{"id":"USN-8473-1","summary":"containerd-stable vulnerabilities","details":"It was discovered that containerd incorrectly handled HTTP/2 SETTINGS\nframes. A remote attacker could possibly use this issue to cause containerd\nto enter an infinite loop, resulting in a denial of service. (CVE-2026-33814)\n\nJakub Ciolek and Kyle Elliott discovered that containerd incorrectly\nhandled group parsing when creating containers from images. An attacker\ncould possibly use this issue to cause containerd to consume excessive\nmemory, resulting in a denial of service. (CVE-2026-47262)\n\nHenry Beberman and Robert Prast discovered that containerd incorrectly\nvalidated image references when importing container checkpoints. An\nattacker could possibly use this issue to poison the local image cache and\nexecute arbitrary code in other pods. (CVE-2026-50195)\n\nRobert Prast discovered that containerd incorrectly propagated labels\nfrom image configurations to containers. An attacker could possibly use\nthis issue to execute arbitrary code on the host. (CVE-2026-53488)\n\nYuming Zhang, Song Li, Sangwon Ryu, Henry Beberman, Robert Prast, Kyle\nElliott and Zhenchen Wang discovered that containerd incorrectly validated\nsymlinked paths when restoring container checkpoints. An attacker could\npossibly use this issue to read arbitrary files on the host, resulting in\ninformation disclosure. (CVE-2026-53489)\n\nRobert Prast discovered that containerd incorrectly trusted device\ninterface annotations when restoring container checkpoints. An attacker\ncould possibly use this issue to bypass resource allocation restrictions\nand inject devices or host mounts into a container. (CVE-2026-53492)","modified":"2026-06-25T19:29:20.714541402Z","published":"2026-06-25T13:14:07Z","related":["UBUNTU-CVE-2026-33814","UBUNTU-CVE-2026-47262","UBUNTU-CVE-2026-50195","UBUNTU-CVE-2026-53488","UBUNTU-CVE-2026-53489","UBUNTU-CVE-2026-53492"],"upstream":["CVE-2026-33814","CVE-2026-47262","CVE-2026-50195","CVE-2026-53488","CVE-2026-53489","CVE-2026-53492","UBUNTU-CVE-2026-33814","UBUNTU-CVE-2026-47262","UBUNTU-CVE-2026-50195","UBUNTU-CVE-2026-53488","UBUNTU-CVE-2026-53489","UBUNTU-CVE-2026-53492"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-8473-1"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2026-33814"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2026-47262"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2026-50195"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2026-53488"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2026-53489"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2026-53492"}],"affected":[{"package":{"name":"containerd-stable","ecosystem":"Ubuntu:25.10","purl":"pkg:deb/ubuntu/containerd-stable?arch=source&distro=questing"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.1.6-0ubuntu1~25.10.2"}]}],"versions":["2.1.3-0ubuntu1","2.1.6-0ubuntu1~25.10.1"],"ecosystem_specific":{"binaries":[{"binary_version":"2.1.6-0ubuntu1~25.10.2","binary_name":"containerd-stable"}],"availability":"No subscription required"},"database_specific":{"cves_map":{"cves":[{"id":"CVE-2026-33814","severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"severity":[{"score":"medium","type":"Ubuntu"}],"id":"CVE-2026-47262"},{"severity":[{"score":"high","type":"Ubuntu"}],"id":"CVE-2026-50195"},{"id":"CVE-2026-53488","severity":[{"score":"high","type":"Ubuntu"}]},{"id":"CVE-2026-53489","severity":[{"score":"high","type":"Ubuntu"}]},{"id":"CVE-2026-53492","severity":[{"score":"high","type":"Ubuntu"}]}],"ecosystem":"Ubuntu:25.10"},"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8473-1.json"}},{"package":{"name":"containerd-stable","ecosystem":"Ubuntu:26.04:LTS","purl":"pkg:deb/ubuntu/containerd-stable?arch=source&distro=resolute"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.2.2-0ubuntu1.1"}]}],"versions":["2.1.3-0ubuntu1","2.1.5-0ubuntu1","2.2.1-0ubuntu1","2.2.2-0ubuntu1"],"ecosystem_specific":{"binaries":[{"binary_version":"2.2.2-0ubuntu1.1","binary_name":"containerd-stable"}],"availability":"No subscription required"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8473-1.json","cves_map":{"cves":[{"id":"CVE-2026-33814","severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"severity":[{"score":"medium","type":"Ubuntu"}],"id":"CVE-2026-47262"},{"severity":[{"score":"high","type":"Ubuntu"}],"id":"CVE-2026-50195"},{"id":"CVE-2026-53488","severity":[{"score":"high","type":"Ubuntu"}]},{"id":"CVE-2026-53489","severity":[{"score":"high","type":"Ubuntu"}]},{"id":"CVE-2026-53492","severity":[{"score":"high","type":"Ubuntu"}]}],"ecosystem":"Ubuntu:26.04:LTS"}}}],"schema_version":"1.7.5"}