Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Files sdnoverlay.exe and sdnbridge.exe are reported as malicious software #9973

Open
itwpcs opened this issue Mar 19, 2024 · 0 comments
Open
Labels

Comments

@itwpcs
Copy link

itwpcs commented Mar 19, 2024

Description

After downloading the windows release cri-containerd-cni-1.7.11-windows-amd64.tar.gz the antivirus reports the files

.\cni\bin\sdnoverlay.exe
.\cni\bin\sdnbridge.exe

als malicious software. For double check, if the file was uploaded to www.virustotal.com, they say that 43 / 72 of their security vendors analysis complain this as malicious.
Screenshot:
image

As other example for a newer release, uploading windows relase cri-containerd-cni-1.7.14-windows-amd64.tar.gz to www.virustotal.com, this reports only on 5 / 72 of their security vendors analysis as malicious.

So is this a false positive and can be added to exclusions, or is this really malicious?

Steps to reproduce the issue

  1. Download https://github.com/containerd/containerd/releases/download/v1.7.11/cri-containerd-cni-1.7.11-windows-amd64.tar.gz
  2. Extract tar.gz (and afterwards .zip)
  3. Enable Antivirus Software (in my case TrendMicro) or Upload file to www.virustotal.com

Describe the results you received and expected

The result is, that the file was quarantined by antivirus software.
Expected behavior is, that antivirus software should not complain.

What version of containerd are you using?

1.7.11

Any other relevant information

No response

Show configuration if it is related to CRI plugin.

No response

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

No branches or pull requests

1 participant