this advisory:

    Open an issue in containerd
    Email us at security@containerd.io

To report a security issue in containerd:

    Report a new vulnerability
    Email us at security@containerd.io

Severity
Moderate

CVE ID
CVE-2026-47262

Weaknesses
Weakness CWE-400

Credits

    @jake-ciolek jake-ciolek Reporter
    @kyle-elliott-tob kyle-elliott-tob Reporter


=========================================================
+ CERT-RENATER        |    tel : 01-53-94-20-44         +
+ 23/25 Rue Daviel    |    fax : 01-53-94-20-41         +
+ 75013 Paris         |   email:cert@support.renater.fr +
=========================================================