Back to bug 2060029

Who	When	What	Removed	Added
Marian Rehak	2022-03-02 14:41:29 UTC	CC		security-response-team
Marian Rehak	2022-03-02 14:55:45 UTC	Blocks		2060036
Marian Rehak	2022-03-17 13:09:59 UTC	Deadline	2022-03-02
		CC		aos-bugs, eglynn, go-sig, gotmax, o.lemasle, rhos-maint, spower
		Summary	EMBARGOED CVE-2022-23648 containerd: insecure handling of image volumes	CVE-2022-23648 containerd: insecure handling of image volumes
		Group	security, qe_staff
Marian Rehak	2022-03-17 13:10:52 UTC	Priority	medium	high
		Severity	medium	high
Nick Tait	2022-04-15 23:47:00 UTC	Depends On		2065684
		Depends On		2075884, 2075885
Nick Tait	2022-04-15 23:51:42 UTC	Depends On		2075887, 2075888, 2075886
Nick Tait	2022-04-22 19:56:33 UTC	Fixed In Version	containerd 1.6.1, containerd 1.5.11, containerd 1.4.13	containerd 1.6.1, containerd 1.5.10, containerd 1.4.13
Red Hat Bugzilla	2022-05-09 08:29:48 UTC	CC	aos-bugs
Nick Tait	2022-11-11 23:30:45 UTC	Doc Text		An information leak was discovered in containerd. This could give a remote attacker access to read-only copies of arbitrary files and directories on the host. It can be exploited with a specially-crafted image configuration.
Nick Tait	2022-11-11 23:43:14 UTC	CC		joelsmith
Paige Jung	2022-11-14 15:11:35 UTC	Doc Text	An information leak was discovered in containerd. This could give a remote attacker access to read-only copies of arbitrary files and directories on the host. It can be exploited with a specially-crafted image configuration.	An information leak was discovered in containerd. This issue could allow a remote attacker access to read-only copies of arbitrary files and directories on the host, which can be exploited with a specially-crafted image configuration.
Red Hat Bugzilla	2023-02-01 08:27:33 UTC	CC	tkasparek
Red Hat Bugzilla	2023-07-07 08:27:55 UTC	Assignee	security-response-team	nobody
		CC	security-response-team

Back to bug 2060029