Multiple Vulnerabilities in containerd Affecting Ubuntu Systems

Multiple Vulnerabilities in containerd Affecting Ubuntu Systems

First seen 25 Jun 2026, 16:06 UTC UbuntuLinuxsecurity 95% similarity 72.5
Share:

Article Content

Browse articles
ThreatCluster

On June 25, 2026, several vulnerabilities in containerd were disclosed, affecting various Ubuntu LTS versions. Key issues include improper handling of HTTP/2 SETTINGS frames (CVE-2026-33814), which can lead to denial of service, and incorrect group parsing during container creation (CVE-2026-47262), resulting in excessive memory consumption. Additionally, vulnerabilities allowing arbitrary code execution through image reference validation (CVE-2026-50195) and label propagation (CVE-2026-53488) were reported. These vulnerabilities impact Ubuntu 16.04, 18.04, 20.04, 22.04, 24.04, 25.10, and 26.04 LTS versions. The issues were confirmed by multiple researchers, including Jakub Ciolek and Robert Prast. Users are advised to update their systems to mitigate these risks. The vulnerabilities were published on May 7, 2026.

Key Points: • Multiple vulnerabilities in containerd affect various Ubuntu LTS versions. • CVE-2026-33814 can lead to denial of service through HTTP/2 SETTINGS frame mishandling. • Arbitrary code execution risks exist due to improper image reference validation and label propagation.

ThreatCluster AI

Timeline

2026-05-07
CVE-2026-33814 published
A vulnerability in containerd was published, allowing denial of service via HTTP/2 SETTINGS frames.
Ubuntu
2026-06-25
Multiple vulnerabilities disclosed
Several vulnerabilities in containerd were disclosed, affecting multiple Ubuntu LTS versions.
Linuxsecurity
2026-06-25
Advisories published for affected systems
Ubuntu published advisories USN-8471, USN-8472, and USN-8473 detailing vulnerabilities in containerd.
Ubuntu

Extracted Entities

1 / 2

Community

Browse all →