CVE-2026-53492

NameCVE-2026-53492
Descriptioncontainerd is an open-source container runtime. In Versions prior to 2.3.2, 2.2.5 and 2.1.9, the CRI implementation improperly trusts Container Device Interface (CDI) annotations found within untrusted checkpoint image metadata during container restoration. When restoring a container from a checkpoint, containerd preserves CDI-related annotations from the checkpoint archive rather than relying solely on the pod's create-time specification. This allows a user with pod creation permissions to bypass standard Kubernetes resource allocation and device plugin enforcement, injecting arbitrary CDI edits (such as device nodes and host mounts) into the restored container. Successful exploitation requires that the node has CDI enabled and contains a matching host CDI specification for the requested device; environments where CDI is disabled or lacking sensitive device specifications are not affected. This issue has been fixed in versions 2.3.2, 2.2.5 and 2.1.9.
SourceCVE (at NVD; CERT, ENISA, LWN, oss-sec, fulldisc, Debian ELTS, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
Debian Bugs1140385

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
containerd (PTS)bullseye1.4.13~ds1-1~deb11u4fixed
bullseye (security)1.4.13~ds1-1~deb11u6fixed
bookworm1.6.20~ds1-1+deb12u3fixed
bookworm (security)1.6.20~ds1-1+deb12u2fixed
trixie (security), trixie1.7.24~ds1-6+deb13u1fixed
forky, sid2.1.9+ds1-1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
containerdsourcebullseye(not affected)
containerdsourcebookworm(not affected)
containerdsourcetrixie(not affected)
containerdsource(unstable)2.1.9+ds1-11140385

Notes

[trixie] - containerd <not-affected> (Vulnerable code not present, only affects 2.x)
[bookworm] - containerd <not-affected> (Vulnerable code not present, only affects 2.x)
[bullseye] - containerd <not-affected> (Vulnerable code not present, only affects 2.x)
https://github.com/containerd/containerd/security/advisories/GHSA-33vj-92qq-66hc

Search for package or bug name: Reporting problems