You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
containerd vulnerability
About this tag
The containerd vulnerability tag covers a specific denial-of-service issue tracked as CVE-2025-64329, which affects the containerd CRI server. This vulnerability allows repeated use of the CRI Attach feature to leak goroutines, steadily increasing the containerd process's memory footprint until host memory is exhausted. The flaw poses a practical DoS risk for clusters and hosts exposing Attach functionality to untrusted users. The containerd team has released fixed versions, and operators are advised to prioritize patching or apply short-term mitigations if immediate upgrades are not possible. This tag is relevant for system administrators and IT professionals managing containerized environments on Windows or Linux hosts.
A newly disclosed vulnerability in the containerd CRI server — tracked as CVE-2025-64329 — allows repeated use of the CRI Attach feature to leak goroutines and steadily increase the containerd process’s memory footprint until the host’s memory is exhausted. The issue, reported to the containerd...