Количество 21
Количество 21
CVE-2025-52565
runc is a CLI tool for spawning and running containers according to the OCI specification. Versions 1.0.0-rc3 through 1.2.7, 1.3.0-rc.1 through 1.3.2, and 1.4.0-rc.1 through 1.4.0-rc.2, due to insufficient checks when bind-mounting `/dev/pts/$n` to `/dev/console` inside the container, an attacker can trick runc into bind-mounting paths which would normally be made read-only or be masked onto a path that the attacker can write to. This attack is very similar in concept and application to CVE-2025-31133, except that it attacks a similar vulnerability in a different target (namely, the bind-mount of `/dev/pts/$n` to `/dev/console` as configured for all containers that allocate a console). This happens after `pivot_root(2)`, so this cannot be used to write to host files directly -- however, as with CVE-2025-31133, this can load to denial of service of the host or a container breakout by providing the attacker with a writable copy of `/proc/sysrq-trigger` or `/proc/sys/kernel/core_patter...
CVE-2025-52565
runc is a CLI tool for spawning and running containers according to the OCI specification. Versions 1.0.0-rc3 through 1.2.7, 1.3.0-rc.1 through 1.3.2, and 1.4.0-rc.1 through 1.4.0-rc.2, due to insufficient checks when bind-mounting `/dev/pts/$n` to `/dev/console` inside the container, an attacker can trick runc into bind-mounting paths which would normally be made read-only or be masked onto a path that the attacker can write to. This attack is very similar in concept and application to CVE-2025-31133, except that it attacks a similar vulnerability in a different target (namely, the bind-mount of `/dev/pts/$n` to `/dev/console` as configured for all containers that allocate a console). This happens after `pivot_root(2)`, so this cannot be used to write to host files directly -- however, as with CVE-2025-31133, this can load to denial of service of the host or a container breakout by providing the attacker with a writable copy of `/proc/sysrq-trigger` or `/proc/sys/kernel/core_pattern`
CVE-2025-52565
container escape due to /dev/console mount and related races
CVE-2025-52565
runc is a CLI tool for spawning and running containers according to th ...
GHSA-qw9x-cqr3-wc7r
runc container escape with malicious config due to /dev/console mount and related races
BDU:2025-14042
Уязвимость инструмента для запуска изолированных контейнеров runc, связанная с состоянием гонки, разрешающим отслеживание ссылок, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации
ROS-20251217-7301
Уязвимость runc
openSUSE-SU-2025:20072-1
Security update for runc
SUSE-SU-2025:4081-1
Security update for podman
SUSE-SU-2025:4080-1
Security update for podman
SUSE-SU-2025:4079-1
Security update for podman
SUSE-SU-2025:4077-1
Security update for runc
SUSE-SU-2025:4073-2
Security update for runc
SUSE-SU-2025:4073-1
Security update for runc
SUSE-SU-2025:3951-1
Security update for runc
SUSE-SU-2025:3950-1
Security update for runc
RLSA-2025:21232
Important: container-tools:rhel8 security update
RLSA-2025:20957
Important: runc security update
ELSA-2025-21232
ELSA-2025-21232: container-tools:rhel8 security update (IMPORTANT)
ELSA-2025-20957
ELSA-2025-20957: runc security update (IMPORTANT)
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-52565 runc is a CLI tool for spawning and running containers according to the OCI specification. Versions 1.0.0-rc3 through 1.2.7, 1.3.0-rc.1 through 1.3.2, and 1.4.0-rc.1 through 1.4.0-rc.2, due to insufficient checks when bind-mounting `/dev/pts/$n` to `/dev/console` inside the container, an attacker can trick runc into bind-mounting paths which would normally be made read-only or be masked onto a path that the attacker can write to. This attack is very similar in concept and application to CVE-2025-31133, except that it attacks a similar vulnerability in a different target (namely, the bind-mount of `/dev/pts/$n` to `/dev/console` as configured for all containers that allocate a console). This happens after `pivot_root(2)`, so this cannot be used to write to host files directly -- however, as with CVE-2025-31133, this can load to denial of service of the host or a container breakout by providing the attacker with a writable copy of `/proc/sysrq-trigger` or `/proc/sys/kernel/core_patter... | CVSS3: 7.5 | 0% Низкий | 2 месяца назад |
 | CVE-2025-52565 runc is a CLI tool for spawning and running containers according to the OCI specification. Versions 1.0.0-rc3 through 1.2.7, 1.3.0-rc.1 through 1.3.2, and 1.4.0-rc.1 through 1.4.0-rc.2, due to insufficient checks when bind-mounting `/dev/pts/$n` to `/dev/console` inside the container, an attacker can trick runc into bind-mounting paths which would normally be made read-only or be masked onto a path that the attacker can write to. This attack is very similar in concept and application to CVE-2025-31133, except that it attacks a similar vulnerability in a different target (namely, the bind-mount of `/dev/pts/$n` to `/dev/console` as configured for all containers that allocate a console). This happens after `pivot_root(2)`, so this cannot be used to write to host files directly -- however, as with CVE-2025-31133, this can load to denial of service of the host or a container breakout by providing the attacker with a writable copy of `/proc/sysrq-trigger` or `/proc/sys/kernel/core_pattern` | CVSS3: 7.5 | 0% Низкий | 2 месяца назад |
 | CVE-2025-52565 container escape due to /dev/console mount and related races | 0% Низкий | около 2 месяцев назад | |
| CVE-2025-52565 runc is a CLI tool for spawning and running containers according to th ... | CVSS3: 7.5 | 0% Низкий | 2 месяца назад |
| GHSA-qw9x-cqr3-wc7r runc container escape with malicious config due to /dev/console mount and related races | 0% Низкий | 2 месяца назад | |
 | BDU:2025-14042 Уязвимость инструмента для запуска изолированных контейнеров runc, связанная с состоянием гонки, разрешающим отслеживание ссылок, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации | CVSS3: 6.3 | 0% Низкий | 2 месяца назад |
 | ROS-20251217-7301 Уязвимость runc | CVSS3: 6.3 | 0% Низкий | около 1 месяца назад |
 | openSUSE-SU-2025:20072-1 Security update for runc | около 2 месяцев назад | ||
| SUSE-SU-2025:4081-1 Security update for podman | 2 месяца назад | ||
| SUSE-SU-2025:4080-1 Security update for podman | 2 месяца назад | ||
| SUSE-SU-2025:4079-1 Security update for podman | 2 месяца назад | ||
| SUSE-SU-2025:4077-1 Security update for runc | 2 месяца назад | ||
| SUSE-SU-2025:4073-2 Security update for runc | около 2 месяцев назад | ||
| SUSE-SU-2025:4073-1 Security update for runc | 2 месяца назад | ||
| SUSE-SU-2025:3951-1 Security update for runc | 2 месяца назад | ||
| SUSE-SU-2025:3950-1 Security update for runc | 2 месяца назад | ||
 | RLSA-2025:21232 Important: container-tools:rhel8 security update | около 2 месяцев назад | ||
| RLSA-2025:20957 Important: runc security update | около 2 месяцев назад | ||
| ELSA-2025-21232 ELSA-2025-21232: container-tools:rhel8 security update (IMPORTANT) | 2 месяца назад | ||
| ELSA-2025-20957 ELSA-2025-20957: runc security update (IMPORTANT) | около 2 месяцев назад |
Уязвимостей на страницу