Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-52565 (GCVE-0-2025-52565)
Vulnerability from cvelistv5
Published
2025-11-06 20:02
Modified
2025-11-06 21:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
runc is a CLI tool for spawning and running containers according to the OCI specification. Versions 1.0.0-rc3 through 1.2.7, 1.3.0-rc.1 through 1.3.2, and 1.4.0-rc.1 through 1.4.0-rc.2, due to insufficient checks when bind-mounting `/dev/pts/$n` to `/dev/console` inside the container, an attacker can trick runc into bind-mounting paths which would normally be made read-only or be masked onto a path that the attacker can write to. This attack is very similar in concept and application to CVE-2025-31133, except that it attacks a similar vulnerability in a different target (namely, the bind-mount of `/dev/pts/$n` to `/dev/console` as configured for all containers that allocate a console). This happens after `pivot_root(2)`, so this cannot be used to write to host files directly -- however, as with CVE-2025-31133, this can load to denial of service of the host or a container breakout by providing the attacker with a writable copy of `/proc/sysrq-trigger` or `/proc/sys/kernel/core_pattern` (respectively). This issue is fixed in versions 1.2.8, 1.3.3 and 1.4.0-rc.3.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| opencontainers | runc |
Version: >= 1.0.0-rc3, < 1.2.8 Version: >= 1.3.0-rc.1, < 1.3.3 Version: >= 1.4.0-rc.1, < 1.4.0-rc.3 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-52565",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-06T21:32:07.457681Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-06T21:32:19.129Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "runc",
"vendor": "opencontainers",
"versions": [
{
"status": "affected",
"version": "\u003e= 1.0.0-rc3, \u003c 1.2.8"
},
{
"status": "affected",
"version": "\u003e= 1.3.0-rc.1, \u003c 1.3.3"
},
{
"status": "affected",
"version": "\u003e= 1.4.0-rc.1, \u003c 1.4.0-rc.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "runc is a CLI tool for spawning and running containers according to the OCI specification. Versions 1.0.0-rc3 through 1.2.7, 1.3.0-rc.1 through 1.3.2, and 1.4.0-rc.1 through 1.4.0-rc.2, due to insufficient checks when bind-mounting `/dev/pts/$n` to `/dev/console` inside the container, an attacker can trick runc into bind-mounting paths which would normally be made read-only or be masked onto a path that the attacker can write to. This attack is very similar in concept and application to CVE-2025-31133, except that it attacks a similar vulnerability in a different target (namely, the bind-mount of `/dev/pts/$n` to `/dev/console` as configured for all containers that allocate a console). This happens after `pivot_root(2)`, so this cannot be used to write to host files directly -- however, as with CVE-2025-31133, this can load to denial of service of the host or a container breakout by providing the attacker with a writable copy of `/proc/sysrq-trigger` or `/proc/sys/kernel/core_pattern` (respectively). This issue is fixed in versions 1.2.8, 1.3.3 and 1.4.0-rc.3."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "PASSIVE",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:H/VA:N/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-61",
"description": "CWE-61: UNIX Symbolic Link (Symlink) Following",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-363",
"description": "CWE-363: Race Condition Enabling Link Following",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-06T20:02:58.513Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/opencontainers/runc/security/advisories/GHSA-qw9x-cqr3-wc7r",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/opencontainers/runc/security/advisories/GHSA-qw9x-cqr3-wc7r"
},
{
"name": "https://github.com/opencontainers/runc/commit/01de9d65dc72f67b256ef03f9bfb795a2bf143b4",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/opencontainers/runc/commit/01de9d65dc72f67b256ef03f9bfb795a2bf143b4"
},
{
"name": "https://github.com/opencontainers/runc/commit/398955bccb7f20565c224a3064d331c19e422398",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/opencontainers/runc/commit/398955bccb7f20565c224a3064d331c19e422398"
},
{
"name": "https://github.com/opencontainers/runc/commit/531ef794e4ecd628006a865ad334a048ee2b4b2e",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/opencontainers/runc/commit/531ef794e4ecd628006a865ad334a048ee2b4b2e"
},
{
"name": "https://github.com/opencontainers/runc/commit/9be1dbf4ac67d9840a043ebd2df5c68f36705d1d",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/opencontainers/runc/commit/9be1dbf4ac67d9840a043ebd2df5c68f36705d1d"
},
{
"name": "https://github.com/opencontainers/runc/commit/aee7d3fe355dd02939d44155e308ea0052e0d53a",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/opencontainers/runc/commit/aee7d3fe355dd02939d44155e308ea0052e0d53a"
},
{
"name": "https://github.com/opencontainers/runc/commit/db19bbed5348847da433faa9d69e9f90192bfa64",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/opencontainers/runc/commit/db19bbed5348847da433faa9d69e9f90192bfa64"
},
{
"name": "https://github.com/opencontainers/runc/commit/de87203e625cd7a27141fb5f2ad00a320c69c5e8",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/opencontainers/runc/commit/de87203e625cd7a27141fb5f2ad00a320c69c5e8"
},
{
"name": "https://github.com/opencontainers/runc/commit/ff94f9991bd32076c871ef0ad8bc1b763458e480",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/opencontainers/runc/commit/ff94f9991bd32076c871ef0ad8bc1b763458e480"
}
],
"source": {
"advisory": "GHSA-qw9x-cqr3-wc7r",
"discovery": "UNKNOWN"
},
"title": "container escape due to /dev/console mount and related races"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-52565",
"datePublished": "2025-11-06T20:02:58.513Z",
"dateReserved": "2025-06-18T03:55:52.036Z",
"dateUpdated": "2025-11-06T21:32:19.129Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2025-52565\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2025-11-06T20:15:49.240\",\"lastModified\":\"2025-11-06T20:15:49.240\",\"vulnStatus\":\"Received\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"runc is a CLI tool for spawning and running containers according to the OCI specification. Versions 1.0.0-rc3 through 1.2.7, 1.3.0-rc.1 through 1.3.2, and 1.4.0-rc.1 through 1.4.0-rc.2, due to insufficient checks when bind-mounting `/dev/pts/$n` to `/dev/console` inside the container, an attacker can trick runc into bind-mounting paths which would normally be made read-only or be masked onto a path that the attacker can write to. This attack is very similar in concept and application to CVE-2025-31133, except that it attacks a similar vulnerability in a different target (namely, the bind-mount of `/dev/pts/$n` to `/dev/console` as configured for all containers that allocate a console). This happens after `pivot_root(2)`, so this cannot be used to write to host files directly -- however, as with CVE-2025-31133, this can load to denial of service of the host or a container breakout by providing the attacker with a writable copy of `/proc/sysrq-trigger` or `/proc/sys/kernel/core_pattern` (respectively). This issue is fixed in versions 1.2.8, 1.3.3 and 1.4.0-rc.3.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:H/VA:N/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":8.4,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"PASSIVE\",\"vulnConfidentialityImpact\":\"NONE\",\"vulnIntegrityImpact\":\"HIGH\",\"vulnAvailabilityImpact\":\"NONE\",\"subConfidentialityImpact\":\"HIGH\",\"subIntegrityImpact\":\"HIGH\",\"subAvailabilityImpact\":\"HIGH\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-61\"},{\"lang\":\"en\",\"value\":\"CWE-363\"}]}],\"references\":[{\"url\":\"https://github.com/opencontainers/runc/commit/01de9d65dc72f67b256ef03f9bfb795a2bf143b4\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/opencontainers/runc/commit/398955bccb7f20565c224a3064d331c19e422398\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/opencontainers/runc/commit/531ef794e4ecd628006a865ad334a048ee2b4b2e\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/opencontainers/runc/commit/9be1dbf4ac67d9840a043ebd2df5c68f36705d1d\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/opencontainers/runc/commit/aee7d3fe355dd02939d44155e308ea0052e0d53a\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/opencontainers/runc/commit/db19bbed5348847da433faa9d69e9f90192bfa64\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/opencontainers/runc/commit/de87203e625cd7a27141fb5f2ad00a320c69c5e8\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/opencontainers/runc/commit/ff94f9991bd32076c871ef0ad8bc1b763458e480\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/opencontainers/runc/security/advisories/GHSA-qw9x-cqr3-wc7r\",\"source\":\"security-advisories@github.com\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-52565\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-11-06T21:32:07.457681Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-11-06T21:32:12.507Z\"}}], \"cna\": {\"title\": \"container escape due to /dev/console mount and related races\", \"source\": {\"advisory\": \"GHSA-qw9x-cqr3-wc7r\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV4_0\": {\"version\": \"4.0\", \"baseScore\": 8.4, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:H/VA:N/SC:H/SI:H/SA:H\", \"userInteraction\": \"PASSIVE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"NONE\", \"subIntegrityImpact\": \"HIGH\", \"vulnIntegrityImpact\": \"HIGH\", \"subAvailabilityImpact\": \"HIGH\", \"vulnAvailabilityImpact\": \"NONE\", \"subConfidentialityImpact\": \"HIGH\", \"vulnConfidentialityImpact\": \"NONE\"}}], \"affected\": [{\"vendor\": \"opencontainers\", \"product\": \"runc\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003e= 1.0.0-rc3, \u003c 1.2.8\"}, {\"status\": \"affected\", \"version\": \"\u003e= 1.3.0-rc.1, \u003c 1.3.3\"}, {\"status\": \"affected\", \"version\": \"\u003e= 1.4.0-rc.1, \u003c 1.4.0-rc.3\"}]}], \"references\": [{\"url\": \"https://github.com/opencontainers/runc/security/advisories/GHSA-qw9x-cqr3-wc7r\", \"name\": \"https://github.com/opencontainers/runc/security/advisories/GHSA-qw9x-cqr3-wc7r\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/opencontainers/runc/commit/01de9d65dc72f67b256ef03f9bfb795a2bf143b4\", \"name\": \"https://github.com/opencontainers/runc/commit/01de9d65dc72f67b256ef03f9bfb795a2bf143b4\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/opencontainers/runc/commit/398955bccb7f20565c224a3064d331c19e422398\", \"name\": \"https://github.com/opencontainers/runc/commit/398955bccb7f20565c224a3064d331c19e422398\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/opencontainers/runc/commit/531ef794e4ecd628006a865ad334a048ee2b4b2e\", \"name\": \"https://github.com/opencontainers/runc/commit/531ef794e4ecd628006a865ad334a048ee2b4b2e\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/opencontainers/runc/commit/9be1dbf4ac67d9840a043ebd2df5c68f36705d1d\", \"name\": \"https://github.com/opencontainers/runc/commit/9be1dbf4ac67d9840a043ebd2df5c68f36705d1d\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/opencontainers/runc/commit/aee7d3fe355dd02939d44155e308ea0052e0d53a\", \"name\": \"https://github.com/opencontainers/runc/commit/aee7d3fe355dd02939d44155e308ea0052e0d53a\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/opencontainers/runc/commit/db19bbed5348847da433faa9d69e9f90192bfa64\", \"name\": \"https://github.com/opencontainers/runc/commit/db19bbed5348847da433faa9d69e9f90192bfa64\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/opencontainers/runc/commit/de87203e625cd7a27141fb5f2ad00a320c69c5e8\", \"name\": \"https://github.com/opencontainers/runc/commit/de87203e625cd7a27141fb5f2ad00a320c69c5e8\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/opencontainers/runc/commit/ff94f9991bd32076c871ef0ad8bc1b763458e480\", \"name\": \"https://github.com/opencontainers/runc/commit/ff94f9991bd32076c871ef0ad8bc1b763458e480\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"runc is a CLI tool for spawning and running containers according to the OCI specification. Versions 1.0.0-rc3 through 1.2.7, 1.3.0-rc.1 through 1.3.2, and 1.4.0-rc.1 through 1.4.0-rc.2, due to insufficient checks when bind-mounting `/dev/pts/$n` to `/dev/console` inside the container, an attacker can trick runc into bind-mounting paths which would normally be made read-only or be masked onto a path that the attacker can write to. This attack is very similar in concept and application to CVE-2025-31133, except that it attacks a similar vulnerability in a different target (namely, the bind-mount of `/dev/pts/$n` to `/dev/console` as configured for all containers that allocate a console). This happens after `pivot_root(2)`, so this cannot be used to write to host files directly -- however, as with CVE-2025-31133, this can load to denial of service of the host or a container breakout by providing the attacker with a writable copy of `/proc/sysrq-trigger` or `/proc/sys/kernel/core_pattern` (respectively). This issue is fixed in versions 1.2.8, 1.3.3 and 1.4.0-rc.3.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-61\", \"description\": \"CWE-61: UNIX Symbolic Link (Symlink) Following\"}]}, {\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-363\", \"description\": \"CWE-363: Race Condition Enabling Link Following\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2025-11-06T20:02:58.513Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-52565\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-11-06T21:32:19.129Z\", \"dateReserved\": \"2025-06-18T03:55:52.036Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2025-11-06T20:02:58.513Z\", \"assignerShortName\": \"GitHub_M\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
opensuse-su-2025:15705-1
Vulnerability from csaf_opensuse
Published
2025-11-05 00:00
Modified
2025-11-05 00:00
Summary
runc-1.3.3-1.1 on GA media
Notes
Title of the patch
runc-1.3.3-1.1 on GA media
Description of the patch
These are all security issues fixed in the runc-1.3.3-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2025-15705
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "runc-1.3.3-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the runc-1.3.3-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15705",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15705-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-31133 page",
"url": "https://www.suse.com/security/cve/CVE-2025-31133/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-52565 page",
"url": "https://www.suse.com/security/cve/CVE-2025-52565/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-52881 page",
"url": "https://www.suse.com/security/cve/CVE-2025-52881/"
}
],
"title": "runc-1.3.3-1.1 on GA media",
"tracking": {
"current_release_date": "2025-11-05T00:00:00Z",
"generator": {
"date": "2025-11-05T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15705-1",
"initial_release_date": "2025-11-05T00:00:00Z",
"revision_history": [
{
"date": "2025-11-05T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "runc-1.3.3-1.1.aarch64",
"product": {
"name": "runc-1.3.3-1.1.aarch64",
"product_id": "runc-1.3.3-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "runc-1.3.3-1.1.ppc64le",
"product": {
"name": "runc-1.3.3-1.1.ppc64le",
"product_id": "runc-1.3.3-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "runc-1.3.3-1.1.s390x",
"product": {
"name": "runc-1.3.3-1.1.s390x",
"product_id": "runc-1.3.3-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "runc-1.3.3-1.1.x86_64",
"product": {
"name": "runc-1.3.3-1.1.x86_64",
"product_id": "runc-1.3.3-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.3.3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:runc-1.3.3-1.1.aarch64"
},
"product_reference": "runc-1.3.3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.3.3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:runc-1.3.3-1.1.ppc64le"
},
"product_reference": "runc-1.3.3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.3.3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:runc-1.3.3-1.1.s390x"
},
"product_reference": "runc-1.3.3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.3.3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:runc-1.3.3-1.1.x86_64"
},
"product_reference": "runc-1.3.3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-31133",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-31133"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:runc-1.3.3-1.1.aarch64",
"openSUSE Tumbleweed:runc-1.3.3-1.1.ppc64le",
"openSUSE Tumbleweed:runc-1.3.3-1.1.s390x",
"openSUSE Tumbleweed:runc-1.3.3-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-31133",
"url": "https://www.suse.com/security/cve/CVE-2025-31133"
},
{
"category": "external",
"summary": "SUSE Bug 1252232 for CVE-2025-31133",
"url": "https://bugzilla.suse.com/1252232"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:runc-1.3.3-1.1.aarch64",
"openSUSE Tumbleweed:runc-1.3.3-1.1.ppc64le",
"openSUSE Tumbleweed:runc-1.3.3-1.1.s390x",
"openSUSE Tumbleweed:runc-1.3.3-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:runc-1.3.3-1.1.aarch64",
"openSUSE Tumbleweed:runc-1.3.3-1.1.ppc64le",
"openSUSE Tumbleweed:runc-1.3.3-1.1.s390x",
"openSUSE Tumbleweed:runc-1.3.3-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-05T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-31133"
},
{
"cve": "CVE-2025-52565",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-52565"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:runc-1.3.3-1.1.aarch64",
"openSUSE Tumbleweed:runc-1.3.3-1.1.ppc64le",
"openSUSE Tumbleweed:runc-1.3.3-1.1.s390x",
"openSUSE Tumbleweed:runc-1.3.3-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-52565",
"url": "https://www.suse.com/security/cve/CVE-2025-52565"
},
{
"category": "external",
"summary": "SUSE Bug 1252232 for CVE-2025-52565",
"url": "https://bugzilla.suse.com/1252232"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:runc-1.3.3-1.1.aarch64",
"openSUSE Tumbleweed:runc-1.3.3-1.1.ppc64le",
"openSUSE Tumbleweed:runc-1.3.3-1.1.s390x",
"openSUSE Tumbleweed:runc-1.3.3-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:runc-1.3.3-1.1.aarch64",
"openSUSE Tumbleweed:runc-1.3.3-1.1.ppc64le",
"openSUSE Tumbleweed:runc-1.3.3-1.1.s390x",
"openSUSE Tumbleweed:runc-1.3.3-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-05T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-52565"
},
{
"cve": "CVE-2025-52881",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-52881"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:runc-1.3.3-1.1.aarch64",
"openSUSE Tumbleweed:runc-1.3.3-1.1.ppc64le",
"openSUSE Tumbleweed:runc-1.3.3-1.1.s390x",
"openSUSE Tumbleweed:runc-1.3.3-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-52881",
"url": "https://www.suse.com/security/cve/CVE-2025-52881"
},
{
"category": "external",
"summary": "SUSE Bug 1252232 for CVE-2025-52881",
"url": "https://bugzilla.suse.com/1252232"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:runc-1.3.3-1.1.aarch64",
"openSUSE Tumbleweed:runc-1.3.3-1.1.ppc64le",
"openSUSE Tumbleweed:runc-1.3.3-1.1.s390x",
"openSUSE Tumbleweed:runc-1.3.3-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:runc-1.3.3-1.1.aarch64",
"openSUSE Tumbleweed:runc-1.3.3-1.1.ppc64le",
"openSUSE Tumbleweed:runc-1.3.3-1.1.s390x",
"openSUSE Tumbleweed:runc-1.3.3-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-05T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-52881"
}
]
}
rhsa-2025:19927
Vulnerability from csaf_redhat
Published
2025-11-07 18:11
Modified
2025-11-08 00:23
Summary
Red Hat Security Advisory: runc security update
Notes
Topic
An update for runc is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The runC tool is a lightweight, portable implementation of the Open Container Format (OCF) that provides container runtime.
Security Fix(es):
* runc: container escape via 'masked path' abuse due to mount race conditions (CVE-2025-31133)
* runc: container escape with malicious config due to /dev/console mount and related races (CVE-2025-52565)
* runc: container escape and denial of service due to arbitrary write gadgets and procfs write redirects (CVE-2025-52881)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for runc is now available for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The runC tool is a lightweight, portable implementation of the Open Container Format (OCF) that provides container runtime.\n\nSecurity Fix(es):\n\n* runc: container escape via \u0027masked path\u0027 abuse due to mount race conditions (CVE-2025-31133)\n\n* runc: container escape with malicious config due to /dev/console mount and related races (CVE-2025-52565)\n\n* runc: container escape and denial of service due to arbitrary write gadgets and procfs write redirects (CVE-2025-52881)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:19927",
"url": "https://access.redhat.com/errata/RHSA-2025:19927"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2404705",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2404705"
},
{
"category": "external",
"summary": "2404708",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2404708"
},
{
"category": "external",
"summary": "2404715",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2404715"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_19927.json"
}
],
"title": "Red Hat Security Advisory: runc security update",
"tracking": {
"current_release_date": "2025-11-08T00:23:45+00:00",
"generator": {
"date": "2025-11-08T00:23:45+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2025:19927",
"initial_release_date": "2025-11-07T18:11:41+00:00",
"revision_history": [
{
"date": "2025-11-07T18:11:41+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-11-07T18:11:41+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-08T00:23:45+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:9::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "runc-4:1.2.5-3.el9_6.src",
"product": {
"name": "runc-4:1.2.5-3.el9_6.src",
"product_id": "runc-4:1.2.5-3.el9_6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc@1.2.5-3.el9_6?arch=src\u0026epoch=4"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "runc-4:1.2.5-3.el9_6.aarch64",
"product": {
"name": "runc-4:1.2.5-3.el9_6.aarch64",
"product_id": "runc-4:1.2.5-3.el9_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc@1.2.5-3.el9_6?arch=aarch64\u0026epoch=4"
}
}
},
{
"category": "product_version",
"name": "runc-debugsource-4:1.2.5-3.el9_6.aarch64",
"product": {
"name": "runc-debugsource-4:1.2.5-3.el9_6.aarch64",
"product_id": "runc-debugsource-4:1.2.5-3.el9_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc-debugsource@1.2.5-3.el9_6?arch=aarch64\u0026epoch=4"
}
}
},
{
"category": "product_version",
"name": "runc-debuginfo-4:1.2.5-3.el9_6.aarch64",
"product": {
"name": "runc-debuginfo-4:1.2.5-3.el9_6.aarch64",
"product_id": "runc-debuginfo-4:1.2.5-3.el9_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc-debuginfo@1.2.5-3.el9_6?arch=aarch64\u0026epoch=4"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "runc-4:1.2.5-3.el9_6.ppc64le",
"product": {
"name": "runc-4:1.2.5-3.el9_6.ppc64le",
"product_id": "runc-4:1.2.5-3.el9_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc@1.2.5-3.el9_6?arch=ppc64le\u0026epoch=4"
}
}
},
{
"category": "product_version",
"name": "runc-debugsource-4:1.2.5-3.el9_6.ppc64le",
"product": {
"name": "runc-debugsource-4:1.2.5-3.el9_6.ppc64le",
"product_id": "runc-debugsource-4:1.2.5-3.el9_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc-debugsource@1.2.5-3.el9_6?arch=ppc64le\u0026epoch=4"
}
}
},
{
"category": "product_version",
"name": "runc-debuginfo-4:1.2.5-3.el9_6.ppc64le",
"product": {
"name": "runc-debuginfo-4:1.2.5-3.el9_6.ppc64le",
"product_id": "runc-debuginfo-4:1.2.5-3.el9_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc-debuginfo@1.2.5-3.el9_6?arch=ppc64le\u0026epoch=4"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "runc-4:1.2.5-3.el9_6.x86_64",
"product": {
"name": "runc-4:1.2.5-3.el9_6.x86_64",
"product_id": "runc-4:1.2.5-3.el9_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc@1.2.5-3.el9_6?arch=x86_64\u0026epoch=4"
}
}
},
{
"category": "product_version",
"name": "runc-debugsource-4:1.2.5-3.el9_6.x86_64",
"product": {
"name": "runc-debugsource-4:1.2.5-3.el9_6.x86_64",
"product_id": "runc-debugsource-4:1.2.5-3.el9_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc-debugsource@1.2.5-3.el9_6?arch=x86_64\u0026epoch=4"
}
}
},
{
"category": "product_version",
"name": "runc-debuginfo-4:1.2.5-3.el9_6.x86_64",
"product": {
"name": "runc-debuginfo-4:1.2.5-3.el9_6.x86_64",
"product_id": "runc-debuginfo-4:1.2.5-3.el9_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc-debuginfo@1.2.5-3.el9_6?arch=x86_64\u0026epoch=4"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "runc-4:1.2.5-3.el9_6.s390x",
"product": {
"name": "runc-4:1.2.5-3.el9_6.s390x",
"product_id": "runc-4:1.2.5-3.el9_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc@1.2.5-3.el9_6?arch=s390x\u0026epoch=4"
}
}
},
{
"category": "product_version",
"name": "runc-debugsource-4:1.2.5-3.el9_6.s390x",
"product": {
"name": "runc-debugsource-4:1.2.5-3.el9_6.s390x",
"product_id": "runc-debugsource-4:1.2.5-3.el9_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc-debugsource@1.2.5-3.el9_6?arch=s390x\u0026epoch=4"
}
}
},
{
"category": "product_version",
"name": "runc-debuginfo-4:1.2.5-3.el9_6.s390x",
"product": {
"name": "runc-debuginfo-4:1.2.5-3.el9_6.s390x",
"product_id": "runc-debuginfo-4:1.2.5-3.el9_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc-debuginfo@1.2.5-3.el9_6?arch=s390x\u0026epoch=4"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-4:1.2.5-3.el9_6.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:runc-4:1.2.5-3.el9_6.aarch64"
},
"product_reference": "runc-4:1.2.5-3.el9_6.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-4:1.2.5-3.el9_6.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:runc-4:1.2.5-3.el9_6.ppc64le"
},
"product_reference": "runc-4:1.2.5-3.el9_6.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-4:1.2.5-3.el9_6.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:runc-4:1.2.5-3.el9_6.s390x"
},
"product_reference": "runc-4:1.2.5-3.el9_6.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-4:1.2.5-3.el9_6.src as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:runc-4:1.2.5-3.el9_6.src"
},
"product_reference": "runc-4:1.2.5-3.el9_6.src",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-4:1.2.5-3.el9_6.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:runc-4:1.2.5-3.el9_6.x86_64"
},
"product_reference": "runc-4:1.2.5-3.el9_6.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-debuginfo-4:1.2.5-3.el9_6.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:runc-debuginfo-4:1.2.5-3.el9_6.aarch64"
},
"product_reference": "runc-debuginfo-4:1.2.5-3.el9_6.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-debuginfo-4:1.2.5-3.el9_6.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:runc-debuginfo-4:1.2.5-3.el9_6.ppc64le"
},
"product_reference": "runc-debuginfo-4:1.2.5-3.el9_6.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-debuginfo-4:1.2.5-3.el9_6.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:runc-debuginfo-4:1.2.5-3.el9_6.s390x"
},
"product_reference": "runc-debuginfo-4:1.2.5-3.el9_6.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-debuginfo-4:1.2.5-3.el9_6.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:runc-debuginfo-4:1.2.5-3.el9_6.x86_64"
},
"product_reference": "runc-debuginfo-4:1.2.5-3.el9_6.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-debugsource-4:1.2.5-3.el9_6.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:runc-debugsource-4:1.2.5-3.el9_6.aarch64"
},
"product_reference": "runc-debugsource-4:1.2.5-3.el9_6.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-debugsource-4:1.2.5-3.el9_6.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:runc-debugsource-4:1.2.5-3.el9_6.ppc64le"
},
"product_reference": "runc-debugsource-4:1.2.5-3.el9_6.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-debugsource-4:1.2.5-3.el9_6.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:runc-debugsource-4:1.2.5-3.el9_6.s390x"
},
"product_reference": "runc-debugsource-4:1.2.5-3.el9_6.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-debugsource-4:1.2.5-3.el9_6.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:runc-debugsource-4:1.2.5-3.el9_6.x86_64"
},
"product_reference": "runc-debugsource-4:1.2.5-3.el9_6.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-31133",
"cwe": {
"id": "CWE-59",
"name": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
},
"discovery_date": "2025-10-17T14:17:18.235000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2404705"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in runc. This flaw exploits an issue with how masked paths are implementedin runc. When masking files, runc will bind-mount the container\u0027s /dev/null inode on top of the file. However, if an attacker can replace /dev/null with a symlink to some other procfs file, runc will instead bind-mount the symlink target read-write.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "runc: container escape via \u0027masked path\u0027 abuse due to mount race conditions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat considers this as an Important flaw since the impact is limited to local attack with minimal privileges in order to jeopardize the environment.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.6.0.Z.MAIN.EUS:runc-4:1.2.5-3.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:runc-4:1.2.5-3.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:runc-4:1.2.5-3.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:runc-4:1.2.5-3.el9_6.src",
"AppStream-9.6.0.Z.MAIN.EUS:runc-4:1.2.5-3.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debuginfo-4:1.2.5-3.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debuginfo-4:1.2.5-3.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debuginfo-4:1.2.5-3.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debuginfo-4:1.2.5-3.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debugsource-4:1.2.5-3.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debugsource-4:1.2.5-3.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debugsource-4:1.2.5-3.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debugsource-4:1.2.5-3.el9_6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-31133"
},
{
"category": "external",
"summary": "RHBZ#2404705",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2404705"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-31133",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31133"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-31133",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-31133"
}
],
"release_date": "2025-11-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-07T18:11:41+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.6.0.Z.MAIN.EUS:runc-4:1.2.5-3.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:runc-4:1.2.5-3.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:runc-4:1.2.5-3.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:runc-4:1.2.5-3.el9_6.src",
"AppStream-9.6.0.Z.MAIN.EUS:runc-4:1.2.5-3.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debuginfo-4:1.2.5-3.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debuginfo-4:1.2.5-3.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debuginfo-4:1.2.5-3.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debuginfo-4:1.2.5-3.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debugsource-4:1.2.5-3.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debugsource-4:1.2.5-3.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debugsource-4:1.2.5-3.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debugsource-4:1.2.5-3.el9_6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:19927"
},
{
"category": "workaround",
"details": "Potential mitigations for this issue include:\n\n* Using user namespaces, with the host root user not mapped into the container\u0027s namespace. procfs file permissions are managed using Unix\nDAC and thus user namespaces stop a container process from being able to write to them.\n\n* Not running as a root user in the container (this includes disabling setuid binaries with noNewPrivileges). As above, procfs file permissions are managed using Unix DAC and thus non-root users cannot write to them.\n\n* Depending on the maskedPath configuration (the default configuratio nonly masks paths in /proc and /sys), using an AppArmor that blocks unexpectedwrites to any maskedPaths (as is the case with the defaultprofile used by Docker and Podman) will block attempts to exploit this issue. However, CVE-2025-52881 allows an attacker to bypass LSMlabels, and so this mitigation is not helpful when considered incombination with CVE-2025-52881.",
"product_ids": [
"AppStream-9.6.0.Z.MAIN.EUS:runc-4:1.2.5-3.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:runc-4:1.2.5-3.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:runc-4:1.2.5-3.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:runc-4:1.2.5-3.el9_6.src",
"AppStream-9.6.0.Z.MAIN.EUS:runc-4:1.2.5-3.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debuginfo-4:1.2.5-3.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debuginfo-4:1.2.5-3.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debuginfo-4:1.2.5-3.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debuginfo-4:1.2.5-3.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debugsource-4:1.2.5-3.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debugsource-4:1.2.5-3.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debugsource-4:1.2.5-3.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debugsource-4:1.2.5-3.el9_6.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.6.0.Z.MAIN.EUS:runc-4:1.2.5-3.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:runc-4:1.2.5-3.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:runc-4:1.2.5-3.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:runc-4:1.2.5-3.el9_6.src",
"AppStream-9.6.0.Z.MAIN.EUS:runc-4:1.2.5-3.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debuginfo-4:1.2.5-3.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debuginfo-4:1.2.5-3.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debuginfo-4:1.2.5-3.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debuginfo-4:1.2.5-3.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debugsource-4:1.2.5-3.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debugsource-4:1.2.5-3.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debugsource-4:1.2.5-3.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debugsource-4:1.2.5-3.el9_6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "runc: container escape via \u0027masked path\u0027 abuse due to mount race conditions"
},
{
"cve": "CVE-2025-52565",
"cwe": {
"id": "CWE-59",
"name": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
},
"discovery_date": "2025-10-17T14:19:18.653000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2404708"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in runc. CVE-2025-52565 is very similar in concept and application toCVE-2025-31133, except that it exploits a flaw in /dev/console\nbind-mounts. When creating the /dev/console bind-mount (to /dev/pts/$n), if an attacker replaces /dev/pts/$n with a symlink then runc will bind-mount the symlink target over /dev/console.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "runc: container escape with malicious config due to /dev/console mount and related races",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat considers this as an Important flaw since the impact is limited to local attack with minimal privileges in order to jeopardize the environment.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.6.0.Z.MAIN.EUS:runc-4:1.2.5-3.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:runc-4:1.2.5-3.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:runc-4:1.2.5-3.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:runc-4:1.2.5-3.el9_6.src",
"AppStream-9.6.0.Z.MAIN.EUS:runc-4:1.2.5-3.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debuginfo-4:1.2.5-3.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debuginfo-4:1.2.5-3.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debuginfo-4:1.2.5-3.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debuginfo-4:1.2.5-3.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debugsource-4:1.2.5-3.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debugsource-4:1.2.5-3.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debugsource-4:1.2.5-3.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debugsource-4:1.2.5-3.el9_6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-52565"
},
{
"category": "external",
"summary": "RHBZ#2404708",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2404708"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-52565",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52565"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-52565",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-52565"
}
],
"release_date": "2025-11-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-07T18:11:41+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.6.0.Z.MAIN.EUS:runc-4:1.2.5-3.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:runc-4:1.2.5-3.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:runc-4:1.2.5-3.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:runc-4:1.2.5-3.el9_6.src",
"AppStream-9.6.0.Z.MAIN.EUS:runc-4:1.2.5-3.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debuginfo-4:1.2.5-3.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debuginfo-4:1.2.5-3.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debuginfo-4:1.2.5-3.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debuginfo-4:1.2.5-3.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debugsource-4:1.2.5-3.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debugsource-4:1.2.5-3.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debugsource-4:1.2.5-3.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debugsource-4:1.2.5-3.el9_6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:19927"
},
{
"category": "workaround",
"details": "Potential mitigations for this issue include:\n\n* Using user namespaces, with the host root user not mapped into the container\u0027s namespace. procfs file permissions are managed using Unix DAC and thus user namespaces stop a container process from being able to write to them.\n* Not running as a root user in the container (this includes disabling setuid binaries with noNewPrivileges). As above, procfs file permissions are managed using Unix DAC and thus non-root users cannot write to them.\n* The default SELinux policy should mitigate this issue, as the /dev/console bind-mount does not re-label the mount and so the container process should not be able to write to unsafe procfs files. However, CVE-2025-52881 allows an attacker to bypass LSM labels, and so this mitigation is not helpful when considered in combination with CVE-2025-52881.\n* The default AppArmor profile used by most runtimes will NOT help mitigate this issue, as /dev/console access is permitted. You could create a custom profile that blocks access to /dev/console, but such a profile might break regular containers. In addition, CVE-2025-52881 allows an attacker to bypass LSM labels, and so that mitigation is not helpful when considered in combination with CVE-2025-52881.",
"product_ids": [
"AppStream-9.6.0.Z.MAIN.EUS:runc-4:1.2.5-3.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:runc-4:1.2.5-3.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:runc-4:1.2.5-3.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:runc-4:1.2.5-3.el9_6.src",
"AppStream-9.6.0.Z.MAIN.EUS:runc-4:1.2.5-3.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debuginfo-4:1.2.5-3.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debuginfo-4:1.2.5-3.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debuginfo-4:1.2.5-3.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debuginfo-4:1.2.5-3.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debugsource-4:1.2.5-3.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debugsource-4:1.2.5-3.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debugsource-4:1.2.5-3.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debugsource-4:1.2.5-3.el9_6.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.6.0.Z.MAIN.EUS:runc-4:1.2.5-3.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:runc-4:1.2.5-3.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:runc-4:1.2.5-3.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:runc-4:1.2.5-3.el9_6.src",
"AppStream-9.6.0.Z.MAIN.EUS:runc-4:1.2.5-3.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debuginfo-4:1.2.5-3.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debuginfo-4:1.2.5-3.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debuginfo-4:1.2.5-3.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debuginfo-4:1.2.5-3.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debugsource-4:1.2.5-3.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debugsource-4:1.2.5-3.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debugsource-4:1.2.5-3.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debugsource-4:1.2.5-3.el9_6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "runc: container escape with malicious config due to /dev/console mount and related races"
},
{
"cve": "CVE-2025-52881",
"cwe": {
"id": "CWE-59",
"name": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
},
"discovery_date": "2025-10-17T14:19:18.652000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2404715"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in runc. This attack is a more sophisticated variant of CVE-2019-16884, which was a flaw that allowed an attacker to trick runc into writing the LSM process labels for a container process into a dummy tmpfs file and thus not apply the correct LSM labels to the container process. The mitigation applied for CVE-2019-16884 was fairly limited and effectively only caused runc to verify that when we write LSM labels that those labels are actual procfs files.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "runc: opencontainers/selinux: container escape and denial of service due to arbitrary write gadgets and procfs write redirects",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat considers this as an Important flaw since the impact is limited to local attack with minimal privileges in order to jeopardize the environment.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.6.0.Z.MAIN.EUS:runc-4:1.2.5-3.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:runc-4:1.2.5-3.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:runc-4:1.2.5-3.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:runc-4:1.2.5-3.el9_6.src",
"AppStream-9.6.0.Z.MAIN.EUS:runc-4:1.2.5-3.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debuginfo-4:1.2.5-3.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debuginfo-4:1.2.5-3.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debuginfo-4:1.2.5-3.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debuginfo-4:1.2.5-3.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debugsource-4:1.2.5-3.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debugsource-4:1.2.5-3.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debugsource-4:1.2.5-3.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debugsource-4:1.2.5-3.el9_6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-52881"
},
{
"category": "external",
"summary": "RHBZ#2404715",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2404715"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-52881",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52881"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-52881",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-52881"
}
],
"release_date": "2025-11-05T09:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-07T18:11:41+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.6.0.Z.MAIN.EUS:runc-4:1.2.5-3.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:runc-4:1.2.5-3.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:runc-4:1.2.5-3.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:runc-4:1.2.5-3.el9_6.src",
"AppStream-9.6.0.Z.MAIN.EUS:runc-4:1.2.5-3.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debuginfo-4:1.2.5-3.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debuginfo-4:1.2.5-3.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debuginfo-4:1.2.5-3.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debuginfo-4:1.2.5-3.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debugsource-4:1.2.5-3.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debugsource-4:1.2.5-3.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debugsource-4:1.2.5-3.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debugsource-4:1.2.5-3.el9_6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:19927"
},
{
"category": "workaround",
"details": "Potential mitigations for this issue include:\n\n* Using rootless containers, as doing so will block most of the inadvertent writes (runc would run with reduced privileges, making attempts to write to procfs files ineffective).\n* Based on our analysis, neither AppArmor or SELinux can protect against the full version of the redirected write attack. The container runtime is generally privileged enough to write to arbitrary procfs files, which is more than sufficient to cause a container breakout.",
"product_ids": [
"AppStream-9.6.0.Z.MAIN.EUS:runc-4:1.2.5-3.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:runc-4:1.2.5-3.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:runc-4:1.2.5-3.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:runc-4:1.2.5-3.el9_6.src",
"AppStream-9.6.0.Z.MAIN.EUS:runc-4:1.2.5-3.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debuginfo-4:1.2.5-3.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debuginfo-4:1.2.5-3.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debuginfo-4:1.2.5-3.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debuginfo-4:1.2.5-3.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debugsource-4:1.2.5-3.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debugsource-4:1.2.5-3.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debugsource-4:1.2.5-3.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debugsource-4:1.2.5-3.el9_6.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.6.0.Z.MAIN.EUS:runc-4:1.2.5-3.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:runc-4:1.2.5-3.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:runc-4:1.2.5-3.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:runc-4:1.2.5-3.el9_6.src",
"AppStream-9.6.0.Z.MAIN.EUS:runc-4:1.2.5-3.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debuginfo-4:1.2.5-3.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debuginfo-4:1.2.5-3.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debuginfo-4:1.2.5-3.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debuginfo-4:1.2.5-3.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debugsource-4:1.2.5-3.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debugsource-4:1.2.5-3.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debugsource-4:1.2.5-3.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:runc-debugsource-4:1.2.5-3.el9_6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "runc: opencontainers/selinux: container escape and denial of service due to arbitrary write gadgets and procfs write redirects"
}
]
}
fkie_cve-2025-52565
Vulnerability from fkie_nvd
Published
2025-11-06 20:15
Modified
2025-11-06 20:15
Severity ?
Summary
runc is a CLI tool for spawning and running containers according to the OCI specification. Versions 1.0.0-rc3 through 1.2.7, 1.3.0-rc.1 through 1.3.2, and 1.4.0-rc.1 through 1.4.0-rc.2, due to insufficient checks when bind-mounting `/dev/pts/$n` to `/dev/console` inside the container, an attacker can trick runc into bind-mounting paths which would normally be made read-only or be masked onto a path that the attacker can write to. This attack is very similar in concept and application to CVE-2025-31133, except that it attacks a similar vulnerability in a different target (namely, the bind-mount of `/dev/pts/$n` to `/dev/console` as configured for all containers that allocate a console). This happens after `pivot_root(2)`, so this cannot be used to write to host files directly -- however, as with CVE-2025-31133, this can load to denial of service of the host or a container breakout by providing the attacker with a writable copy of `/proc/sysrq-trigger` or `/proc/sys/kernel/core_pattern` (respectively). This issue is fixed in versions 1.2.8, 1.3.3 and 1.4.0-rc.3.
References
| URL | Tags | ||
|---|---|---|---|
| security-advisories@github.com | https://github.com/opencontainers/runc/commit/01de9d65dc72f67b256ef03f9bfb795a2bf143b4 | ||
| security-advisories@github.com | https://github.com/opencontainers/runc/commit/398955bccb7f20565c224a3064d331c19e422398 | ||
| security-advisories@github.com | https://github.com/opencontainers/runc/commit/531ef794e4ecd628006a865ad334a048ee2b4b2e | ||
| security-advisories@github.com | https://github.com/opencontainers/runc/commit/9be1dbf4ac67d9840a043ebd2df5c68f36705d1d | ||
| security-advisories@github.com | https://github.com/opencontainers/runc/commit/aee7d3fe355dd02939d44155e308ea0052e0d53a | ||
| security-advisories@github.com | https://github.com/opencontainers/runc/commit/db19bbed5348847da433faa9d69e9f90192bfa64 | ||
| security-advisories@github.com | https://github.com/opencontainers/runc/commit/de87203e625cd7a27141fb5f2ad00a320c69c5e8 | ||
| security-advisories@github.com | https://github.com/opencontainers/runc/commit/ff94f9991bd32076c871ef0ad8bc1b763458e480 | ||
| security-advisories@github.com | https://github.com/opencontainers/runc/security/advisories/GHSA-qw9x-cqr3-wc7r |
Impacted products
| Vendor | Product | Version |
|---|
{
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "runc is a CLI tool for spawning and running containers according to the OCI specification. Versions 1.0.0-rc3 through 1.2.7, 1.3.0-rc.1 through 1.3.2, and 1.4.0-rc.1 through 1.4.0-rc.2, due to insufficient checks when bind-mounting `/dev/pts/$n` to `/dev/console` inside the container, an attacker can trick runc into bind-mounting paths which would normally be made read-only or be masked onto a path that the attacker can write to. This attack is very similar in concept and application to CVE-2025-31133, except that it attacks a similar vulnerability in a different target (namely, the bind-mount of `/dev/pts/$n` to `/dev/console` as configured for all containers that allocate a console). This happens after `pivot_root(2)`, so this cannot be used to write to host files directly -- however, as with CVE-2025-31133, this can load to denial of service of the host or a container breakout by providing the attacker with a writable copy of `/proc/sysrq-trigger` or `/proc/sys/kernel/core_pattern` (respectively). This issue is fixed in versions 1.2.8, 1.3.3 and 1.4.0-rc.3."
}
],
"id": "CVE-2025-52565",
"lastModified": "2025-11-06T20:15:49.240",
"metrics": {
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:H/VA:N/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
},
"published": "2025-11-06T20:15:49.240",
"references": [
{
"source": "security-advisories@github.com",
"url": "https://github.com/opencontainers/runc/commit/01de9d65dc72f67b256ef03f9bfb795a2bf143b4"
},
{
"source": "security-advisories@github.com",
"url": "https://github.com/opencontainers/runc/commit/398955bccb7f20565c224a3064d331c19e422398"
},
{
"source": "security-advisories@github.com",
"url": "https://github.com/opencontainers/runc/commit/531ef794e4ecd628006a865ad334a048ee2b4b2e"
},
{
"source": "security-advisories@github.com",
"url": "https://github.com/opencontainers/runc/commit/9be1dbf4ac67d9840a043ebd2df5c68f36705d1d"
},
{
"source": "security-advisories@github.com",
"url": "https://github.com/opencontainers/runc/commit/aee7d3fe355dd02939d44155e308ea0052e0d53a"
},
{
"source": "security-advisories@github.com",
"url": "https://github.com/opencontainers/runc/commit/db19bbed5348847da433faa9d69e9f90192bfa64"
},
{
"source": "security-advisories@github.com",
"url": "https://github.com/opencontainers/runc/commit/de87203e625cd7a27141fb5f2ad00a320c69c5e8"
},
{
"source": "security-advisories@github.com",
"url": "https://github.com/opencontainers/runc/commit/ff94f9991bd32076c871ef0ad8bc1b763458e480"
},
{
"source": "security-advisories@github.com",
"url": "https://github.com/opencontainers/runc/security/advisories/GHSA-qw9x-cqr3-wc7r"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Received",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-61"
},
{
"lang": "en",
"value": "CWE-363"
}
],
"source": "security-advisories@github.com",
"type": "Primary"
}
]
}
ghsa-qw9x-cqr3-wc7r
Vulnerability from github
Published
2025-11-05 17:34
Modified
2025-11-06 23:12
Severity ?
VLAI Severity ?
Summary
runc container escape with malicious config due to /dev/console mount and related races
Details
Impact
This attack is very similar in concept and application to CVE-2025-31133, except that it attacks a similar vulnerability in a different target (namely, the bind-mount of /dev/pts/$n to /dev/console as configured for all containers that allocate a console).
In runc version 1.0.0-rc3 and later, due to insufficient checks when bind-mounting /dev/pts/$n to /dev/console inside the container, an attacker can trick runc into bind-mounting paths which would normally be made read-only or be masked onto a path that the attacker can write to. This happens after pivot_root(2), so this cannot be used to write to host files directly -- however, as with CVE-2025-31133, this can load to denial of service of the host or a container breakout by providing the attacker with a writable copy of /proc/sysrq-trigger or /proc/sys/kernel/core_pattern (respectively).
The reason that the attacker can gain write access to these files is because the /dev/console bind-mount happens before maskedPaths and readonlyPaths are applied.
Additional Findings
While investigating this issue, runc discovered some other theoretical issues that may or may not be exploitable, as well as taking the opportunity to fix some fairly well-known issues related to consoles.
Issue 1: Problematic Usage of os.Create
Go provides an os.Create function for creating files, which older code in runc (dating back to the original libcontainer from the early 2010s) had a tendency to use fairly liberally. os.Create implies O_CREAT|O_TRUNC but by design it does not apply O_NOFOLLOW nor O_EXCL, meaning if the target is swapped with a malicious symlink runc can be tricked into truncating host files (which can lead to denial of service attacks, among other concerns).
Runc conducted an audit of all os.Create usages in runc and found some suspicious usages related to device inodes, but based on runc's testing these were not exploitable in practice. Runc now has custom code lints to block any os.Create usage in runc, and plan to do a further audit of any other plain os.* operation usage throughout runc after this advisory becomes public.
CVE-2024-45310 was a similar attack but without the O_TRUNC component (which resulted in a "Low" severity) -- a similar attack being exploitable would've been much more severe.
Issue 2: Malicious /dev/pts/$n Inode Attacks (TIOCGPTPEER)
The (very) classic API for constructing consoles involves first opening /dev/ptmx for reading and writing. This allocates a new pseudo-terminal and the returned file descriptor is the "master" end (which is used by higher-level runtimes to do I/O with the container).
Traditionally, in order to get the "slave" end, you do ioctl(ptm, TIOCGPTN) to get the pseudo-terminal number and then open the file in /dev/pts/ with the corresponding base-10 decimal number of the number returned by TIOCGPTN. The naive way of doing this is vulnerable to very basic race attacks where /dev/pts/$n is replaced with a different pseudo-terminal or other malicious file.
In order to provide a mechanism to mitigate this risk, Aleksa Sarai (@cyphar from SUSE) implemented TIOCGPTPEER back in 2017 to provide a race-free way of doing the last TIOCGPTN step by opening the peer end of the pseudo-terminal directly. However, at the time it was believed to be too impractical to implement this protection in runc due to its no-monitor-process architecture (unlike runtimes like LXC which made use of TIOCGPTPEER almost immediately). While working on this advisory, runc found a way to make TIOCGPTN usage on pre-4.13 kernels still safe against race attacks and so have implemented both TIOCGPTPEER support as well as safe TIOCGPTN support as a fallback.
Another possible target of attack would be replacing /dev/ptmx or /dev/pts/ptmx with a different inode and tricking runc into trying to operate on it. This is very similar to the core issue in CVE-2025-31133 and had a similar solution.
Runc's analysis was that while this attack appears to be potentially problematic in theory, it seems unlikely to actually be exploitable due to how consoles are treated (runc tries to do several pseudo-terminal-specific ioctls and will error out if they fail -- which happens for most other file types). In principle you could imagine a DoS attack using a disconnected NFS handle but it seems impractical to exploit. However, runc felt it prudent to include a solution (and this also provides a safe mechanism to get the source mount for the /dev/console bind-mount issue at the beginning of this advisory).
Patches
This advisory is being published as part of a set of three advisories:
- CVE-2025-31133
- CVE-2025-52881
- CVE-2025-52565
The patches fixing this issue have accordingly been combined into a single patchset. The following patches from that patchset resolve the issues in this advisory:
- db19bbed5348 ("internal/sys: add VerifyInode helper")
- ff94f9991bd3 ("*: switch to safer securejoin.Reopen")
- 531ef794e4ec ("console: use TIOCGPTPEER when allocating peer PTY")
- 398955bccb7f ("console: add fallback for pre-TIOCGPTPEER kernels")
- 9be1dbf4ac67 ("console: avoid trivial symlink attacks for /dev/console")
- de87203e625c ("console: verify /dev/pts/ptmx before use")
- 01de9d65dc72 ("rootfs: avoid using os.Create for new device inodes")
- aee7d3fe355d ("ci: add lint to forbid the usage of os.Create")
runc 1.2.8, 1.3.3, and 1.4.0-rc.3 have been released and all contain fixes for these issues. As per runc's new release model, runc 1.1.x and earlier are no longer supported and thus have not been patched.
Mitigations
- Use containers with user namespaces (with the host root user not mapped into the container's user namespace). This will block most of the most serious aspects of these attacks, as the
procfsfiles used for the container breakout use Unix DAC permissions and user namespaced users will not have access to the relevant files.
An attacker would still be able to bind-mount host paths into the container but if the host uids and gids mapped into the container do not overlap with ordinary users on the host (which is the generally recommended configuration) then the attacker would likely not be able to read or write to most sensitive host files (depending on the Unix DAC permissions of the host files). Note that this is still technically more privilege than an unprivileged user on the host -- because the bind-mount is done by a privileged process, the attacker would be able to get access to directories whose parents may have denied search access (i.e., they may be able to access paths inside a chmod 700 directory that would normally block them from resolving subpaths).
Runc would also like to take this opportunity to re-iterate that runc strongly recommend all users use user namespaced containers. They have proven to be one of the best security hardening mechanisms against container breakouts, and the kernel applies additional restrictions to user namespaced containers above and beyond the user remapping functionality provided. With the advent of id-mapped mounts (Linux 5.12), there is very little reason to not use user namespaces for most applications. Note that using user namespaces to configure your container does not mean you have to enable unprivileged user namespace creation inside the container -- most container runtimes apply a seccomp-bpf profile which blocks unshare(CLONE_NEWUSER) inside containers regardless of whether the container itself uses user namespaces.
Rootless containers can provide even more protection if your configuration can use them -- by having runc itself be an unprivileged process, in general you would expect the impact scope of a runc bug to be less severe as it would only have the privileges afforded to the host user which spawned runc.
- For non-user namespaced containers, configure all containers you spawn to not permit processes to run with root privileges. In most cases this would require configuring the container to use a non-root user and enabling
noNewPrivilegesto disable any setuid or set-capability binaries. (Note that this is runc's general recommendation for a secure container setup -- it is very difficult, if not impossible, to run an untrusted program with root privileges safely.) If you need to usepingin your containers, there is anet.ipv4.ping_group_rangesysctl that can be used to allow unprivileged users to ping without requiring setuid or set-capability binaries. - Do not run untrusted container images from unknown or unverified sources.
- The default
containers-selinuxSELinux policy mitigates this issue, as (unlike CVE-2025-31133) the/dev/consolebind-mount does not get relabeled and so the container process cannot write to the bind-mounted procfs file by default.
Please note that CVE-2025-52881 allows an attacker to bypass LSM labels, and so this mitigation is not that helpful when considered in combination with CVE-2025-52881.
- The default AppArmor policy used by Docker and Podman does not mitigate this issue (as access to
/dev/console) is usually permitted. Users could create a custom profile that blocks access to/dev/console, but such a profile might break regular containers.
Please note that CVE-2025-52881 allows an attacker to bypass LSM labels, and so the mitigation provided with a custom profile is not that helpful when considered in combination with CVE-2025-52881.
Other Runtimes
As this vulnerability boils down to a fairly easy-to-make logic bug,runc has provided information to other OCI (crun, youki) and non-OCI (LXC) container runtimes about this vulnerability.
Based on discussions with other runtimes, it seems that crun and youki may have similar security issues and will release a co-ordinated security release along with runc. LXC appears to also be vulnerable in some aspects, but their security stance is (understandably) that non-user-namespaced containers are fundamentally insecure by design.
Credits
Thanks to Lei Wang (@ssst0n3 from Huawei) and Li Fubang (@lifubang from acmcoder.com, CIIC) for discovering and reporting the main /dev/console bind-mount vulnerability, as well as Aleksa Sarai (@cyphar from SUSE) for discovering Issues 1 and 2 and the original research into these classes of issues several years ago.
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 1.2.7"
},
"package": {
"ecosystem": "Go",
"name": "github.com/opencontainers/runc"
},
"ranges": [
{
"events": [
{
"introduced": "1.0.0-rc3"
},
{
"fixed": "1.2.8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 1.3.2"
},
"package": {
"ecosystem": "Go",
"name": "github.com/opencontainers/runc"
},
"ranges": [
{
"events": [
{
"introduced": "1.3.0-rc.1"
},
{
"fixed": "1.3.3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 1.4.0-rc.2"
},
"package": {
"ecosystem": "Go",
"name": "github.com/opencontainers/runc"
},
"ranges": [
{
"events": [
{
"introduced": "1.4.0-rc.1"
},
{
"fixed": "1.4.0-rc.3"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2025-52565"
],
"database_specific": {
"cwe_ids": [
"CWE-363",
"CWE-61"
],
"github_reviewed": true,
"github_reviewed_at": "2025-11-05T17:34:49Z",
"nvd_published_at": "2025-11-06T20:15:49Z",
"severity": "HIGH"
},
"details": "### Impact ###\nThis attack is very similar in concept and application to CVE-2025-31133, except that it attacks a similar vulnerability in a different target (namely, the bind-mount of `/dev/pts/$n` to `/dev/console` as configured for all containers that allocate a console). \n\nIn runc version 1.0.0-rc3 and later, due to insufficient checks when bind-mounting `/dev/pts/$n` to `/dev/console` inside the container, an attacker can trick runc into bind-mounting paths which would normally be made read-only or be masked onto a path that the attacker can write to. This happens after `pivot_root(2)`, so this cannot be used to write to host files directly -- however, as with CVE-2025-31133, this can load to denial of service of the host or a container breakout by providing the attacker with a writable copy of `/proc/sysrq-trigger` or `/proc/sys/kernel/core_pattern` (respectively). \n\nThe reason that the attacker can gain write access to these files is because the `/dev/console` bind-mount happens before `maskedPaths` and `readonlyPaths` are applied.\n\n#### Additional Findings ####\nWhile investigating this issue, runc discovered some other theoretical issues that may or may not be exploitable, as well as taking the opportunity to fix some fairly well-known issues related to consoles.\n\n##### Issue 1: Problematic Usage of `os.Create` #####\nGo provides an `os.Create` function for creating files, which older code in runc (dating back to the original `libcontainer` from the early 2010s) had a tendency to use fairly liberally. `os.Create` implies `O_CREAT|O_TRUNC` but by design it does not apply `O_NOFOLLOW` nor `O_EXCL`, meaning if the target is swapped with a malicious symlink runc can be tricked into truncating host files (which can lead to denial of service attacks, among other concerns). \n\nRunc conducted an audit of all `os.Create` usages in runc and found some suspicious usages related to device inodes, but based on runc\u0027s testing these were not exploitable in practice. Runc now has custom code lints to block any `os.Create` usage in runc, and plan to do a further audit of any other plain `os.*` operation usage throughout runc after this advisory becomes public. \n\nCVE-2024-45310 was a similar attack but without the `O_TRUNC` component (which resulted in a \"Low\" severity) -- a similar attack being exploitable would\u0027ve been much more severe.\n\n##### Issue 2: Malicious `/dev/pts/$n` Inode Attacks (`TIOCGPTPEER`) #####\nThe (very) classic API for constructing consoles involves first opening `/dev/ptmx` for reading and writing. This allocates a new pseudo-terminal and the returned file descriptor is the \"master\" end (which is used by higher-level runtimes to do I/O with the container). \n\nTraditionally, in order to get the \"slave\" end, you do `ioctl(ptm, TIOCGPTN)` to get the pseudo-terminal number and then open the file in `/dev/pts/` with the corresponding base-10 decimal number of the number returned by `TIOCGPTN`. The naive way of doing this is vulnerable to very basic race attacks where `/dev/pts/$n` is replaced with a different pseudo-terminal or other malicious file. \n\nIn order to provide a mechanism to mitigate this risk, Aleksa Sarai (@cyphar from SUSE) implemented `TIOCGPTPEER` back in 2017 to provide a race-free way of doing the last `TIOCGPTN` step by opening the peer end of the pseudo-terminal directly. However, at the time it was believed to be too impractical to implement this protection in runc due to its no-monitor-process architecture (unlike runtimes like LXC which made use of `TIOCGPTPEER` almost immediately). While working on this advisory, runc found a way to make `TIOCGPTN` usage on pre-4.13 kernels still safe against race attacks and so have implemented both `TIOCGPTPEER` support as well as safe `TIOCGPTN` support as a fallback. \n\nAnother possible target of attack would be replacing `/dev/ptmx` or `/dev/pts/ptmx` with a different inode and tricking runc into trying to operate on it. This is very similar to the core issue in CVE-2025-31133 and had a similar solution. \n\nRunc\u0027s analysis was that while this attack appears to be potentially problematic in theory, it seems unlikely to actually be exploitable due to how consoles are treated (runc tries to do several pseudo-terminal-specific `ioctl`s and will error out if they fail -- which happens for most other file types). In principle you could imagine a DoS attack using a disconnected NFS handle but it seems impractical to exploit. However, runc felt it prudent to include a solution (and this also provides a safe mechanism to get the source mount for the `/dev/console` bind-mount issue at the beginning of this advisory).\n\n### Patches ###\nThis advisory is being published as part of a set of three advisories:\n\n * CVE-2025-31133\n * CVE-2025-52881\n * CVE-2025-52565\n\nThe patches fixing this issue have accordingly been combined into a single patchset. The following patches from that patchset resolve the issues in this advisory:\n\n * db19bbed5348 (\"internal/sys: add VerifyInode helper\")\n * ff94f9991bd3 (\"*: switch to safer securejoin.Reopen\")\n * 531ef794e4ec (\"console: use TIOCGPTPEER when allocating peer PTY\")\n * 398955bccb7f (\"console: add fallback for pre-TIOCGPTPEER kernels\")\n * 9be1dbf4ac67 (\"console: avoid trivial symlink attacks for /dev/console\")\n * de87203e625c (\"console: verify /dev/pts/ptmx before use\")\n * 01de9d65dc72 (\"rootfs: avoid using os.Create for new device inodes\")\n * aee7d3fe355d (\"ci: add lint to forbid the usage of os.Create\")\n\nrunc 1.2.8, 1.3.3, and 1.4.0-rc.3 have been released and all contain fixes for these issues. As per [runc\u0027s new release model](https://github.com/opencontainers/runc/blob/v1.4.0-rc.2/RELEASES.md), runc 1.1.x and earlier are no longer supported and thus have not been patched.\n\n[CVE-2025-31133]: https://github.com/opencontainers/runc/security/advisories/GHSA-9493-h29p-rfm2\n[CVE-2025-52565]: https://github.com/opencontainers/runc/security/advisories/GHSA-qw9x-cqr3-wc7r\n[CVE-2025-52881]: https://github.com/opencontainers/runc/security/advisories/GHSA-cgrx-mc8f-2prm\n[RELEASES.md]: https://github.com/opencontainers/runc/blob/v1.4.0-rc.2/RELEASES.md\n\n### Mitigations ###\n* Use containers with user namespaces (with the host root user not mapped into the container\u0027s user namespace). This will block most of the most serious aspects of these attacks, as the `procfs` files used for the container breakout use Unix DAC permissions and user namespaced users will not have access to the relevant files. \n\nAn attacker would still be able to bind-mount host paths into the container but if the host uids and gids mapped into the container do not overlap with ordinary users on the host (which is the generally recommended configuration) then the attacker would likely not be able to read or write to most sensitive host files (depending on the Unix DAC permissions of the host files). Note that this is still technically more privilege than an unprivileged user on the host -- because the bind-mount is done by a privileged process, the attacker would be able to get access to directories whose parents may have denied search access (i.e., they may be able to access paths inside a `chmod 700` directory that would normally block them from resolving subpaths). \n\nRunc would also like to take this opportunity to re-iterate that runc **strongly** recommend all users use user namespaced containers. They have proven to be one of the best security hardening mechanisms against container breakouts, and the kernel applies additional restrictions to user namespaced containers above and beyond the user remapping functionality provided. With the advent of id-mapped mounts (Linux 5.12), there is very little reason to not use user namespaces for most applications. Note that using user namespaces to configure your container does not mean you have to enable unprivileged user namespace creation *inside* the container -- most container runtimes apply a seccomp-bpf profile which blocks `unshare(CLONE_NEWUSER)` inside containers regardless of whether the container itself uses user namespaces. \n\nRootless containers can provide even more protection if your configuration can use them -- by having runc itself be an unprivileged process, in general you would expect the impact scope of a runc bug to be less severe as it would only have the privileges afforded to the host user which spawned runc. \n\n * For non-user namespaced containers, configure all containers you spawn to not permit processes to run with root privileges. In most cases this would require configuring the container to use a non-root user and enabling `noNewPrivileges` to disable any setuid or set-capability binaries. (Note that this is runc\u0027s general recommendation for a secure container setup -- it is very difficult, if not impossible, to run an untrusted program with root privileges safely.) If you need to use `ping` in your containers, there is a `net.ipv4.ping_group_range` sysctl that can be used to allow unprivileged users to ping without requiring setuid or set-capability binaries. \n * Do not run untrusted container images from unknown or unverified sources.\n * The default `containers-selinux` SELinux policy mitigates this issue, as (unlike CVE-2025-31133) the `/dev/console` bind-mount does not get relabeled and so the container process cannot write to the bind-mounted procfs file by default.\n\n Please note that CVE-2025-52881 allows an attacker to bypass LSM labels, and so this mitigation is not that helpful when considered in combination with CVE-2025-52881.\n\n * The default AppArmor policy used by Docker and Podman does not mitigate this issue (as access to `/dev/console`) is usually permitted. Users could create a custom profile that blocks access to `/dev/console`, but such a profile might break regular containers.\n\n Please note that CVE-2025-52881 allows an attacker to bypass LSM labels, and so the mitigation provided with a custom profile is not that helpful when considered in combination with CVE-2025-52881.\n\n[CVE-2025-31133]: https://github.com/opencontainers/runc/security/advisories/GHSA-9493-h29p-rfm2\n[CVE-2025-52881]: https://github.com/opencontainers/runc/security/advisories/GHSA-cgrx-mc8f-2prm\n\n### Other Runtimes ###\nAs this vulnerability boils down to a fairly easy-to-make logic bug,runc has provided information to other OCI (crun, youki) and non-OCI (LXC) container runtimes about this vulnerability.\n\nBased on discussions with other runtimes, it seems that crun and youki may have similar security issues and will release a co-ordinated security release along with runc. LXC appears to also be vulnerable in some aspects, but [their security stance][lxc-security] is (understandably) that non-user-namespaced containers are fundamentally insecure by design.\n\n[lxc-security]: https://linuxcontainers.org/lxc/security/\n\n### Credits ###\n\nThanks to Lei Wang (@ssst0n3 from Huawei) and Li Fubang (@lifubang from acmcoder.com, CIIC) for discovering and reporting the main `/dev/console` bind-mount vulnerability, as well as Aleksa Sarai (@cyphar from SUSE) for discovering Issues 1 and 2 and the original research into these classes of issues several years ago.",
"id": "GHSA-qw9x-cqr3-wc7r",
"modified": "2025-11-06T23:12:51Z",
"published": "2025-11-05T17:34:49Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/opencontainers/runc/security/advisories/GHSA-qw9x-cqr3-wc7r"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-52565"
},
{
"type": "WEB",
"url": "https://github.com/opencontainers/runc/commit/01de9d65dc72f67b256ef03f9bfb795a2bf143b4"
},
{
"type": "WEB",
"url": "https://github.com/opencontainers/runc/commit/398955bccb7f20565c224a3064d331c19e422398"
},
{
"type": "WEB",
"url": "https://github.com/opencontainers/runc/commit/531ef794e4ecd628006a865ad334a048ee2b4b2e"
},
{
"type": "WEB",
"url": "https://github.com/opencontainers/runc/commit/9be1dbf4ac67d9840a043ebd2df5c68f36705d1d"
},
{
"type": "WEB",
"url": "https://github.com/opencontainers/runc/commit/aee7d3fe355dd02939d44155e308ea0052e0d53a"
},
{
"type": "WEB",
"url": "https://github.com/opencontainers/runc/commit/db19bbed5348847da433faa9d69e9f90192bfa64"
},
{
"type": "WEB",
"url": "https://github.com/opencontainers/runc/commit/de87203e625cd7a27141fb5f2ad00a320c69c5e8"
},
{
"type": "WEB",
"url": "https://github.com/opencontainers/runc/commit/ff94f9991bd32076c871ef0ad8bc1b763458e480"
},
{
"type": "PACKAGE",
"url": "https://github.com/opencontainers/runc"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
"type": "CVSS_V4"
}
],
"summary": "runc container escape with malicious config due to /dev/console mount and related races"
}
suse-su-2025:3951-1
Vulnerability from csaf_suse
Published
2025-11-05 10:23
Modified
2025-11-05 10:23
Summary
Security update for runc
Notes
Title of the patch
Security update for runc
Description of the patch
This update for runc fixes the following issues:
- CVE-2025-31133: Fixed container escape via 'masked path' abuse due to mount race conditions (bsc#1252232).
- CVE-2025-52565: Fixed container escape with malicious config due to /dev/console mount and related races (bsc#1252232).
- CVE-2025-52881: Fixed container escape and denial of service due to arbitrary write gadgets and procfs write redirects (bsc#1252232).
Update to runc v1.2.7.
- Upstream changelog is available from <https://github.com/opencontainers/runc/releases/tag/v1.2.7>
Patchnames
SUSE-2025-3951,SUSE-SLE-SERVER-12-SP5-LTSS-2025-3951,SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-3951
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for runc",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for runc fixes the following issues:\n\n- CVE-2025-31133: Fixed container escape via \u0027masked path\u0027 abuse due to mount race conditions (bsc#1252232).\n- CVE-2025-52565: Fixed container escape with malicious config due to /dev/console mount and related races (bsc#1252232).\n- CVE-2025-52881: Fixed container escape and denial of service due to arbitrary write gadgets and procfs write redirects (bsc#1252232).\n\nUpdate to runc v1.2.7. \n\n- Upstream changelog is available from \u003chttps://github.com/opencontainers/runc/releases/tag/v1.2.7\u003e\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-3951,SUSE-SLE-SERVER-12-SP5-LTSS-2025-3951,SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-3951",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_3951-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:3951-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20253951-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:3951-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-November/023151.html"
},
{
"category": "self",
"summary": "SUSE Bug 1252232",
"url": "https://bugzilla.suse.com/1252232"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-31133 page",
"url": "https://www.suse.com/security/cve/CVE-2025-31133/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-52565 page",
"url": "https://www.suse.com/security/cve/CVE-2025-52565/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-52881 page",
"url": "https://www.suse.com/security/cve/CVE-2025-52881/"
}
],
"title": "Security update for runc",
"tracking": {
"current_release_date": "2025-11-05T10:23:31Z",
"generator": {
"date": "2025-11-05T10:23:31Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:3951-1",
"initial_release_date": "2025-11-05T10:23:31Z",
"revision_history": [
{
"date": "2025-11-05T10:23:31Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "runc-1.2.7-16.67.1.aarch64",
"product": {
"name": "runc-1.2.7-16.67.1.aarch64",
"product_id": "runc-1.2.7-16.67.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "runc-1.2.7-16.67.1.i586",
"product": {
"name": "runc-1.2.7-16.67.1.i586",
"product_id": "runc-1.2.7-16.67.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "runc-1.2.7-16.67.1.ppc64le",
"product": {
"name": "runc-1.2.7-16.67.1.ppc64le",
"product_id": "runc-1.2.7-16.67.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "runc-1.2.7-16.67.1.s390x",
"product": {
"name": "runc-1.2.7-16.67.1.s390x",
"product_id": "runc-1.2.7-16.67.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "runc-1.2.7-16.67.1.x86_64",
"product": {
"name": "runc-1.2.7-16.67.1.x86_64",
"product_id": "runc-1.2.7-16.67.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss-extended-security:12:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-16.67.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:runc-1.2.7-16.67.1.aarch64"
},
"product_reference": "runc-1.2.7-16.67.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-16.67.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:runc-1.2.7-16.67.1.ppc64le"
},
"product_reference": "runc-1.2.7-16.67.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-16.67.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:runc-1.2.7-16.67.1.s390x"
},
"product_reference": "runc-1.2.7-16.67.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-16.67.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:runc-1.2.7-16.67.1.x86_64"
},
"product_reference": "runc-1.2.7-16.67.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-16.67.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:runc-1.2.7-16.67.1.x86_64"
},
"product_reference": "runc-1.2.7-16.67.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-31133",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-31133"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:runc-1.2.7-16.67.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:runc-1.2.7-16.67.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:runc-1.2.7-16.67.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:runc-1.2.7-16.67.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:runc-1.2.7-16.67.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-31133",
"url": "https://www.suse.com/security/cve/CVE-2025-31133"
},
{
"category": "external",
"summary": "SUSE Bug 1252232 for CVE-2025-31133",
"url": "https://bugzilla.suse.com/1252232"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:runc-1.2.7-16.67.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:runc-1.2.7-16.67.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:runc-1.2.7-16.67.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:runc-1.2.7-16.67.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:runc-1.2.7-16.67.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:runc-1.2.7-16.67.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:runc-1.2.7-16.67.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:runc-1.2.7-16.67.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:runc-1.2.7-16.67.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:runc-1.2.7-16.67.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-05T10:23:31Z",
"details": "important"
}
],
"title": "CVE-2025-31133"
},
{
"cve": "CVE-2025-52565",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-52565"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:runc-1.2.7-16.67.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:runc-1.2.7-16.67.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:runc-1.2.7-16.67.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:runc-1.2.7-16.67.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:runc-1.2.7-16.67.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-52565",
"url": "https://www.suse.com/security/cve/CVE-2025-52565"
},
{
"category": "external",
"summary": "SUSE Bug 1252232 for CVE-2025-52565",
"url": "https://bugzilla.suse.com/1252232"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:runc-1.2.7-16.67.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:runc-1.2.7-16.67.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:runc-1.2.7-16.67.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:runc-1.2.7-16.67.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:runc-1.2.7-16.67.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:runc-1.2.7-16.67.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:runc-1.2.7-16.67.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:runc-1.2.7-16.67.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:runc-1.2.7-16.67.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:runc-1.2.7-16.67.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-05T10:23:31Z",
"details": "important"
}
],
"title": "CVE-2025-52565"
},
{
"cve": "CVE-2025-52881",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-52881"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:runc-1.2.7-16.67.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:runc-1.2.7-16.67.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:runc-1.2.7-16.67.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:runc-1.2.7-16.67.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:runc-1.2.7-16.67.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-52881",
"url": "https://www.suse.com/security/cve/CVE-2025-52881"
},
{
"category": "external",
"summary": "SUSE Bug 1252232 for CVE-2025-52881",
"url": "https://bugzilla.suse.com/1252232"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:runc-1.2.7-16.67.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:runc-1.2.7-16.67.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:runc-1.2.7-16.67.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:runc-1.2.7-16.67.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:runc-1.2.7-16.67.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:runc-1.2.7-16.67.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:runc-1.2.7-16.67.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:runc-1.2.7-16.67.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:runc-1.2.7-16.67.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:runc-1.2.7-16.67.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-05T10:23:31Z",
"details": "important"
}
],
"title": "CVE-2025-52881"
}
]
}
suse-su-2025:3950-1
Vulnerability from csaf_suse
Published
2025-11-05 10:22
Modified
2025-11-05 10:22
Summary
Security update for runc
Notes
Title of the patch
Security update for runc
Description of the patch
This update for runc fixes the following issues:
- CVE-2025-31133: Fixed container escape via 'masked path' abuse due to mount race conditions (bsc#1252232).
- CVE-2025-52565: Fixed container escape with malicious config due to /dev/console mount and related races (bsc#1252232).
- CVE-2025-52881: Fixed container escape and denial of service due to arbitrary write gadgets and procfs write redirects (bsc#1252232).
Update to runc v1.2.7.
- Upstream changelog is available from <https://github.com/opencontainers/runc/releases/tag/v1.2.7>
Patchnames
SUSE-2025-3950,SUSE-SLE-Micro-5.3-2025-3950,SUSE-SLE-Micro-5.4-2025-3950,SUSE-SLE-Micro-5.5-2025-3950,SUSE-SLE-Module-Basesystem-15-SP7-2025-3950,SUSE-SLE-Module-Containers-15-SP6-2025-3950,SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-3950,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-3950,SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-3950,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-3950,SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-3950,SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-3950,SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-3950,SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-3950,SUSE-SLE-Product-SLES_SAP-15-SP3-2025-3950,SUSE-SLE-Product-SLES_SAP-15-SP4-2025-3950,SUSE-SLE-Product-SLES_SAP-15-SP5-2025-3950,SUSE-SUSE-MicroOS-5.2-2025-3950,SUSE-Storage-7.1-2025-3950,openSUSE-SLE-15.6-2025-3950
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for runc",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for runc fixes the following issues:\n\n- CVE-2025-31133: Fixed container escape via \u0027masked path\u0027 abuse due to mount race conditions (bsc#1252232).\n- CVE-2025-52565: Fixed container escape with malicious config due to /dev/console mount and related races (bsc#1252232).\n- CVE-2025-52881: Fixed container escape and denial of service due to arbitrary write gadgets and procfs write redirects (bsc#1252232).\n\nUpdate to runc v1.2.7. \n\n- Upstream changelog is available from \u003chttps://github.com/opencontainers/runc/releases/tag/v1.2.7\u003e\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-3950,SUSE-SLE-Micro-5.3-2025-3950,SUSE-SLE-Micro-5.4-2025-3950,SUSE-SLE-Micro-5.5-2025-3950,SUSE-SLE-Module-Basesystem-15-SP7-2025-3950,SUSE-SLE-Module-Containers-15-SP6-2025-3950,SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-3950,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-3950,SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-3950,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-3950,SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-3950,SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-3950,SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-3950,SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-3950,SUSE-SLE-Product-SLES_SAP-15-SP3-2025-3950,SUSE-SLE-Product-SLES_SAP-15-SP4-2025-3950,SUSE-SLE-Product-SLES_SAP-15-SP5-2025-3950,SUSE-SUSE-MicroOS-5.2-2025-3950,SUSE-Storage-7.1-2025-3950,openSUSE-SLE-15.6-2025-3950",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_3950-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:3950-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20253950-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:3950-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-November/023152.html"
},
{
"category": "self",
"summary": "SUSE Bug 1252232",
"url": "https://bugzilla.suse.com/1252232"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-31133 page",
"url": "https://www.suse.com/security/cve/CVE-2025-31133/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-52565 page",
"url": "https://www.suse.com/security/cve/CVE-2025-52565/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-52881 page",
"url": "https://www.suse.com/security/cve/CVE-2025-52881/"
}
],
"title": "Security update for runc",
"tracking": {
"current_release_date": "2025-11-05T10:22:48Z",
"generator": {
"date": "2025-11-05T10:22:48Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:3950-1",
"initial_release_date": "2025-11-05T10:22:48Z",
"revision_history": [
{
"date": "2025-11-05T10:22:48Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "runc-1.2.7-150000.80.1.aarch64",
"product": {
"name": "runc-1.2.7-150000.80.1.aarch64",
"product_id": "runc-1.2.7-150000.80.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "runc-1.2.7-150000.80.1.i586",
"product": {
"name": "runc-1.2.7-150000.80.1.i586",
"product_id": "runc-1.2.7-150000.80.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "runc-1.2.7-150000.80.1.ppc64le",
"product": {
"name": "runc-1.2.7-150000.80.1.ppc64le",
"product_id": "runc-1.2.7-150000.80.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "runc-1.2.7-150000.80.1.s390x",
"product": {
"name": "runc-1.2.7-150000.80.1.s390x",
"product_id": "runc-1.2.7-150000.80.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "runc-1.2.7-150000.80.1.x86_64",
"product": {
"name": "runc-1.2.7-150000.80.1.x86_64",
"product_id": "runc-1.2.7-150000.80.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.3",
"product": {
"name": "SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-micro:5.3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.4",
"product": {
"name": "SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-micro:5.4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.5",
"product": {
"name": "SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-micro:5.5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-basesystem:15:sp7"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Containers 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-containers:15:sp6"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.2",
"product": {
"name": "SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-microos:5.2"
}
}
},
{
"category": "product_name",
"name": "SUSE Enterprise Storage 7.1",
"product": {
"name": "SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:ses:7.1"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.aarch64 as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:runc-1.2.7-150000.80.1.aarch64"
},
"product_reference": "runc-1.2.7-150000.80.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.s390x as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:runc-1.2.7-150000.80.1.s390x"
},
"product_reference": "runc-1.2.7-150000.80.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.x86_64 as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:runc-1.2.7-150000.80.1.x86_64"
},
"product_reference": "runc-1.2.7-150000.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.aarch64 as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:runc-1.2.7-150000.80.1.aarch64"
},
"product_reference": "runc-1.2.7-150000.80.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.s390x as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:runc-1.2.7-150000.80.1.s390x"
},
"product_reference": "runc-1.2.7-150000.80.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.x86_64 as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:runc-1.2.7-150000.80.1.x86_64"
},
"product_reference": "runc-1.2.7-150000.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.aarch64 as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:runc-1.2.7-150000.80.1.aarch64"
},
"product_reference": "runc-1.2.7-150000.80.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.ppc64le as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:runc-1.2.7-150000.80.1.ppc64le"
},
"product_reference": "runc-1.2.7-150000.80.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.s390x as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:runc-1.2.7-150000.80.1.s390x"
},
"product_reference": "runc-1.2.7-150000.80.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.x86_64 as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:runc-1.2.7-150000.80.1.x86_64"
},
"product_reference": "runc-1.2.7-150000.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:runc-1.2.7-150000.80.1.aarch64"
},
"product_reference": "runc-1.2.7-150000.80.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:runc-1.2.7-150000.80.1.ppc64le"
},
"product_reference": "runc-1.2.7-150000.80.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:runc-1.2.7-150000.80.1.s390x"
},
"product_reference": "runc-1.2.7-150000.80.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:runc-1.2.7-150000.80.1.x86_64"
},
"product_reference": "runc-1.2.7-150000.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.aarch64 as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:runc-1.2.7-150000.80.1.aarch64"
},
"product_reference": "runc-1.2.7-150000.80.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.ppc64le as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:runc-1.2.7-150000.80.1.ppc64le"
},
"product_reference": "runc-1.2.7-150000.80.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.s390x as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:runc-1.2.7-150000.80.1.s390x"
},
"product_reference": "runc-1.2.7-150000.80.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.x86_64 as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:runc-1.2.7-150000.80.1.x86_64"
},
"product_reference": "runc-1.2.7-150000.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:runc-1.2.7-150000.80.1.aarch64"
},
"product_reference": "runc-1.2.7-150000.80.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:runc-1.2.7-150000.80.1.x86_64"
},
"product_reference": "runc-1.2.7-150000.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:runc-1.2.7-150000.80.1.aarch64"
},
"product_reference": "runc-1.2.7-150000.80.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:runc-1.2.7-150000.80.1.x86_64"
},
"product_reference": "runc-1.2.7-150000.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:runc-1.2.7-150000.80.1.aarch64"
},
"product_reference": "runc-1.2.7-150000.80.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:runc-1.2.7-150000.80.1.x86_64"
},
"product_reference": "runc-1.2.7-150000.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:runc-1.2.7-150000.80.1.aarch64"
},
"product_reference": "runc-1.2.7-150000.80.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:runc-1.2.7-150000.80.1.x86_64"
},
"product_reference": "runc-1.2.7-150000.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:runc-1.2.7-150000.80.1.aarch64"
},
"product_reference": "runc-1.2.7-150000.80.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:runc-1.2.7-150000.80.1.x86_64"
},
"product_reference": "runc-1.2.7-150000.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:runc-1.2.7-150000.80.1.aarch64"
},
"product_reference": "runc-1.2.7-150000.80.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:runc-1.2.7-150000.80.1.ppc64le"
},
"product_reference": "runc-1.2.7-150000.80.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:runc-1.2.7-150000.80.1.s390x"
},
"product_reference": "runc-1.2.7-150000.80.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:runc-1.2.7-150000.80.1.x86_64"
},
"product_reference": "runc-1.2.7-150000.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:runc-1.2.7-150000.80.1.aarch64"
},
"product_reference": "runc-1.2.7-150000.80.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:runc-1.2.7-150000.80.1.ppc64le"
},
"product_reference": "runc-1.2.7-150000.80.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:runc-1.2.7-150000.80.1.s390x"
},
"product_reference": "runc-1.2.7-150000.80.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:runc-1.2.7-150000.80.1.x86_64"
},
"product_reference": "runc-1.2.7-150000.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:runc-1.2.7-150000.80.1.aarch64"
},
"product_reference": "runc-1.2.7-150000.80.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:runc-1.2.7-150000.80.1.ppc64le"
},
"product_reference": "runc-1.2.7-150000.80.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:runc-1.2.7-150000.80.1.s390x"
},
"product_reference": "runc-1.2.7-150000.80.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:runc-1.2.7-150000.80.1.x86_64"
},
"product_reference": "runc-1.2.7-150000.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:runc-1.2.7-150000.80.1.ppc64le"
},
"product_reference": "runc-1.2.7-150000.80.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:runc-1.2.7-150000.80.1.x86_64"
},
"product_reference": "runc-1.2.7-150000.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:runc-1.2.7-150000.80.1.ppc64le"
},
"product_reference": "runc-1.2.7-150000.80.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:runc-1.2.7-150000.80.1.x86_64"
},
"product_reference": "runc-1.2.7-150000.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:runc-1.2.7-150000.80.1.ppc64le"
},
"product_reference": "runc-1.2.7-150000.80.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:runc-1.2.7-150000.80.1.x86_64"
},
"product_reference": "runc-1.2.7-150000.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.aarch64 as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:runc-1.2.7-150000.80.1.aarch64"
},
"product_reference": "runc-1.2.7-150000.80.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.s390x as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:runc-1.2.7-150000.80.1.s390x"
},
"product_reference": "runc-1.2.7-150000.80.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.x86_64 as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:runc-1.2.7-150000.80.1.x86_64"
},
"product_reference": "runc-1.2.7-150000.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.aarch64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:runc-1.2.7-150000.80.1.aarch64"
},
"product_reference": "runc-1.2.7-150000.80.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:runc-1.2.7-150000.80.1.x86_64"
},
"product_reference": "runc-1.2.7-150000.80.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:runc-1.2.7-150000.80.1.aarch64"
},
"product_reference": "runc-1.2.7-150000.80.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:runc-1.2.7-150000.80.1.ppc64le"
},
"product_reference": "runc-1.2.7-150000.80.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:runc-1.2.7-150000.80.1.s390x"
},
"product_reference": "runc-1.2.7-150000.80.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:runc-1.2.7-150000.80.1.x86_64"
},
"product_reference": "runc-1.2.7-150000.80.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-31133",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-31133"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:runc-1.2.7-150000.80.1.aarch64",
"SUSE Enterprise Storage 7.1:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Micro 5.2:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Micro 5.3:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Micro 5.4:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Micro 5.5:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:runc-1.2.7-150000.80.1.x86_64",
"openSUSE Leap 15.6:runc-1.2.7-150000.80.1.aarch64",
"openSUSE Leap 15.6:runc-1.2.7-150000.80.1.ppc64le",
"openSUSE Leap 15.6:runc-1.2.7-150000.80.1.s390x",
"openSUSE Leap 15.6:runc-1.2.7-150000.80.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-31133",
"url": "https://www.suse.com/security/cve/CVE-2025-31133"
},
{
"category": "external",
"summary": "SUSE Bug 1252232 for CVE-2025-31133",
"url": "https://bugzilla.suse.com/1252232"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:runc-1.2.7-150000.80.1.aarch64",
"SUSE Enterprise Storage 7.1:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Micro 5.2:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Micro 5.3:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Micro 5.4:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Micro 5.5:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:runc-1.2.7-150000.80.1.x86_64",
"openSUSE Leap 15.6:runc-1.2.7-150000.80.1.aarch64",
"openSUSE Leap 15.6:runc-1.2.7-150000.80.1.ppc64le",
"openSUSE Leap 15.6:runc-1.2.7-150000.80.1.s390x",
"openSUSE Leap 15.6:runc-1.2.7-150000.80.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:runc-1.2.7-150000.80.1.aarch64",
"SUSE Enterprise Storage 7.1:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Micro 5.2:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Micro 5.3:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Micro 5.4:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Micro 5.5:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:runc-1.2.7-150000.80.1.x86_64",
"openSUSE Leap 15.6:runc-1.2.7-150000.80.1.aarch64",
"openSUSE Leap 15.6:runc-1.2.7-150000.80.1.ppc64le",
"openSUSE Leap 15.6:runc-1.2.7-150000.80.1.s390x",
"openSUSE Leap 15.6:runc-1.2.7-150000.80.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-05T10:22:48Z",
"details": "important"
}
],
"title": "CVE-2025-31133"
},
{
"cve": "CVE-2025-52565",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-52565"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:runc-1.2.7-150000.80.1.aarch64",
"SUSE Enterprise Storage 7.1:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Micro 5.2:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Micro 5.3:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Micro 5.4:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Micro 5.5:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:runc-1.2.7-150000.80.1.x86_64",
"openSUSE Leap 15.6:runc-1.2.7-150000.80.1.aarch64",
"openSUSE Leap 15.6:runc-1.2.7-150000.80.1.ppc64le",
"openSUSE Leap 15.6:runc-1.2.7-150000.80.1.s390x",
"openSUSE Leap 15.6:runc-1.2.7-150000.80.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-52565",
"url": "https://www.suse.com/security/cve/CVE-2025-52565"
},
{
"category": "external",
"summary": "SUSE Bug 1252232 for CVE-2025-52565",
"url": "https://bugzilla.suse.com/1252232"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:runc-1.2.7-150000.80.1.aarch64",
"SUSE Enterprise Storage 7.1:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Micro 5.2:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Micro 5.3:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Micro 5.4:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Micro 5.5:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:runc-1.2.7-150000.80.1.x86_64",
"openSUSE Leap 15.6:runc-1.2.7-150000.80.1.aarch64",
"openSUSE Leap 15.6:runc-1.2.7-150000.80.1.ppc64le",
"openSUSE Leap 15.6:runc-1.2.7-150000.80.1.s390x",
"openSUSE Leap 15.6:runc-1.2.7-150000.80.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:runc-1.2.7-150000.80.1.aarch64",
"SUSE Enterprise Storage 7.1:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Micro 5.2:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Micro 5.3:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Micro 5.4:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Micro 5.5:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:runc-1.2.7-150000.80.1.x86_64",
"openSUSE Leap 15.6:runc-1.2.7-150000.80.1.aarch64",
"openSUSE Leap 15.6:runc-1.2.7-150000.80.1.ppc64le",
"openSUSE Leap 15.6:runc-1.2.7-150000.80.1.s390x",
"openSUSE Leap 15.6:runc-1.2.7-150000.80.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-05T10:22:48Z",
"details": "important"
}
],
"title": "CVE-2025-52565"
},
{
"cve": "CVE-2025-52881",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-52881"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:runc-1.2.7-150000.80.1.aarch64",
"SUSE Enterprise Storage 7.1:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Micro 5.2:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Micro 5.3:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Micro 5.4:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Micro 5.5:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:runc-1.2.7-150000.80.1.x86_64",
"openSUSE Leap 15.6:runc-1.2.7-150000.80.1.aarch64",
"openSUSE Leap 15.6:runc-1.2.7-150000.80.1.ppc64le",
"openSUSE Leap 15.6:runc-1.2.7-150000.80.1.s390x",
"openSUSE Leap 15.6:runc-1.2.7-150000.80.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-52881",
"url": "https://www.suse.com/security/cve/CVE-2025-52881"
},
{
"category": "external",
"summary": "SUSE Bug 1252232 for CVE-2025-52881",
"url": "https://bugzilla.suse.com/1252232"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:runc-1.2.7-150000.80.1.aarch64",
"SUSE Enterprise Storage 7.1:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Micro 5.2:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Micro 5.3:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Micro 5.4:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Micro 5.5:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:runc-1.2.7-150000.80.1.x86_64",
"openSUSE Leap 15.6:runc-1.2.7-150000.80.1.aarch64",
"openSUSE Leap 15.6:runc-1.2.7-150000.80.1.ppc64le",
"openSUSE Leap 15.6:runc-1.2.7-150000.80.1.s390x",
"openSUSE Leap 15.6:runc-1.2.7-150000.80.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:runc-1.2.7-150000.80.1.aarch64",
"SUSE Enterprise Storage 7.1:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Micro 5.2:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Micro 5.3:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Micro 5.4:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Micro 5.5:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:runc-1.2.7-150000.80.1.x86_64",
"openSUSE Leap 15.6:runc-1.2.7-150000.80.1.aarch64",
"openSUSE Leap 15.6:runc-1.2.7-150000.80.1.ppc64le",
"openSUSE Leap 15.6:runc-1.2.7-150000.80.1.s390x",
"openSUSE Leap 15.6:runc-1.2.7-150000.80.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-05T10:22:48Z",
"details": "important"
}
],
"title": "CVE-2025-52881"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…