VDB

GCVE-VVD-MAGEIA-2021-484

GCVE-VVD-MAGEIA-2021-484
Advisory Published
Vulnetix · Advisory published October 23, 2021
A bug was found in containerd where pulling and extracting a specially-crafted container image can result in Unix file permission changes for existing files in the host’s filesystem. Changes to file permissions can deny access to the expected owner of the file, widen access to others, or set extended bits like setuid, setgid, and sticky. This bug does not directly allow files to be read, modified, or executed without an additional cooperating process.
Download JSON Open in Console

Affected Products

VendorProductVersionsPlatforms
Mageiadocker-containerd0 (affected), 1.5.7-1.mga8 (unaffected)

References

Updated docker-containerd packages fix security vulnerability
advisory
Updated docker-containerd packages fix security vulnerability
issue
Updated docker-containerd packages fix security vulnerability
issue
Updated docker-containerd packages fix security vulnerability
issue
Updated docker-containerd packages fix security vulnerability
issue
Updated docker-containerd packages fix security vulnerability
issue
Updated docker-containerd packages fix security vulnerability
issue
Updated docker-containerd packages fix security vulnerability
issue
Updated docker-containerd packages fix security vulnerability
advisory
Updated docker-containerd packages fix security vulnerability
advisory

Browse GCVE Records

100 records in the GCVE database · Updated April 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

Open in Console Download JSON
$ Console Community · 100/wk Open console ›