CVE-2024-40635

{"id": "CVE-2024-40635", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 4.6, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "LOW"}, "impactScore": 2.7, "exploitabilityScore": 1.5}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2025-03-17T22:15:13.150", "references": [{"url": "https://github.com/containerd/containerd/commit/05044ec0a9a75232cad458027ca83437aae3f4da", "tags": ["Patch"], "source": "security-advisories@github.com"}, {"url": "https://github.com/containerd/containerd/commit/1a43cb6a1035441f9aca8f5666a9b3ef9e70ab20", "tags": ["Patch"], "source": "security-advisories@github.com"}, {"url": "https://github.com/containerd/containerd/commit/cf158e884cfe4812a6c371b59e4ea9bc4c46e51a", "tags": ["Patch"], "source": "security-advisories@github.com"}, {"url": "https://github.com/containerd/containerd/security/advisories/GHSA-265r-hfxg-fhmg", "tags": ["Vendor Advisory"], "source": "security-advisories@github.com"}, {"url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00005.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-190"}]}], "descriptions": [{"lang": "en", "value": "containerd is an open-source container runtime. A bug was found in containerd prior to versions 1.6.38, 1.7.27, and 2.0.4 where containers launched with a User set as a `UID:GID` larger than the maximum 32-bit signed integer can cause an overflow condition where the container ultimately runs as root (UID 0). This could cause unexpected behavior for environments that require containers to run as a non-root user. This bug has been fixed in containerd 1.6.38, 1.7.27, and 2.04. As a workaround, ensure that only trusted images are used and that only trusted users have permissions to import images."}, {"lang": "es", "value": "Containerd es un entorno de ejecuci\u00f3n de contenedores de c\u00f3digo abierto. Se detect\u00f3 un error en containerd anterior a las versiones 1.6.38, 1.7.27 y 2.0.4. Al iniciar contenedores con un usuario definido como `UID:GID` mayor que el entero con signo de 32 bits m\u00e1ximo, se pod\u00eda producir un desbordamiento, lo que provocaba que el contenedor se ejecutara como root (UID 0). Esto pod\u00eda causar un comportamiento inesperado en entornos que requieren que los contenedores se ejecuten como un usuario no root. Este error se ha corregido en containerd 1.6.38, 1.7.27 y 2.04. Como workaround, aseg\u00farese de que solo se utilicen im\u00e1genes de confianza y de que solo los usuarios de confianza tengan permisos para importar im\u00e1genes."}], "lastModified": "2025-10-02T01:51:43.210", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:linuxfoundation:containerd:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4DAC1B0C-7AA3-44E0-82C8-DD011D4828B2", "versionEndExcluding": "1.6.38"}, {"criteria": "cpe:2.3:a:linuxfoundation:containerd:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5B74E01C-674C-44D4-8812-8B52B9BD4914", "versionEndExcluding": "1.7.27", "versionStartIncluding": "1.7.0"}, {"criteria": "cpe:2.3:a:linuxfoundation:containerd:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A1E98592-3790-4370-8C6C-4457DB5D3983", "versionEndExcluding": "2.0.4", "versionStartIncluding": "2.0.0"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}