Hi,
On Mon, Apr 14, 2025 at 06:29:36PM +0000, Amin, Mostafa wrote:
Package: containerd
Version: 1.6.20~ds1-1+deb12u1
Severity: important
Tags: security patch
User: team@security.debian.org
Usertags: CVE-2024-40635
Dear Maintainer,
I'm submitting a patch for CVE-2024-40635 in the containerd package.
Vulnerability details:
- CVE ID: CVE-2024-40635
- Description: Integer overflow in UID/GID handling allows containers to run as root
- Affected versions: All versions prior to 1.6.38, 1.7.27, and 2.0.4
- Fixed upstream in: https://github.com/containerd/containerd/commit/11504c3fc5f45634f2d93d57743a998194430b82
The vulnerability allows containers launched with a User set as a UID:GID larger than the maximum 32-bit signed integer to cause an overflow condition where the container ultimately runs as root (UID 0) .
My patch adds validation for UID/GID values to prevent integer overflow, backported from the upstream fix. I've tested the patch and confirmed it correctly rejects values larger than MaxInt32.
The patch has been tested on Debian bookworm and works correctly.
Thank you for considering this contribution.
A bug for this issue has already been filled (please double-check next
time the BTS), I'm merging both reports.
Regards,
Salvatore
--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)