Описание
Security update for runc
This update for runc fixes the following issues:
- CVE-2025-31133: Fixed container escape via 'masked path' abuse due to mount race conditions (bsc#1252232).
- CVE-2025-52565: Fixed container escape with malicious config due to /dev/console mount and related races (bsc#1252232).
- CVE-2025-52881: Fixed container escape and denial of service due to arbitrary write gadgets and procfs write redirects (bsc#1252232).
Update to runc v1.2.7.
- Upstream changelog is available from https://github.com/opencontainers/runc/releases/tag/v1.2.7
Список пакетов
SUSE Linux Enterprise Server 12 SP5-LTSS
runc-1.2.7-16.67.1
SUSE Linux Enterprise Server LTSS Extended Security 12 SP5
runc-1.2.7-16.67.1
Ссылки
- Link for SUSE-SU-2025:3951-1
- E-Mail link for SUSE-SU-2025:3951-1
- SUSE Security Ratings
- SUSE Bug 1252232
- SUSE CVE CVE-2025-31133 page
- SUSE CVE CVE-2025-52565 page
- SUSE CVE CVE-2025-52881 page
Описание
unknown
Затронутые продукты
SUSE Linux Enterprise Server 12 SP5-LTSS:runc-1.2.7-16.67.1
SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:runc-1.2.7-16.67.1
Ссылки
- CVE-2025-31133
- SUSE Bug 1252232
Описание
unknown
Затронутые продукты
SUSE Linux Enterprise Server 12 SP5-LTSS:runc-1.2.7-16.67.1
SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:runc-1.2.7-16.67.1
Ссылки
- CVE-2025-52565
- SUSE Bug 1252232
Описание
unknown
Затронутые продукты
SUSE Linux Enterprise Server 12 SP5-LTSS:runc-1.2.7-16.67.1
SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:runc-1.2.7-16.67.1
Ссылки
- CVE-2025-52881
- SUSE Bug 1252232