It was discovered that containerd incorrectly handled file permission changes. If a user or automated system were tricked into launching a specially crafted container image, a remote attacker could change permissions on files on the host filesystem and possibly escalate privileges.
{ "availability": "No subscription required", "binaries": [ { "binary_version": "1.5.2-0ubuntu1~18.04.2", "binary_name": "containerd" }, { "binary_version": "1.5.2-0ubuntu1~18.04.2", "binary_name": "containerd-dbgsym" }, { "binary_version": "1.5.2-0ubuntu1~18.04.2", "binary_name": "golang-github-containerd-containerd-dev" }, { "binary_version": "1.5.2-0ubuntu1~18.04.2", "binary_name": "golang-github-docker-containerd-dev" } ] }
{ "availability": "No subscription required", "binaries": [ { "binary_version": "1.5.2-0ubuntu1~20.04.2", "binary_name": "containerd" }, { "binary_version": "1.5.2-0ubuntu1~20.04.2", "binary_name": "containerd-dbgsym" }, { "binary_version": "1.5.2-0ubuntu1~20.04.2", "binary_name": "golang-github-containerd-containerd-dev" }, { "binary_version": "1.5.2-0ubuntu1~20.04.2", "binary_name": "golang-github-docker-containerd-dev" } ] }