- Vulnerability/
- USN-7374-1
USN-7374-1: containerd vulnerability
First published: Wed Mar 26 2025(Updated: )
Benjamin Koltermann discovered that containerd incorrectly handled large user id values. This could result in containers possibly being run as root, contrary to expectations.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| ubuntu/containerd | <2.0.0~rc3-0ubuntu1.1 | 2.0.0~rc3-0ubuntu1.1 |
| Ubuntu | =24.10 | |
| All of | ||
| ubuntu/containerd | <1.7.24-0ubuntu1~24.04.2 | 1.7.24-0ubuntu1~24.04.2 |
| Ubuntu | =24.04 | |
| All of | ||
| ubuntu/golang-github-containerd-containerd-dev | <1.6.24~ds1-1ubuntu1.2+esm1 | 1.6.24~ds1-1ubuntu1.2+esm1 |
| Ubuntu | =24.04 | |
| All of | ||
| ubuntu/containerd | <1.7.24-0ubuntu1~22.04.2 | 1.7.24-0ubuntu1~22.04.2 |
| Ubuntu | =22.04 | |
| All of | ||
| ubuntu/golang-github-containerd-containerd-dev | <1.6.12-0ubuntu1~22.04.8 | 1.6.12-0ubuntu1~22.04.8 |
| Ubuntu | =22.04 | |
| All of | ||
| ubuntu/containerd | <1.7.24-0ubuntu1~20.04.2 | 1.7.24-0ubuntu1~20.04.2 |
| Ubuntu | =20.04 | |
| All of | ||
| ubuntu/golang-github-containerd-containerd-dev | <1.6.12-0ubuntu1~20.04.8 | 1.6.12-0ubuntu1~20.04.8 |
| Ubuntu | =20.04 | |
| All of | ||
| ubuntu/containerd | <1.6.12-0ubuntu1~18.04.1+esm2 | 1.6.12-0ubuntu1~18.04.1+esm2 |
| Ubuntu | =18.04 | |
| All of | ||
| ubuntu/golang-github-containerd-containerd-dev | <1.6.12-0ubuntu1~18.04.1+esm2 | 1.6.12-0ubuntu1~18.04.1+esm2 |
| Ubuntu | =18.04 | |
| All of | ||
| ubuntu/containerd | <1.2.6-0ubuntu1~16.04.6+esm5 | 1.2.6-0ubuntu1~16.04.6+esm5 |
| Ubuntu | =16.04 | |
| All of | ||
| ubuntu/golang-github-docker-containerd-dev | <1.2.6-0ubuntu1~16.04.6+esm5 | 1.2.6-0ubuntu1~16.04.6+esm5 |
| Ubuntu | =16.04 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://ubuntu.com/security/CVE-2024-40635
- https://launchpad.net/ubuntu/+source/containerd-app/2.0.0~rc3-0ubuntu1.1
- https://launchpad.net/ubuntu/+source/containerd-app/1.7.24-0ubuntu1~24.04.2
- https://launchpad.net/ubuntu/+source/containerd-app/1.7.24-0ubuntu1~22.04.2
- https://launchpad.net/ubuntu/+source/containerd/1.6.12-0ubuntu1~22.04.8
- https://launchpad.net/ubuntu/+source/containerd-app/1.7.24-0ubuntu1~20.04.2
- https://launchpad.net/ubuntu/+source/containerd/1.6.12-0ubuntu1~20.04.8
- https://ubuntu.com/security/notices/USN-7374-1 (Advisory)
Frequently Asked Questions
What is the severity of USN-7374-1?
USN-7374-1 is classified as a moderate severity vulnerability due to incorrect handling of large user ID values in containerd.
How do I fix USN-7374-1?
To fix USN-7374-1, upgrade the containerd package to version 2.0.0~rc3-0ubuntu1.1 or the appropriate updated version for your Ubuntu release.
Which Ubuntu versions are affected by USN-7374-1?
USN-7374-1 affects Ubuntu versions 24.10, 24.04, 22.04, 20.04, 18.04, and 16.04.
What products are impacted by USN-7374-1?
USN-7374-1 impacts the container management system containerd in Ubuntu products.
Who discovered the vulnerability in USN-7374-1?
The vulnerability in USN-7374-1 was discovered by Benjamin Koltermann.
- agent/last-modified-date
- agent/title
- agent/references
- agent/source
- agent/softwarecombine
- agent/type
- agent/first-publish-date
- agent/description
- agent/event
- agent/tags
- collector/usn
- source/Ubuntu
- agent/software-canonical-lookup
- package-manager/ubuntu
- vendor/ubuntu
- canonical/ubuntu
- version/ubuntu/24.10
- version/ubuntu/24.04
- version/ubuntu/22.04
- version/ubuntu/20.04
- version/ubuntu/18.04
- version/ubuntu/16.04