Test ID:	1.3.6.1.4.1.25623.1.0.705002
Category:	Debian Local Security Checks
Title:	Debian: Security Advisory (DSA-5002-1)
Summary:	The remote host is missing an update for the Debian 'containerd' package(s) announced via the DSA-5002-1 advisory.
Description:	Summary: The remote host is missing an update for the Debian 'containerd' package(s) announced via the DSA-5002-1 advisory. Vulnerability Insight: A flaw was discovered in containerd, an open and reliable container runtime. Insufficiently restricted permissions on container root and plugin directories could result in privilege escalation. For the stable distribution (bullseye), this problem has been fixed in version 1.4.5~ ds1-2+deb11u1. We recommend that you upgrade your containerd packages. For the detailed security status of containerd please refer to its security tracker page at: [link moved to references] Affected Software/OS: 'containerd' package(s) on Debian 11. Solution: Please install the updated package(s). CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2021-41103 https://github.com/containerd/containerd/security/advisories/GHSA-c2h3-6mxw-7mvq Debian Security Information: DSA-5002 (Google Search) https://www.debian.org/security/2021/dsa-5002 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B5Q6G6I4W5COQE25QMC7FJY3I3PAYFBB/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZNFADTCHHYWVM6W4NJ6CB4FNFM2VMBIB/ https://security.gentoo.org/glsa/202401-31 https://github.com/containerd/containerd/commit/5b46e404f6b9f661a205e28d59c982d3634148f8
Copyright	Copyright (C) 2021 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.