ALAS-2021-1555

Amazon Linux 1 (EOL) Security Advisory: ALAS-2021-1555
Advisory Released Date: 2022-01-20
Advisory Updated Date: 2022-01-20

Severity: Medium

References: CVE-2020-15157
FAQs regarding Amazon Linux ALAS/CVE Severity

Issue Overview:

A flaw was found in containerd. Credentials may be leaked during an image pull. (CVE-2020-15157)

Affected Packages:

containerd

Issue Correction:
Run yum update containerd to update your system.

New Packages:

src:
    containerd-1.3.2-1.3.amzn1.src

x86_64:
    containerd-debuginfo-1.3.2-1.3.amzn1.x86_64
    containerd-stress-1.3.2-1.3.amzn1.x86_64
    containerd-1.3.2-1.3.amzn1.x86_64

Additional References

Red Hat: CVE-2020-15157

Mitre: CVE-2020-15157