Main Vulnerability Database Vulnerabilities #VU109622

#VU109622 Improper Preservation of Permissions in containerd - CVE-2025-47291

Published: May 21, 2025

Vulnerability identifier: #VU109622

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2025-47291

CWE-ID: CWE-281

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
containerd

Software vendor:
containerd

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to the CRI implementation does not put usernamespaced containers under the Kubernetes' cgroup hierarchy, which causes Kubernetes limits not to be honored. A local user or malicious application inside the container can perform a denial of service (DoS) attack.

Remediation

Install updates from vendor's website.

External links

https://github.com/containerd/containerd/security/advisories/GHSA-cxfp-7pvr-95ff

#VU109622 Improper Preservation of Permissions in containerd - CVE-2025-47291

Description

Remediation

External links

Please verify you're human