containerd has an integer overflow in User ID handling in github.com/containerd/containerd

Overview

Source

OSV

GO-2025-3528

Aliases

CVE-2024-40635

GHSA-265r-hfxg-fhmg

Affected package

github.com/containerd/containerd

github.com/containerd/containerd/v2

Description

containerd has an integer overflow in User ID handling in github.com/containerd/containerd

Impact

Reference links

https://github.com/containerd/containerd/commit/05044ec0a9a75232cad458027ca83437aae3f4da

https://github.com/containerd/containerd/commit/1a43cb6a1035441f9aca8f5666a9b3ef9e70ab20

https://github.com/containerd/containerd/commit/cf158e884cfe4812a6c371b59e4ea9bc4c46e51a

https://github.com/containerd/containerd/security/advisories/GHSA-265r-hfxg-fhmg

https://vuln.go.dev/ID/GO-2025-3528.json

Summary

9.87k

Total packages affected

Packages with at least one version that is affected by the advisory or has an affected dependency.

1.49k

Packages with a known fix

Packages with versions affected by the advisory that have a greater version that is not affected.

0.73%

Total ecosystem affected

The proportion of packages in the ecosystem that are affected by the advisory (fixed or not).

github.com/containerd/containerd

Affected Version: Introduced: 0, Fixed: 1.6.38, Introduced: 1.7.0-beta.0, Fixed: 1.7.27

Patched/Unaffected

v1.6.38

March 17, 2025

v1.7.27

March 17, 2025

Affected

v1.7.26

February 27, 2025

v1.7.25

January 13, 2025

v1.7.25-0.19700101000000-142e855138e3

November 25, 2024

October 15, 2024

September 27, 2024

August 26, 2024

v1.7.21-0.20240730235713-20966044526b

July 31, 2024

July 29, 2024

July 29, 2024

June 27, 2024

May 30, 2024

May 1, 2024

April 5, 2024

v1.7.15-0.20240329193453-0dcf21c1528a

March 29, 2024

March 16, 2024

January 31, 2024

January 12, 2024

December 8, 2023

December 7, 2023

November 18, 2023

October 26, 2023

October 10, 2023

September 12, 2023

August 25, 2023

August 24, 2023

July 28, 2023

June 2, 2023

May 10, 2023

v1.7.1-0.20230829223420-779875a057ff

September 6, 2023

v1.7.1-0.20230718202420-e26b669ba9a9

July 18, 2023

v1.7.1-0.20230706191712-3c250cb508aa

July 7, 2023

v1.7.1-0.20230703133900-330273d2362f

July 3, 2023

v1.7.0

March 10, 2023

v1.7.0-rc.3.0.20230309042526-8cc09e6a71de

v1.7.0-rc.2.0.20230307175103-94cf2f50999c

v1.7.0-rc.1.0.20230302210336-081d81858d65

v1.7.0-rc.0.0.20230227175025-2be87c1a7550

v1.7.0-beta.4.0.20230216180416-8d4f9b6335c1

v1.7.0-beta.3.0.20230128063521-b8962099e7ce

v1.7.0-beta.2.0.20230104184621-ef9c2a689a22

v1.7.0-beta.1.0.20221213052408-7db53e0e8cde

v1.7.0-beta.0.0.20221212180621-2a76a1e78de8

December 12, 2022

v1.7.0-beta.0.0.20221025232920-d878d7dda8d9

February 27, 2025

September 27, 2024

September 3, 2024

July 29, 2024

June 27, 2024

May 30, 2024

April 5, 2024

March 16, 2024

March 8, 2024

January 31, 2024

January 12, 2024

December 8, 2023

November 20, 2023

September 14, 2023

August 15, 2023

July 28, 2023

May 5, 2023

April 30, 2023

February 27, 2023

February 15, 2023

March 8, 2023

January 28, 2023

v1.6.16-0.20230124210447-1709cfe273d9

January 25, 2023

March 8, 2023

December 19, 2022

March 8, 2023

March 7, 2023

December 6, 2022

March 8, 2023

March 8, 2023

March 8, 2023

March 8, 2023

March 8, 2023

March 8, 2023

March 8, 2023

March 8, 2023

v1.6.3-0.20220401172941-5ff8fce1fcc6

April 1, 2022

v1.6.2

March 8, 2023

v1.6.1

March 8, 2023

v1.6.1-0.20220401213713-9766107a53d9

April 2, 2022

v1.6.1-0.20220322211718-388ee880d23a

April 19, 2022

v1.6.0

March 8, 2023

v1.6.0-rc.4.0.20220210062109-0340e84cde93

v1.6.0-rc.3.0.20220208164226-a9f61ba2c84a

v1.6.0-rc.2.0.20220203165418-943ca856ad70

v1.6.0-rc.1.0.20220128165351-9c676e98dde9

January 29, 2022

v1.6.0-rc.1.0.20220127150749-a43703fcba54

January 28, 2022

v1.6.0-rc.1.0.20220126004311-3f5d789dfb30

January 26, 2022

v1.6.0-rc.1.0.20220120031347-ad771115b82a

v1.6.0-rc.0.0.20220112172229-6e211a774ff0

v1.6.0-beta.5.0.20220106193438-3ccd43c8f685

January 7, 2022

v1.6.0-beta.5.0.20220106171654-857b35de6c6d

v1.6.0-beta.4.0.20211214160527-d0da25cf54f8

v1.6.0-beta.3.0.20211119174132-1a88cf524244

v1.6.0-beta.2.0.20211118163723-aa2733c20207

November 26, 2021

v1.6.0-beta.2.0.20211117185425-a776a27af54a

November 17, 2021

v1.6.0-beta.2.0.20211112054404-aa1b0736165c

November 14, 2021

v1.6.0-beta.2.0.20211111224154-bd81f8a39d85

v1.6.0-beta.1.0.20211101005050-f0d3ea96cf8c

November 5, 2021

v1.6.0-beta.1.0.20211022213938-45c5298700a8

v1.6.0-beta.0.0.20211022154552-fc5c51d5f4eb

October 22, 2021

v1.6.0-beta.0.0.20211011182951-5b29542cbee3

March 8, 2023

March 8, 2023

March 8, 2023

December 6, 2022

October 24, 2022

March 8, 2023

June 3, 2022

v1.5.12-0.20220426184150-3ae69840dbf6

May 2, 2022

March 24, 2022

March 2, 2022

March 8, 2023

November 17, 2021

March 8, 2023

March 8, 2023

March 8, 2023

March 8, 2023

March 8, 2023

March 8, 2023

May 13, 2021

May 3, 2021

v1.5.0-rc.3.0.20210430031718-df0cc5bd1848

April 30, 2021

v1.5.0-rc.2.0.20210420163742-c3f5a6a93dae

v1.5.0-rc.1.0.20210413152643-f968359ecb3b

v1.5.0-rc.0.0.20210409053044-6636e3618250

v1.5.0-beta.4.0.20210402042452-261c107ffc4f

April 2, 2021

v1.5.0-beta.4.0.20210324020557-31a0f92df1f3

March 24, 2021

v1.5.0-beta.4.0.20210316174528-f201b78b9065

v1.5.0-beta.3.0.20210305053546-02334356d077

v1.5.0-beta.2.0.20210226165227-07a3ce3d7f88

v1.5.0-beta.1.0.20210205215132-cfa842c27869

v1.5.0-beta.0.0.20210122062454-5a66c2ae5cec

January 22, 2021

v1.5.0-beta.0.0.20210121172153-83f8d6126b79

March 2, 2022

November 17, 2021

October 4, 2021

September 29, 2021

July 29, 2021

July 19, 2021

March 8, 2023

May 19, 2021

May 12, 2021

March 5, 2021

March 8, 2023

November 26, 2020

September 16, 2020

v1.4.1-0.20201229174909-9067796ce4c8

December 30, 2020

v1.4.1-0.20201215193253-e922d5553d12

December 16, 2020

v1.4.1-0.20201214195303-23315f8647ee

December 15, 2020

v1.4.1-0.20201211190449-004214808a0a

December 11, 2020

v1.4.1-0.20201208141117-1e624fa3deb4

December 9, 2020

v1.4.1-0.20201204210828-e98d7f8eaafc

December 5, 2020

v1.4.1-0.20201117152358-0edc412565dc

November 17, 2020

v1.4.1-0.20201110220052-687fcd73ec53

November 11, 2020

v1.4.1-0.20201014210714-22aea1e9a7a0

October 14, 2020

v1.4.1-0.20200903181227-d4e78200d6da

September 3, 2020

v1.4.0

August 17, 2020

v1.4.0-rc.1.0.20200811230809-e9f94064b961

v1.4.0-rc.0.0.20200804175707-85b15eff4581

v1.4.0-beta.2.0.20200730150746-fa1220fce33f

August 8, 2020

v1.4.0-beta.2.0.20200729163537-40b22ef07410

July 29, 2020

v1.4.0-beta.2.0.20200728183644-eb6354a11860

July 29, 2020

v1.4.0-beta.2.0.20200722033631-1a571fcf1b0b

July 22, 2020

v1.4.0-beta.2.0.20200713162307-5d470fa23bf9

v1.4.0-beta.1.0.20200615192441-ae2f3fdfd1a4

June 16, 2020

v1.4.0-beta.1.0.20200528154029-8e9ba8376ec2

v1.4.0-beta.0.0.20200514232050-32985949d4f2

March 5, 2021

November 30, 2020

March 8, 2023

August 4, 2020

June 30, 2020

June 26, 2020

April 16, 2020

February 7, 2020

March 8, 2023

November 20, 2019

v1.3.1-0.20200507183255-990076b731ec

May 8, 2020

v1.3.1-0.20200227195959-4d242818bf55

February 28, 2020

v1.3.1-0.20200219222124-986d06785c4a

February 20, 2020

v1.3.1-0.20191213020239-082f7e3aed57

December 13, 2019

v1.3.1-0.20191014053712-acdcf13d5eaf

October 14, 2019

v1.3.1-0.20191007173812-901bcb223146

January 24, 2020

v1.3.0

March 7, 2023

v1.3.0-rc.3.0.20190925122936-da66333271f3

v1.3.0-rc.2.0.20190924150618-aba201344ebf

September 25, 2019

v1.3.0-rc.2.0.20190920004303-a0dafd9309e9

v1.3.0-rc.1.0.20190912204600-9741f03932fb

v1.3.0-rc.0.0.20190904234633-59a625defb21

v1.3.0-beta.2.0.20190828155532-0293cbd26c69

September 10, 2019

v1.3.0-beta.2.0.20190823190603-4a2f61c4f2b4

August 27, 2019

v1.3.0-beta.2.0.20190820170855-640860a042b9

v1.3.0-beta.1.0.20190809132136-f06e605f1aef

v1.3.0-beta.0.0.20190808172034-23faecfb66ab

August 22, 2019

v1.3.0-beta.0.0.20190731202334-053853fe3ffc

March 8, 2023

February 19, 2020

March 8, 2023

April 30, 2023

March 8, 2023

March 9, 2023

August 22, 2019

June 17, 2019

v1.2.7-0.20190510190154-d0319ec44af6

June 22, 2021

April 11, 2019

April 25, 2019

April 25, 2019

June 10, 2019

April 18, 2019

June 24, 2019

v1.2.1-rc.0.0.20181121183049-de1f167ab963

v1.2.1-0.20190510150246-481103c87933

April 25, 2020

v1.2.1-0.20190507210959-7c1e88399ec0

June 27, 2019

v1.2.1-0.20190426060238-3a3f0aac8819

June 26, 2019

v1.2.1-0.20190321141026-ceba56893a76

July 8, 2020

v1.2.1-0.20190214164719-faec567304bb

January 31, 2020

v1.2.1-0.20190212172151-f5b0fa220df8

September 12, 2019

v1.2.0

June 24, 2019

v1.2.0-rc.2.0.20181016180345-d6de12e2f362

v1.2.0-rc.1.0.20181003214326-0c5f8f63c336

v1.2.0-rc.0.0.20180925133938-3bc4ba271e1c

June 22, 2021

v1.2.0-rc.0.0.20180920203058-99fc40fd6088

v1.2.0-beta.2.0.20180915010629-0dc7636c0bcd

June 14, 2019

v1.2.0-beta.2.0.20180828185126-ce243288e279

v1.2.0-beta.1.0.20180823192832-ac18e6008772

v1.2.0-beta.0.0.20180816075740-6f13ff3ea48a

April 30, 2023

April 30, 2023

June 24, 2019

June 24, 2019

June 23, 2019

June 24, 2019

April 25, 2019

June 24, 2019

v1.1.1-rc.2.0.20180627200031-e5fb877b9f6c

v1.1.1-rc.1.0.20180618184725-cbef57047e90

v1.1.1-rc.0.0.20180531235051-395068d2b725

v1.1.1-0.20180706181834-b41633746ed4

September 4, 2019

v1.1.0

June 24, 2019

v1.1.0-rc.2.0.20180413230405-f630d5f0a639

v1.1.0-rc.1.0.20180405001410-2bc17ef2cbff

v1.1.0-rc.0.0.20180327161904-7833fb49fdb0

v1.0.3

March 8, 2023

v1.0.3-rc.0.0.20180329172358-2b3b44fd7d1c

v1.0.2

April 17, 2019

v1.0.2-rc.1.0.20180206194959-53aaa89850e8

v1.0.2-rc.0.0.20180130231502-8b098d036b71

v1.0.1

June 24, 2019

v1.0.1-rc.0.0.20180111194836-1549ddad67ad

v1.0.0

June 28, 2019

v1.0.0-rc.0.0.20171201003522-08f179386e13

v1.0.0-beta.3.0.20171108192226-2b8ed96d2a42

v1.0.0-beta.2.0.20171012010950-a543c937eb0a

v1.0.0-beta.1.0.20170922204455-20c621178a5f

v1.0.0-beta.0.0.20170906232613-d0457b221369

v1.0.0-alpha6.0.20170823223613-f05281743e5a

v1.0.0-alpha5.0.20170817231637-b2ee0ab34eaf

v1.0.0-alpha4.0.20170810221814-56d499e114cd

v1.0.0-alpha3.0.20170802231211-0fa76584f836

v1.0.0-alpha2.0.20170726224524-856b03843737

v1.0.0-alpha1.0.20170719232339-0b3e572b8528

v1.0.0-alpha0.0.20170713002203-8eadcb8c2899

June 24, 2019

June 24, 2019

June 26, 2019

June 24, 2019

June 27, 2019

June 24, 2019

June 26, 2019

June 24, 2019

June 23, 2019

June 24, 2019

June 24, 2019

github.com/containerd/containerd/v2

Affected Version: Introduced: 0, Fixed: 2.0.4

Patched/Unaffected

v2.0.4

March 17, 2025

v2.1.0-beta.0.0.19700101000000-52f02c3aa1e7

v2.1.0-beta.0.0.19700101000000-b430e5ac3acc

Affected

February 28, 2025

January 14, 2025

December 14, 2024

November 5, 2024

v2.0.0-rc.6.0.20241024002341-b70cce208580

v2.0.0-rc.5.0.20241018153820-b291eb802b2d

October 19, 2024

v2.0.0-rc.5.0.20241001152019-05ee43a5fd67

v2.0.0-rc.4.0.20240827163352-fa5bf66fdff4

v2.0.0-rc.3.0.20240820000727-e8104a485884

August 20, 2024

v2.0.0-rc.3.0.20240614132127-27de5fea738a

v2.0.0-rc.2.0.20240529204753-080d35b9ea94

June 16, 2024

v2.0.0-rc.2.0.20240517183130-28b77e33ade2

v2.0.0-rc.1.0.20240506161247-114ef7583363

May 20, 2024

v2.0.0-rc.1.0.20240423213224-2d19e9b47301

v2.0.0-rc.0.0.20240319014611-93022d83d14a

v2.0.0-beta.2.0.20240129170054-4f3a026bceb6

v2.0.0-beta.1.0.20240119211341-6f44916e60a3

v2.0.0-beta.0.0.20231106172129-de55dfc0f184