CVE STALKER

CVE-2021-32760

CVSS
DESCRIPTIONcontainerd is a container runtime. A bug was found in containerd versions prior to 1.4.8 and 1.5.4 where pulling and extracting a specially-crafted container image can result in Unix file permission changes for existing files in the host’s filesystem. Changes to file permissions can deny access to the expected owner of the file, widen access to others, or set extended bits like setuid, setgid, and sticky. This bug does not directly allow files to be read, modified, or executed without an additional cooperating process. This bug has been fixed in containerd 1.5.4 and 1.4.8. As a workaround, ensure that users only pull images from trusted sources. Linux security modules (LSMs) like SELinux and AppArmor can limit the files potentially affected by this bug through policies and profiles that prevent containerd from interacting with specific files.
HEAT SCORE51

WORDS

TWEETS

DATE TWEETS USER
2021-08-25 23:41:34🚨 NEW: CVE-2021-32760 🚨 containerd is a container runtime. A bug was found in containerd versions prior to 1.4.8 an… https://t.co/5MuTr0xEYQ https://twitter.com/i/web/status/1430673966042132485threatintelctr
2021-07-28 18:41:04New post from https://t.co/9KYxtdZjkl (CVE-2021-32760 (containerd)) has been published on https://t.co/CuoPN2Qc2w http://www.sesin.at https://www.sesin.at/2021/07/28/cve-2021-32760-containerd/www_sesin_at
2021-07-28 18:40:34New post from https://t.co/uXvPWJy6tj (CVE-2021-32760 (containerd)) has been published on https://t.co/CkEeGcQJZ6 http://www.sesin.at https://www.sesin.at/2021/07/28/cve-2021-32760-containerd/WolfgangSesin
2021-07-28 18:10:49🚨 NEW: CVE-2021-32760 🚨 containerd is a container runtime. A bug was found in containerd versions prior to 1.4.8 an… https://t.co/hpsuKMh7iL https://twitter.com/i/web/status/1420444169043054598threatintelctr
2021-07-24 03:10:18New post from https://t.co/uXvPWJy6tj (CVE-2021-32760) has been published on https://t.co/q4xTqaKcsE http://www.sesin.at https://www.sesin.at/2021/07/24/cve-2021-32760/WolfgangSesin
2021-07-24 03:10:16New post from https://t.co/9KYxtdZjkl (CVE-2021-32760) has been published on https://t.co/NGeeFidOFS http://www.sesin.at https://www.sesin.at/2021/07/24/cve-2021-32760/www_sesin_at
2021-07-20 09:30:05containerdの脆弱性(Moderate: CVE-2021-32760)と新バージョン(v1.4.8, v1.5.4) https://t.co/bgkPpIr255 https://security.sios.com/vulnerability/containerd-security-vulnerability-20210720.htmlmatsuu_zatsu
2021-07-20 00:50:06Let the annals of the day show that CVE-2021-32760... has been granted the moniker Thrilling Pangolin https://t.co/sj7SNYMtVR https://nvd.nist.gov/vuln/detail/CVE-2021-32760vulnonym
2021-07-19 22:40:05CVE-2021-32760 containerd is a container runtime. A bug was found in containerd ... https://t.co/DjjMGVP2HU Vuln… https://t.co/3WTIVfYzrc http://vulmon.com/vulnerabilitydetails?qid=CVE-2021-32760 https://twitter.com/i/web/status/1417252148455280645VulmonFeeds
2021-07-19 22:30:05CVE-2021-32760: containerd archive package allows chmod of file outside of unpack target directory: Posted by Karp,… https://t.co/FqruILXoCw https://twitter.com/i/web/status/1417248643170541570oss_security
2021-07-19 22:10:03SIOSセキュリティブログを更新しました。 containerdの脆弱性(Moderate: CVE-2021-32760)と新バージョン(v1.4.8, v1.5.4) #sios_tech #security… https://t.co/BGL3cTg6ni https://twitter.com/i/web/status/1417244428012449846omokazuki
2021-07-19 21:50:04CVE-2021-32760 containerd is a container runtime. A bug was found in containerd versions prior to 1.4.8 and 1.5.4 w… https://t.co/RSR5ToDDnG https://twitter.com/i/web/status/1417239154757410817CVEnew
2021-07-19 20:40:07CVE-2021-32760 : containerd is a container runtime. A bug was found in containerd versions prior to 1.4.8 and 1.5.4… https://t.co/FMemz4ZiST https://twitter.com/i/web/status/1417220836386344967CVEreport
2021-07-19 18:50:14containerd 1.4.8 and 1.5.4 have been released to address CVE-2021-32760 https://t.co/OQPZ6bmxMq https://github.com/containerd/containerd/releases/tag/v1.5.4containerd