SUSE-SU-2023:1827-1

Advisory lineage Upstream: 2 Downstream: 0

Upstream

CVE-2023-25153 CVE-2023-25173

Published: 13 Apr 2023, 08:18

Last modified:02 May 2025, 04:34

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

13 Apr 2023, 08:18

Published

Vulnerability first disclosed

02 May 2025, 04:34

Last Modified

Vulnerability information updated

Description

Security update for containerd This update for containerd fixes the following issues: Update to containerd v1.6.19: Security fixes: - CVE-2023-25153: Fixed OCI image importer memory exhaustion (bnc#1208423). - CVE-2023-25173: Fixed supplementary groups not set up properly (bnc#1208426).

Affected Systems

opensuse•containerd&distro=openSUSE Leap 15.4
< 1.6.19-150000.87.1
opensuse•containerd&distro=openSUSE Leap Micro 5.3
< 1.6.19-150000.87.1
suse•containerd&distro=SUSE Linux Enterprise Micro 5.1
< 1.6.19-150000.87.1
suse•containerd&distro=SUSE Linux Enterprise Micro 5.2
< 1.6.19-150000.87.1
suse•containerd&distro=SUSE Linux Enterprise Micro 5.3
< 1.6.19-150000.87.1
suse•containerd&distro=SUSE Linux Enterprise Micro 5.4
< 1.6.19-150000.87.1
suse•containerd&distro=SUSE Linux Enterprise Module for Containers 15 SP4
< 1.6.19-150000.87.1

SUSE-SU-2023:1827-1

Vulnerability Summary

Timeline

Description

Affected Systems

References (5)