Vulnerability identifier: #VU57038
Vulnerability risk: Low
Exploitation vector: Local
Exploit availability: No
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to incorrect default permissions for container root directories and some plugins. When the UID of an unprivileged Linux user on the host collided with the file owner or group inside a container, the unprivileged Linux user on the host can discover, read, and modify those files.
Install updates from vendor's website.
Vulnerable software versions
containerd: 1.5.0 - 1.5.6, 1.4.0 - 1.4.10
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?