Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

GHSA-7p9f-6x8j-gxxp

GitHub Security Advisory

CRI-O: Maliciously structured checkpoint file can gain arbitrary node access

✓ GitHub Reviewed MODERATE Has CVE
View on GitHub

Advisory Details

### Impact

### Patches
1.31.1, 1.30.6, 1.29.8

### Workarounds
set `enable_criu_support = false`

### References
_Are there any links users can visit to find out more?_

Affected Packages

Go github.com/cri-o/cri-o
Affected versions: 0 (fixed in 1.29.11)
Go github.com/cri-o/cri-o
Affected versions: 1.30.0 (fixed in 1.30.8)
Go github.com/cri-o/cri-o
Affected versions: 1.31.0 (fixed in 1.31.3)

Related CVEs

CVE-2024-8676

Key Information

GHSA ID
GHSA-7p9f-6x8j-gxxp
Published
November 26, 2024 9:50 PM
Last Modified
May 1, 2025 1:31 PM
CVSS Score
5.0 /10
Primary Ecosystem
Go
Primary Package
github.com/cri-o/cri-o
GitHub Reviewed
✓ Yes

Dataset

Last updated: June 18, 2025 6:25 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.