containerd fuzzing audit

Adam Korczynski <Adam@...>

Hello all,

containerd recently completed their fuzzing audit which resulted in a comprehensive fuzzing suite running continuously by way of OSS-Fuzz and in the CI covering multiple critical parts of the code base. The fuzzers found 4 issues, including a memory-exhaustion vulnerability of moderate severity.

You can read more about the audit in this blog post:

Many other projects have completed fuzzing audits, including Vitess, Argo, Kubernetes, Cluster-API, Cilium. You can read more about fuzzing the CNCF landscape here:

If you wish to have a fuzzing audit carried out for your CNCF-hosted project, please reach out to the CNCF.

Kind regards,
Adam Korczynski
Security Engineer, Ada Logics

ADA Logics Ltd is registered in England. No: 11624074.
Registered office: 266 Banbury Road, Post Box 292,
OX2 7DL, Oxford, Oxfordshire , United Kingdom