OPENSUSE-SU-2022:0334-1
Advisory lineage Upstream: 5 Downstream: 0
Published: 04 Feb 2022, 08:31
Last modified:04 Feb 2026, 02:46
Vulnerability Summary
Overall Risk (default)
minimal
0/100 CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
04 Feb 2022, 08:31
Published
Vulnerability first disclosed
04 Feb 2026, 02:46
Last Modified
Vulnerability information updated
Description
Security update for containerd, docker This update for containerd, docker fixes the following issues: - CVE-2021-41089: Fixed 'cp' can chmod host files (bsc#1191015). - CVE-2021-41091: Fixed flaw that could lead to data directory traversal in moby (bsc#1191434). - CVE-2021-41092: Fixed exposed user credentials with a misconfigured configuration file (bsc#1191334). - CVE-2021-41103: Fixed file access to local users in containerd (bsc#1191121). - CVE-2021-41190: Fixed OCI manifest and index parsing confusion (bsc#1193273).
Affected Systems
- opensuse•containerd&distro=openSUSE Leap 15.3
< 1.4.12-60.1
- opensuse•docker-kubic&distro=openSUSE Leap 15.3
< 20.10.12_ce-159.1
- opensuse•docker&distro=openSUSE Leap 15.3
< 20.10.12_ce-159.1
References (11)
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ULRUJXC3YBVKDKJAERWLY6BKJ7U3246G/
- https://bugzilla.suse.com/1191015
- https://bugzilla.suse.com/1191121
- https://bugzilla.suse.com/1191334
- https://bugzilla.suse.com/1191434
- https://bugzilla.suse.com/1193273
- https://www.suse.com/security/cve/CVE-2021-41089
- https://www.suse.com/security/cve/CVE-2021-41091
- https://www.suse.com/security/cve/CVE-2021-41092
- https://www.suse.com/security/cve/CVE-2021-41103
- https://www.suse.com/security/cve/CVE-2021-41190