Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-31133 (GCVE-0-2025-31133)
Vulnerability from cvelistv5
Published
2025-11-06 18:47
Modified
2025-11-06 19:22
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
runc is a CLI tool for spawning and running containers according to the OCI specification. In versions 1.2.7 and below, 1.3.0-rc.1 through 1.3.1, 1.4.0-rc.1 and 1.4.0-rc.2 files, runc would not perform sufficient verification that the source of the bind-mount (i.e., the container's /dev/null) was actually a real /dev/null inode when using the container's /dev/null to mask. This exposes two methods of attack: an arbitrary mount gadget, leading to host information disclosure, host denial of service, container escape, or a bypassing of maskedPaths. This issue is fixed in versions 1.2.8, 1.3.3 and 1.4.0-rc.3.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| opencontainers | runc |
Version: < 1.2.8 Version: >= 1.3.0-rc.1, < 1.3.3 Version: >= 1.4.0-rc.1, <= 1.4.0-rc.3 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-31133",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-06T19:03:45.356326Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-06T19:22:22.047Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "runc",
"vendor": "opencontainers",
"versions": [
{
"status": "affected",
"version": "\u003c 1.2.8"
},
{
"status": "affected",
"version": "\u003e= 1.3.0-rc.1, \u003c 1.3.3"
},
{
"status": "affected",
"version": "\u003e= 1.4.0-rc.1, \u003c= 1.4.0-rc.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "runc is a CLI tool for spawning and running containers according to the OCI specification. In versions 1.2.7 and below, 1.3.0-rc.1 through 1.3.1, 1.4.0-rc.1 and 1.4.0-rc.2 files, runc would not perform sufficient verification that the source of the bind-mount (i.e., the container\u0027s /dev/null) was actually a real /dev/null inode when using the container\u0027s /dev/null to mask. This exposes two methods of attack: an arbitrary mount gadget, leading to host information disclosure, host denial of service, container escape, or a bypassing of maskedPaths. This issue is fixed in versions 1.2.8, 1.3.3 and 1.4.0-rc.3."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "LOCAL",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "ACTIVE",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-61",
"description": "CWE-61: UNIX Symbolic Link (Symlink) Following",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-363",
"description": "CWE-363: Race Condition Enabling Link Following",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-06T18:47:47.335Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/opencontainers/runc/security/advisories/GHSA-9493-h29p-rfm2",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/opencontainers/runc/security/advisories/GHSA-9493-h29p-rfm2"
},
{
"name": "https://github.com/opencontainers/runc/commit/1a30a8f3d921acbbb6a4bb7e99da2c05f8d48522",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/opencontainers/runc/commit/1a30a8f3d921acbbb6a4bb7e99da2c05f8d48522"
},
{
"name": "https://github.com/opencontainers/runc/commit/5d7b2424072449872d1cd0c937f2ca25f418eb66",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/opencontainers/runc/commit/5d7b2424072449872d1cd0c937f2ca25f418eb66"
},
{
"name": "https://github.com/opencontainers/runc/commit/8476df83b534a2522b878c0507b3491def48db9f",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/opencontainers/runc/commit/8476df83b534a2522b878c0507b3491def48db9f"
},
{
"name": "https://github.com/opencontainers/runc/commit/db19bbed5348847da433faa9d69e9f90192bfa64",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/opencontainers/runc/commit/db19bbed5348847da433faa9d69e9f90192bfa64"
}
],
"source": {
"advisory": "GHSA-9493-h29p-rfm2",
"discovery": "UNKNOWN"
},
"title": "runc container escape via \"masked path\" abuse due to mount race conditions"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-31133",
"datePublished": "2025-11-06T18:47:47.335Z",
"dateReserved": "2025-03-26T15:04:52.627Z",
"dateUpdated": "2025-11-06T19:22:22.047Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2025-31133\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2025-11-06T19:15:41.343\",\"lastModified\":\"2025-11-06T19:45:09.883\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"runc is a CLI tool for spawning and running containers according to the OCI specification. In versions 1.2.7 and below, 1.3.0-rc.1 through 1.3.1, 1.4.0-rc.1 and 1.4.0-rc.2 files, runc would not perform sufficient verification that the source of the bind-mount (i.e., the container\u0027s /dev/null) was actually a real /dev/null inode when using the container\u0027s /dev/null to mask. This exposes two methods of attack: an arbitrary mount gadget, leading to host information disclosure, host denial of service, container escape, or a bypassing of maskedPaths. This issue is fixed in versions 1.2.8, 1.3.3 and 1.4.0-rc.3.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":7.3,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"PRESENT\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"ACTIVE\",\"vulnConfidentialityImpact\":\"HIGH\",\"vulnIntegrityImpact\":\"HIGH\",\"vulnAvailabilityImpact\":\"HIGH\",\"subConfidentialityImpact\":\"HIGH\",\"subIntegrityImpact\":\"HIGH\",\"subAvailabilityImpact\":\"HIGH\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-61\"},{\"lang\":\"en\",\"value\":\"CWE-363\"}]}],\"references\":[{\"url\":\"https://github.com/opencontainers/runc/commit/1a30a8f3d921acbbb6a4bb7e99da2c05f8d48522\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/opencontainers/runc/commit/5d7b2424072449872d1cd0c937f2ca25f418eb66\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/opencontainers/runc/commit/8476df83b534a2522b878c0507b3491def48db9f\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/opencontainers/runc/commit/db19bbed5348847da433faa9d69e9f90192bfa64\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/opencontainers/runc/security/advisories/GHSA-9493-h29p-rfm2\",\"source\":\"security-advisories@github.com\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-31133\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-11-06T19:03:45.356326Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-11-06T19:08:17.594Z\"}}], \"cna\": {\"title\": \"runc container escape via \\\"masked path\\\" abuse due to mount race conditions\", \"source\": {\"advisory\": \"GHSA-9493-h29p-rfm2\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV4_0\": {\"version\": \"4.0\", \"baseScore\": 7.3, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H\", \"userInteraction\": \"ACTIVE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"PRESENT\", \"privilegesRequired\": \"LOW\", \"subIntegrityImpact\": \"HIGH\", \"vulnIntegrityImpact\": \"HIGH\", \"subAvailabilityImpact\": \"HIGH\", \"vulnAvailabilityImpact\": \"HIGH\", \"subConfidentialityImpact\": \"HIGH\", \"vulnConfidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"vendor\": \"opencontainers\", \"product\": \"runc\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003c 1.2.8\"}, {\"status\": \"affected\", \"version\": \"\u003e= 1.3.0-rc.1, \u003c 1.3.3\"}, {\"status\": \"affected\", \"version\": \"\u003e= 1.4.0-rc.1, \u003c= 1.4.0-rc.3\"}]}], \"references\": [{\"url\": \"https://github.com/opencontainers/runc/security/advisories/GHSA-9493-h29p-rfm2\", \"name\": \"https://github.com/opencontainers/runc/security/advisories/GHSA-9493-h29p-rfm2\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/opencontainers/runc/commit/1a30a8f3d921acbbb6a4bb7e99da2c05f8d48522\", \"name\": \"https://github.com/opencontainers/runc/commit/1a30a8f3d921acbbb6a4bb7e99da2c05f8d48522\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/opencontainers/runc/commit/5d7b2424072449872d1cd0c937f2ca25f418eb66\", \"name\": \"https://github.com/opencontainers/runc/commit/5d7b2424072449872d1cd0c937f2ca25f418eb66\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/opencontainers/runc/commit/8476df83b534a2522b878c0507b3491def48db9f\", \"name\": \"https://github.com/opencontainers/runc/commit/8476df83b534a2522b878c0507b3491def48db9f\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/opencontainers/runc/commit/db19bbed5348847da433faa9d69e9f90192bfa64\", \"name\": \"https://github.com/opencontainers/runc/commit/db19bbed5348847da433faa9d69e9f90192bfa64\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"runc is a CLI tool for spawning and running containers according to the OCI specification. In versions 1.2.7 and below, 1.3.0-rc.1 through 1.3.1, 1.4.0-rc.1 and 1.4.0-rc.2 files, runc would not perform sufficient verification that the source of the bind-mount (i.e., the container\u0027s /dev/null) was actually a real /dev/null inode when using the container\u0027s /dev/null to mask. This exposes two methods of attack: an arbitrary mount gadget, leading to host information disclosure, host denial of service, container escape, or a bypassing of maskedPaths. This issue is fixed in versions 1.2.8, 1.3.3 and 1.4.0-rc.3.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-61\", \"description\": \"CWE-61: UNIX Symbolic Link (Symlink) Following\"}]}, {\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-363\", \"description\": \"CWE-363: Race Condition Enabling Link Following\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2025-11-06T18:47:47.335Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-31133\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-11-06T19:22:22.047Z\", \"dateReserved\": \"2025-03-26T15:04:52.627Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2025-11-06T18:47:47.335Z\", \"assignerShortName\": \"GitHub_M\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
fkie_cve-2025-31133
Vulnerability from fkie_nvd
Published
2025-11-06 19:15
Modified
2025-11-06 19:45
Severity ?
Summary
runc is a CLI tool for spawning and running containers according to the OCI specification. In versions 1.2.7 and below, 1.3.0-rc.1 through 1.3.1, 1.4.0-rc.1 and 1.4.0-rc.2 files, runc would not perform sufficient verification that the source of the bind-mount (i.e., the container's /dev/null) was actually a real /dev/null inode when using the container's /dev/null to mask. This exposes two methods of attack: an arbitrary mount gadget, leading to host information disclosure, host denial of service, container escape, or a bypassing of maskedPaths. This issue is fixed in versions 1.2.8, 1.3.3 and 1.4.0-rc.3.
References
| URL | Tags | ||
|---|---|---|---|
| security-advisories@github.com | https://github.com/opencontainers/runc/commit/1a30a8f3d921acbbb6a4bb7e99da2c05f8d48522 | ||
| security-advisories@github.com | https://github.com/opencontainers/runc/commit/5d7b2424072449872d1cd0c937f2ca25f418eb66 | ||
| security-advisories@github.com | https://github.com/opencontainers/runc/commit/8476df83b534a2522b878c0507b3491def48db9f | ||
| security-advisories@github.com | https://github.com/opencontainers/runc/commit/db19bbed5348847da433faa9d69e9f90192bfa64 | ||
| security-advisories@github.com | https://github.com/opencontainers/runc/security/advisories/GHSA-9493-h29p-rfm2 |
Impacted products
| Vendor | Product | Version |
|---|
{
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "runc is a CLI tool for spawning and running containers according to the OCI specification. In versions 1.2.7 and below, 1.3.0-rc.1 through 1.3.1, 1.4.0-rc.1 and 1.4.0-rc.2 files, runc would not perform sufficient verification that the source of the bind-mount (i.e., the container\u0027s /dev/null) was actually a real /dev/null inode when using the container\u0027s /dev/null to mask. This exposes two methods of attack: an arbitrary mount gadget, leading to host information disclosure, host denial of service, container escape, or a bypassing of maskedPaths. This issue is fixed in versions 1.2.8, 1.3.3 and 1.4.0-rc.3."
}
],
"id": "CVE-2025-31133",
"lastModified": "2025-11-06T19:45:09.883",
"metrics": {
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "LOCAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
},
"published": "2025-11-06T19:15:41.343",
"references": [
{
"source": "security-advisories@github.com",
"url": "https://github.com/opencontainers/runc/commit/1a30a8f3d921acbbb6a4bb7e99da2c05f8d48522"
},
{
"source": "security-advisories@github.com",
"url": "https://github.com/opencontainers/runc/commit/5d7b2424072449872d1cd0c937f2ca25f418eb66"
},
{
"source": "security-advisories@github.com",
"url": "https://github.com/opencontainers/runc/commit/8476df83b534a2522b878c0507b3491def48db9f"
},
{
"source": "security-advisories@github.com",
"url": "https://github.com/opencontainers/runc/commit/db19bbed5348847da433faa9d69e9f90192bfa64"
},
{
"source": "security-advisories@github.com",
"url": "https://github.com/opencontainers/runc/security/advisories/GHSA-9493-h29p-rfm2"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Awaiting Analysis",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-61"
},
{
"lang": "en",
"value": "CWE-363"
}
],
"source": "security-advisories@github.com",
"type": "Primary"
}
]
}
opensuse-su-2025:15705-1
Vulnerability from csaf_opensuse
Published
2025-11-05 00:00
Modified
2025-11-05 00:00
Summary
runc-1.3.3-1.1 on GA media
Notes
Title of the patch
runc-1.3.3-1.1 on GA media
Description of the patch
These are all security issues fixed in the runc-1.3.3-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2025-15705
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "runc-1.3.3-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the runc-1.3.3-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15705",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15705-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-31133 page",
"url": "https://www.suse.com/security/cve/CVE-2025-31133/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-52565 page",
"url": "https://www.suse.com/security/cve/CVE-2025-52565/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-52881 page",
"url": "https://www.suse.com/security/cve/CVE-2025-52881/"
}
],
"title": "runc-1.3.3-1.1 on GA media",
"tracking": {
"current_release_date": "2025-11-05T00:00:00Z",
"generator": {
"date": "2025-11-05T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15705-1",
"initial_release_date": "2025-11-05T00:00:00Z",
"revision_history": [
{
"date": "2025-11-05T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "runc-1.3.3-1.1.aarch64",
"product": {
"name": "runc-1.3.3-1.1.aarch64",
"product_id": "runc-1.3.3-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "runc-1.3.3-1.1.ppc64le",
"product": {
"name": "runc-1.3.3-1.1.ppc64le",
"product_id": "runc-1.3.3-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "runc-1.3.3-1.1.s390x",
"product": {
"name": "runc-1.3.3-1.1.s390x",
"product_id": "runc-1.3.3-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "runc-1.3.3-1.1.x86_64",
"product": {
"name": "runc-1.3.3-1.1.x86_64",
"product_id": "runc-1.3.3-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.3.3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:runc-1.3.3-1.1.aarch64"
},
"product_reference": "runc-1.3.3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.3.3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:runc-1.3.3-1.1.ppc64le"
},
"product_reference": "runc-1.3.3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.3.3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:runc-1.3.3-1.1.s390x"
},
"product_reference": "runc-1.3.3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.3.3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:runc-1.3.3-1.1.x86_64"
},
"product_reference": "runc-1.3.3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-31133",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-31133"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:runc-1.3.3-1.1.aarch64",
"openSUSE Tumbleweed:runc-1.3.3-1.1.ppc64le",
"openSUSE Tumbleweed:runc-1.3.3-1.1.s390x",
"openSUSE Tumbleweed:runc-1.3.3-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-31133",
"url": "https://www.suse.com/security/cve/CVE-2025-31133"
},
{
"category": "external",
"summary": "SUSE Bug 1252232 for CVE-2025-31133",
"url": "https://bugzilla.suse.com/1252232"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:runc-1.3.3-1.1.aarch64",
"openSUSE Tumbleweed:runc-1.3.3-1.1.ppc64le",
"openSUSE Tumbleweed:runc-1.3.3-1.1.s390x",
"openSUSE Tumbleweed:runc-1.3.3-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:runc-1.3.3-1.1.aarch64",
"openSUSE Tumbleweed:runc-1.3.3-1.1.ppc64le",
"openSUSE Tumbleweed:runc-1.3.3-1.1.s390x",
"openSUSE Tumbleweed:runc-1.3.3-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-05T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-31133"
},
{
"cve": "CVE-2025-52565",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-52565"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:runc-1.3.3-1.1.aarch64",
"openSUSE Tumbleweed:runc-1.3.3-1.1.ppc64le",
"openSUSE Tumbleweed:runc-1.3.3-1.1.s390x",
"openSUSE Tumbleweed:runc-1.3.3-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-52565",
"url": "https://www.suse.com/security/cve/CVE-2025-52565"
},
{
"category": "external",
"summary": "SUSE Bug 1252232 for CVE-2025-52565",
"url": "https://bugzilla.suse.com/1252232"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:runc-1.3.3-1.1.aarch64",
"openSUSE Tumbleweed:runc-1.3.3-1.1.ppc64le",
"openSUSE Tumbleweed:runc-1.3.3-1.1.s390x",
"openSUSE Tumbleweed:runc-1.3.3-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:runc-1.3.3-1.1.aarch64",
"openSUSE Tumbleweed:runc-1.3.3-1.1.ppc64le",
"openSUSE Tumbleweed:runc-1.3.3-1.1.s390x",
"openSUSE Tumbleweed:runc-1.3.3-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-05T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-52565"
},
{
"cve": "CVE-2025-52881",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-52881"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:runc-1.3.3-1.1.aarch64",
"openSUSE Tumbleweed:runc-1.3.3-1.1.ppc64le",
"openSUSE Tumbleweed:runc-1.3.3-1.1.s390x",
"openSUSE Tumbleweed:runc-1.3.3-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-52881",
"url": "https://www.suse.com/security/cve/CVE-2025-52881"
},
{
"category": "external",
"summary": "SUSE Bug 1252232 for CVE-2025-52881",
"url": "https://bugzilla.suse.com/1252232"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:runc-1.3.3-1.1.aarch64",
"openSUSE Tumbleweed:runc-1.3.3-1.1.ppc64le",
"openSUSE Tumbleweed:runc-1.3.3-1.1.s390x",
"openSUSE Tumbleweed:runc-1.3.3-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:runc-1.3.3-1.1.aarch64",
"openSUSE Tumbleweed:runc-1.3.3-1.1.ppc64le",
"openSUSE Tumbleweed:runc-1.3.3-1.1.s390x",
"openSUSE Tumbleweed:runc-1.3.3-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-05T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-52881"
}
]
}
suse-su-2025:3951-1
Vulnerability from csaf_suse
Published
2025-11-05 10:23
Modified
2025-11-05 10:23
Summary
Security update for runc
Notes
Title of the patch
Security update for runc
Description of the patch
This update for runc fixes the following issues:
- CVE-2025-31133: Fixed container escape via 'masked path' abuse due to mount race conditions (bsc#1252232).
- CVE-2025-52565: Fixed container escape with malicious config due to /dev/console mount and related races (bsc#1252232).
- CVE-2025-52881: Fixed container escape and denial of service due to arbitrary write gadgets and procfs write redirects (bsc#1252232).
Update to runc v1.2.7.
- Upstream changelog is available from <https://github.com/opencontainers/runc/releases/tag/v1.2.7>
Patchnames
SUSE-2025-3951,SUSE-SLE-SERVER-12-SP5-LTSS-2025-3951,SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-3951
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for runc",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for runc fixes the following issues:\n\n- CVE-2025-31133: Fixed container escape via \u0027masked path\u0027 abuse due to mount race conditions (bsc#1252232).\n- CVE-2025-52565: Fixed container escape with malicious config due to /dev/console mount and related races (bsc#1252232).\n- CVE-2025-52881: Fixed container escape and denial of service due to arbitrary write gadgets and procfs write redirects (bsc#1252232).\n\nUpdate to runc v1.2.7. \n\n- Upstream changelog is available from \u003chttps://github.com/opencontainers/runc/releases/tag/v1.2.7\u003e\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-3951,SUSE-SLE-SERVER-12-SP5-LTSS-2025-3951,SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-3951",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_3951-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:3951-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20253951-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:3951-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-November/023151.html"
},
{
"category": "self",
"summary": "SUSE Bug 1252232",
"url": "https://bugzilla.suse.com/1252232"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-31133 page",
"url": "https://www.suse.com/security/cve/CVE-2025-31133/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-52565 page",
"url": "https://www.suse.com/security/cve/CVE-2025-52565/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-52881 page",
"url": "https://www.suse.com/security/cve/CVE-2025-52881/"
}
],
"title": "Security update for runc",
"tracking": {
"current_release_date": "2025-11-05T10:23:31Z",
"generator": {
"date": "2025-11-05T10:23:31Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:3951-1",
"initial_release_date": "2025-11-05T10:23:31Z",
"revision_history": [
{
"date": "2025-11-05T10:23:31Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "runc-1.2.7-16.67.1.aarch64",
"product": {
"name": "runc-1.2.7-16.67.1.aarch64",
"product_id": "runc-1.2.7-16.67.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "runc-1.2.7-16.67.1.i586",
"product": {
"name": "runc-1.2.7-16.67.1.i586",
"product_id": "runc-1.2.7-16.67.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "runc-1.2.7-16.67.1.ppc64le",
"product": {
"name": "runc-1.2.7-16.67.1.ppc64le",
"product_id": "runc-1.2.7-16.67.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "runc-1.2.7-16.67.1.s390x",
"product": {
"name": "runc-1.2.7-16.67.1.s390x",
"product_id": "runc-1.2.7-16.67.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "runc-1.2.7-16.67.1.x86_64",
"product": {
"name": "runc-1.2.7-16.67.1.x86_64",
"product_id": "runc-1.2.7-16.67.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss-extended-security:12:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-16.67.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:runc-1.2.7-16.67.1.aarch64"
},
"product_reference": "runc-1.2.7-16.67.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-16.67.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:runc-1.2.7-16.67.1.ppc64le"
},
"product_reference": "runc-1.2.7-16.67.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-16.67.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:runc-1.2.7-16.67.1.s390x"
},
"product_reference": "runc-1.2.7-16.67.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-16.67.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:runc-1.2.7-16.67.1.x86_64"
},
"product_reference": "runc-1.2.7-16.67.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-16.67.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:runc-1.2.7-16.67.1.x86_64"
},
"product_reference": "runc-1.2.7-16.67.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-31133",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-31133"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:runc-1.2.7-16.67.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:runc-1.2.7-16.67.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:runc-1.2.7-16.67.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:runc-1.2.7-16.67.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:runc-1.2.7-16.67.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-31133",
"url": "https://www.suse.com/security/cve/CVE-2025-31133"
},
{
"category": "external",
"summary": "SUSE Bug 1252232 for CVE-2025-31133",
"url": "https://bugzilla.suse.com/1252232"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:runc-1.2.7-16.67.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:runc-1.2.7-16.67.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:runc-1.2.7-16.67.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:runc-1.2.7-16.67.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:runc-1.2.7-16.67.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:runc-1.2.7-16.67.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:runc-1.2.7-16.67.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:runc-1.2.7-16.67.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:runc-1.2.7-16.67.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:runc-1.2.7-16.67.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-05T10:23:31Z",
"details": "important"
}
],
"title": "CVE-2025-31133"
},
{
"cve": "CVE-2025-52565",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-52565"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:runc-1.2.7-16.67.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:runc-1.2.7-16.67.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:runc-1.2.7-16.67.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:runc-1.2.7-16.67.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:runc-1.2.7-16.67.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-52565",
"url": "https://www.suse.com/security/cve/CVE-2025-52565"
},
{
"category": "external",
"summary": "SUSE Bug 1252232 for CVE-2025-52565",
"url": "https://bugzilla.suse.com/1252232"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:runc-1.2.7-16.67.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:runc-1.2.7-16.67.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:runc-1.2.7-16.67.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:runc-1.2.7-16.67.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:runc-1.2.7-16.67.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:runc-1.2.7-16.67.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:runc-1.2.7-16.67.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:runc-1.2.7-16.67.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:runc-1.2.7-16.67.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:runc-1.2.7-16.67.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-05T10:23:31Z",
"details": "important"
}
],
"title": "CVE-2025-52565"
},
{
"cve": "CVE-2025-52881",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-52881"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:runc-1.2.7-16.67.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:runc-1.2.7-16.67.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:runc-1.2.7-16.67.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:runc-1.2.7-16.67.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:runc-1.2.7-16.67.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-52881",
"url": "https://www.suse.com/security/cve/CVE-2025-52881"
},
{
"category": "external",
"summary": "SUSE Bug 1252232 for CVE-2025-52881",
"url": "https://bugzilla.suse.com/1252232"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:runc-1.2.7-16.67.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:runc-1.2.7-16.67.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:runc-1.2.7-16.67.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:runc-1.2.7-16.67.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:runc-1.2.7-16.67.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:runc-1.2.7-16.67.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:runc-1.2.7-16.67.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:runc-1.2.7-16.67.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:runc-1.2.7-16.67.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:runc-1.2.7-16.67.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-05T10:23:31Z",
"details": "important"
}
],
"title": "CVE-2025-52881"
}
]
}
suse-su-2025:3950-1
Vulnerability from csaf_suse
Published
2025-11-05 10:22
Modified
2025-11-05 10:22
Summary
Security update for runc
Notes
Title of the patch
Security update for runc
Description of the patch
This update for runc fixes the following issues:
- CVE-2025-31133: Fixed container escape via 'masked path' abuse due to mount race conditions (bsc#1252232).
- CVE-2025-52565: Fixed container escape with malicious config due to /dev/console mount and related races (bsc#1252232).
- CVE-2025-52881: Fixed container escape and denial of service due to arbitrary write gadgets and procfs write redirects (bsc#1252232).
Update to runc v1.2.7.
- Upstream changelog is available from <https://github.com/opencontainers/runc/releases/tag/v1.2.7>
Patchnames
SUSE-2025-3950,SUSE-SLE-Micro-5.3-2025-3950,SUSE-SLE-Micro-5.4-2025-3950,SUSE-SLE-Micro-5.5-2025-3950,SUSE-SLE-Module-Basesystem-15-SP7-2025-3950,SUSE-SLE-Module-Containers-15-SP6-2025-3950,SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-3950,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-3950,SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-3950,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-3950,SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-3950,SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-3950,SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-3950,SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-3950,SUSE-SLE-Product-SLES_SAP-15-SP3-2025-3950,SUSE-SLE-Product-SLES_SAP-15-SP4-2025-3950,SUSE-SLE-Product-SLES_SAP-15-SP5-2025-3950,SUSE-SUSE-MicroOS-5.2-2025-3950,SUSE-Storage-7.1-2025-3950,openSUSE-SLE-15.6-2025-3950
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for runc",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for runc fixes the following issues:\n\n- CVE-2025-31133: Fixed container escape via \u0027masked path\u0027 abuse due to mount race conditions (bsc#1252232).\n- CVE-2025-52565: Fixed container escape with malicious config due to /dev/console mount and related races (bsc#1252232).\n- CVE-2025-52881: Fixed container escape and denial of service due to arbitrary write gadgets and procfs write redirects (bsc#1252232).\n\nUpdate to runc v1.2.7. \n\n- Upstream changelog is available from \u003chttps://github.com/opencontainers/runc/releases/tag/v1.2.7\u003e\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-3950,SUSE-SLE-Micro-5.3-2025-3950,SUSE-SLE-Micro-5.4-2025-3950,SUSE-SLE-Micro-5.5-2025-3950,SUSE-SLE-Module-Basesystem-15-SP7-2025-3950,SUSE-SLE-Module-Containers-15-SP6-2025-3950,SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-3950,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-3950,SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-3950,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-3950,SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-3950,SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-3950,SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-3950,SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-3950,SUSE-SLE-Product-SLES_SAP-15-SP3-2025-3950,SUSE-SLE-Product-SLES_SAP-15-SP4-2025-3950,SUSE-SLE-Product-SLES_SAP-15-SP5-2025-3950,SUSE-SUSE-MicroOS-5.2-2025-3950,SUSE-Storage-7.1-2025-3950,openSUSE-SLE-15.6-2025-3950",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_3950-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:3950-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20253950-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:3950-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-November/023152.html"
},
{
"category": "self",
"summary": "SUSE Bug 1252232",
"url": "https://bugzilla.suse.com/1252232"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-31133 page",
"url": "https://www.suse.com/security/cve/CVE-2025-31133/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-52565 page",
"url": "https://www.suse.com/security/cve/CVE-2025-52565/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-52881 page",
"url": "https://www.suse.com/security/cve/CVE-2025-52881/"
}
],
"title": "Security update for runc",
"tracking": {
"current_release_date": "2025-11-05T10:22:48Z",
"generator": {
"date": "2025-11-05T10:22:48Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:3950-1",
"initial_release_date": "2025-11-05T10:22:48Z",
"revision_history": [
{
"date": "2025-11-05T10:22:48Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "runc-1.2.7-150000.80.1.aarch64",
"product": {
"name": "runc-1.2.7-150000.80.1.aarch64",
"product_id": "runc-1.2.7-150000.80.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "runc-1.2.7-150000.80.1.i586",
"product": {
"name": "runc-1.2.7-150000.80.1.i586",
"product_id": "runc-1.2.7-150000.80.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "runc-1.2.7-150000.80.1.ppc64le",
"product": {
"name": "runc-1.2.7-150000.80.1.ppc64le",
"product_id": "runc-1.2.7-150000.80.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "runc-1.2.7-150000.80.1.s390x",
"product": {
"name": "runc-1.2.7-150000.80.1.s390x",
"product_id": "runc-1.2.7-150000.80.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "runc-1.2.7-150000.80.1.x86_64",
"product": {
"name": "runc-1.2.7-150000.80.1.x86_64",
"product_id": "runc-1.2.7-150000.80.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.3",
"product": {
"name": "SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-micro:5.3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.4",
"product": {
"name": "SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-micro:5.4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.5",
"product": {
"name": "SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-micro:5.5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-basesystem:15:sp7"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Containers 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-containers:15:sp6"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.2",
"product": {
"name": "SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-microos:5.2"
}
}
},
{
"category": "product_name",
"name": "SUSE Enterprise Storage 7.1",
"product": {
"name": "SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:ses:7.1"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.aarch64 as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:runc-1.2.7-150000.80.1.aarch64"
},
"product_reference": "runc-1.2.7-150000.80.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.s390x as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:runc-1.2.7-150000.80.1.s390x"
},
"product_reference": "runc-1.2.7-150000.80.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.x86_64 as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:runc-1.2.7-150000.80.1.x86_64"
},
"product_reference": "runc-1.2.7-150000.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.aarch64 as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:runc-1.2.7-150000.80.1.aarch64"
},
"product_reference": "runc-1.2.7-150000.80.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.s390x as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:runc-1.2.7-150000.80.1.s390x"
},
"product_reference": "runc-1.2.7-150000.80.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.x86_64 as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:runc-1.2.7-150000.80.1.x86_64"
},
"product_reference": "runc-1.2.7-150000.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.aarch64 as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:runc-1.2.7-150000.80.1.aarch64"
},
"product_reference": "runc-1.2.7-150000.80.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.ppc64le as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:runc-1.2.7-150000.80.1.ppc64le"
},
"product_reference": "runc-1.2.7-150000.80.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.s390x as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:runc-1.2.7-150000.80.1.s390x"
},
"product_reference": "runc-1.2.7-150000.80.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.x86_64 as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:runc-1.2.7-150000.80.1.x86_64"
},
"product_reference": "runc-1.2.7-150000.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:runc-1.2.7-150000.80.1.aarch64"
},
"product_reference": "runc-1.2.7-150000.80.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:runc-1.2.7-150000.80.1.ppc64le"
},
"product_reference": "runc-1.2.7-150000.80.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:runc-1.2.7-150000.80.1.s390x"
},
"product_reference": "runc-1.2.7-150000.80.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:runc-1.2.7-150000.80.1.x86_64"
},
"product_reference": "runc-1.2.7-150000.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.aarch64 as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:runc-1.2.7-150000.80.1.aarch64"
},
"product_reference": "runc-1.2.7-150000.80.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.ppc64le as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:runc-1.2.7-150000.80.1.ppc64le"
},
"product_reference": "runc-1.2.7-150000.80.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.s390x as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:runc-1.2.7-150000.80.1.s390x"
},
"product_reference": "runc-1.2.7-150000.80.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.x86_64 as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:runc-1.2.7-150000.80.1.x86_64"
},
"product_reference": "runc-1.2.7-150000.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:runc-1.2.7-150000.80.1.aarch64"
},
"product_reference": "runc-1.2.7-150000.80.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:runc-1.2.7-150000.80.1.x86_64"
},
"product_reference": "runc-1.2.7-150000.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:runc-1.2.7-150000.80.1.aarch64"
},
"product_reference": "runc-1.2.7-150000.80.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:runc-1.2.7-150000.80.1.x86_64"
},
"product_reference": "runc-1.2.7-150000.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:runc-1.2.7-150000.80.1.aarch64"
},
"product_reference": "runc-1.2.7-150000.80.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:runc-1.2.7-150000.80.1.x86_64"
},
"product_reference": "runc-1.2.7-150000.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:runc-1.2.7-150000.80.1.aarch64"
},
"product_reference": "runc-1.2.7-150000.80.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:runc-1.2.7-150000.80.1.x86_64"
},
"product_reference": "runc-1.2.7-150000.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:runc-1.2.7-150000.80.1.aarch64"
},
"product_reference": "runc-1.2.7-150000.80.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:runc-1.2.7-150000.80.1.x86_64"
},
"product_reference": "runc-1.2.7-150000.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:runc-1.2.7-150000.80.1.aarch64"
},
"product_reference": "runc-1.2.7-150000.80.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:runc-1.2.7-150000.80.1.ppc64le"
},
"product_reference": "runc-1.2.7-150000.80.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:runc-1.2.7-150000.80.1.s390x"
},
"product_reference": "runc-1.2.7-150000.80.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:runc-1.2.7-150000.80.1.x86_64"
},
"product_reference": "runc-1.2.7-150000.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:runc-1.2.7-150000.80.1.aarch64"
},
"product_reference": "runc-1.2.7-150000.80.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:runc-1.2.7-150000.80.1.ppc64le"
},
"product_reference": "runc-1.2.7-150000.80.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:runc-1.2.7-150000.80.1.s390x"
},
"product_reference": "runc-1.2.7-150000.80.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:runc-1.2.7-150000.80.1.x86_64"
},
"product_reference": "runc-1.2.7-150000.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:runc-1.2.7-150000.80.1.aarch64"
},
"product_reference": "runc-1.2.7-150000.80.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:runc-1.2.7-150000.80.1.ppc64le"
},
"product_reference": "runc-1.2.7-150000.80.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:runc-1.2.7-150000.80.1.s390x"
},
"product_reference": "runc-1.2.7-150000.80.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:runc-1.2.7-150000.80.1.x86_64"
},
"product_reference": "runc-1.2.7-150000.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:runc-1.2.7-150000.80.1.ppc64le"
},
"product_reference": "runc-1.2.7-150000.80.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:runc-1.2.7-150000.80.1.x86_64"
},
"product_reference": "runc-1.2.7-150000.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:runc-1.2.7-150000.80.1.ppc64le"
},
"product_reference": "runc-1.2.7-150000.80.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:runc-1.2.7-150000.80.1.x86_64"
},
"product_reference": "runc-1.2.7-150000.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:runc-1.2.7-150000.80.1.ppc64le"
},
"product_reference": "runc-1.2.7-150000.80.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:runc-1.2.7-150000.80.1.x86_64"
},
"product_reference": "runc-1.2.7-150000.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.aarch64 as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:runc-1.2.7-150000.80.1.aarch64"
},
"product_reference": "runc-1.2.7-150000.80.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.s390x as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:runc-1.2.7-150000.80.1.s390x"
},
"product_reference": "runc-1.2.7-150000.80.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.x86_64 as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:runc-1.2.7-150000.80.1.x86_64"
},
"product_reference": "runc-1.2.7-150000.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.aarch64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:runc-1.2.7-150000.80.1.aarch64"
},
"product_reference": "runc-1.2.7-150000.80.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:runc-1.2.7-150000.80.1.x86_64"
},
"product_reference": "runc-1.2.7-150000.80.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:runc-1.2.7-150000.80.1.aarch64"
},
"product_reference": "runc-1.2.7-150000.80.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:runc-1.2.7-150000.80.1.ppc64le"
},
"product_reference": "runc-1.2.7-150000.80.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:runc-1.2.7-150000.80.1.s390x"
},
"product_reference": "runc-1.2.7-150000.80.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-1.2.7-150000.80.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:runc-1.2.7-150000.80.1.x86_64"
},
"product_reference": "runc-1.2.7-150000.80.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-31133",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-31133"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:runc-1.2.7-150000.80.1.aarch64",
"SUSE Enterprise Storage 7.1:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Micro 5.2:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Micro 5.3:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Micro 5.4:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Micro 5.5:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:runc-1.2.7-150000.80.1.x86_64",
"openSUSE Leap 15.6:runc-1.2.7-150000.80.1.aarch64",
"openSUSE Leap 15.6:runc-1.2.7-150000.80.1.ppc64le",
"openSUSE Leap 15.6:runc-1.2.7-150000.80.1.s390x",
"openSUSE Leap 15.6:runc-1.2.7-150000.80.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-31133",
"url": "https://www.suse.com/security/cve/CVE-2025-31133"
},
{
"category": "external",
"summary": "SUSE Bug 1252232 for CVE-2025-31133",
"url": "https://bugzilla.suse.com/1252232"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:runc-1.2.7-150000.80.1.aarch64",
"SUSE Enterprise Storage 7.1:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Micro 5.2:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Micro 5.3:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Micro 5.4:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Micro 5.5:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:runc-1.2.7-150000.80.1.x86_64",
"openSUSE Leap 15.6:runc-1.2.7-150000.80.1.aarch64",
"openSUSE Leap 15.6:runc-1.2.7-150000.80.1.ppc64le",
"openSUSE Leap 15.6:runc-1.2.7-150000.80.1.s390x",
"openSUSE Leap 15.6:runc-1.2.7-150000.80.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:runc-1.2.7-150000.80.1.aarch64",
"SUSE Enterprise Storage 7.1:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Micro 5.2:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Micro 5.3:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Micro 5.4:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Micro 5.5:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:runc-1.2.7-150000.80.1.x86_64",
"openSUSE Leap 15.6:runc-1.2.7-150000.80.1.aarch64",
"openSUSE Leap 15.6:runc-1.2.7-150000.80.1.ppc64le",
"openSUSE Leap 15.6:runc-1.2.7-150000.80.1.s390x",
"openSUSE Leap 15.6:runc-1.2.7-150000.80.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-05T10:22:48Z",
"details": "important"
}
],
"title": "CVE-2025-31133"
},
{
"cve": "CVE-2025-52565",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-52565"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:runc-1.2.7-150000.80.1.aarch64",
"SUSE Enterprise Storage 7.1:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Micro 5.2:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Micro 5.3:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Micro 5.4:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Micro 5.5:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:runc-1.2.7-150000.80.1.x86_64",
"openSUSE Leap 15.6:runc-1.2.7-150000.80.1.aarch64",
"openSUSE Leap 15.6:runc-1.2.7-150000.80.1.ppc64le",
"openSUSE Leap 15.6:runc-1.2.7-150000.80.1.s390x",
"openSUSE Leap 15.6:runc-1.2.7-150000.80.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-52565",
"url": "https://www.suse.com/security/cve/CVE-2025-52565"
},
{
"category": "external",
"summary": "SUSE Bug 1252232 for CVE-2025-52565",
"url": "https://bugzilla.suse.com/1252232"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:runc-1.2.7-150000.80.1.aarch64",
"SUSE Enterprise Storage 7.1:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Micro 5.2:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Micro 5.3:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Micro 5.4:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Micro 5.5:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:runc-1.2.7-150000.80.1.x86_64",
"openSUSE Leap 15.6:runc-1.2.7-150000.80.1.aarch64",
"openSUSE Leap 15.6:runc-1.2.7-150000.80.1.ppc64le",
"openSUSE Leap 15.6:runc-1.2.7-150000.80.1.s390x",
"openSUSE Leap 15.6:runc-1.2.7-150000.80.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:runc-1.2.7-150000.80.1.aarch64",
"SUSE Enterprise Storage 7.1:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Micro 5.2:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Micro 5.3:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Micro 5.4:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Micro 5.5:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:runc-1.2.7-150000.80.1.x86_64",
"openSUSE Leap 15.6:runc-1.2.7-150000.80.1.aarch64",
"openSUSE Leap 15.6:runc-1.2.7-150000.80.1.ppc64le",
"openSUSE Leap 15.6:runc-1.2.7-150000.80.1.s390x",
"openSUSE Leap 15.6:runc-1.2.7-150000.80.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-05T10:22:48Z",
"details": "important"
}
],
"title": "CVE-2025-52565"
},
{
"cve": "CVE-2025-52881",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-52881"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:runc-1.2.7-150000.80.1.aarch64",
"SUSE Enterprise Storage 7.1:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Micro 5.2:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Micro 5.3:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Micro 5.4:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Micro 5.5:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:runc-1.2.7-150000.80.1.x86_64",
"openSUSE Leap 15.6:runc-1.2.7-150000.80.1.aarch64",
"openSUSE Leap 15.6:runc-1.2.7-150000.80.1.ppc64le",
"openSUSE Leap 15.6:runc-1.2.7-150000.80.1.s390x",
"openSUSE Leap 15.6:runc-1.2.7-150000.80.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-52881",
"url": "https://www.suse.com/security/cve/CVE-2025-52881"
},
{
"category": "external",
"summary": "SUSE Bug 1252232 for CVE-2025-52881",
"url": "https://bugzilla.suse.com/1252232"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:runc-1.2.7-150000.80.1.aarch64",
"SUSE Enterprise Storage 7.1:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Micro 5.2:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Micro 5.3:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Micro 5.4:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Micro 5.5:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:runc-1.2.7-150000.80.1.x86_64",
"openSUSE Leap 15.6:runc-1.2.7-150000.80.1.aarch64",
"openSUSE Leap 15.6:runc-1.2.7-150000.80.1.ppc64le",
"openSUSE Leap 15.6:runc-1.2.7-150000.80.1.s390x",
"openSUSE Leap 15.6:runc-1.2.7-150000.80.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:runc-1.2.7-150000.80.1.aarch64",
"SUSE Enterprise Storage 7.1:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Micro 5.2:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Micro 5.3:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Micro 5.4:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Micro 5.5:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:runc-1.2.7-150000.80.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:runc-1.2.7-150000.80.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:runc-1.2.7-150000.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:runc-1.2.7-150000.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:runc-1.2.7-150000.80.1.x86_64",
"openSUSE Leap 15.6:runc-1.2.7-150000.80.1.aarch64",
"openSUSE Leap 15.6:runc-1.2.7-150000.80.1.ppc64le",
"openSUSE Leap 15.6:runc-1.2.7-150000.80.1.s390x",
"openSUSE Leap 15.6:runc-1.2.7-150000.80.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-05T10:22:48Z",
"details": "important"
}
],
"title": "CVE-2025-52881"
}
]
}
ghsa-9493-h29p-rfm2
Vulnerability from github
Published
2025-11-05 16:37
Modified
2025-11-06 23:12
Severity ?
VLAI Severity ?
Summary
runc container escape via "masked path" abuse due to mount race conditions
Details
Impact ###
The OCI runtime specification has a maskedPaths feature that allows for files or directories to be "masked" by placing a mount on top of them to conceal their contents. This is primarily intended to protect against privileged users in non-user-namespaced from being able to write to files or access directories that would either provide sensitive information about the host to containers or allow containers to perform destructive or other privileged operations on the host (examples include /proc/kcore, /proc/timer_list, /proc/acpi, and /proc/keys).
maskedPaths can be used to either mask a directory or a file -- directories are masked using a new read-only tmpfs instance that is mounted on top of the masked path, while files are masked by bind-mounting the container's /dev/null on top of the masked path.
In all known versions of runc, when using the container's /dev/null to mask files, runc would not perform sufficient verification that the source of the bind-mount (i.e., the container's /dev/null) was actually a real /dev/null inode. While /dev/null is usually created by runc when doing container creation, it is possible for an attacker to create a /dev/null or modify the /dev/null inode created by runc through race conditions with other containers sharing mounts (runc has also verified this attack is possible to exploit using a standard Dockerfile with docker buildx build as that also permits triggering parallel execution of containers with custom shared mounts configured).
This could lead to two separate issues:
Attack 1: Arbitrary Mount Gadget (leading to Host Information Disclosure, Host Denial of Service, or Container Escape) ####
By replacing /dev/null with a symlink to an attacker-controlled path, an attacker could cause runc to bind-mount an arbitrary source path to a path inside the container. This could lead to:
Host Denial of Service: By bind-mounting files such as /proc/sysrq-trigger, the attacker can gain access to a read-write version of files which can be destructive to write to (/proc/sysrq-trigger would allow an attacker to trigger a kernel panic, shutting down the machine, or causing the machine to freeze without rebooting).
Container Escape: By bind-mounting /proc/sys/kernel/core_pattern, the attacker can reconfigure a coredump helper -- as kernel upcalls are not namespaced, the configured binary (which could be a container binary or a host binary with a malicious command-line) will run with full privileges on the host system. Thus, the attacker can simply trigger a coredump and gain complete root privileges over the host.
Note that while config.json allows users to bind-mount arbitrary paths (and thus an attacker that can modify config.json arbitrarily could gain the same access as this exploit), because maskedPaths is applied by almost all higher-level container runtimes (and thus provides a guaranteed mount source) this flaw effectively allows any attacker that can spawn containers (with some degree of control over what kinds of containers are being spawned) to achieve the above goals.
Attack 2: Bypassing maskedPaths ####
While investigating Attack 1, runc discovered that the runc validation mechanism when bind-mounting /dev/null for maskedPaths would ignore ENOENT errors -- meaning that if an attacker deleted /dev/null before runc did the bind-mount, runc would silently skip applying maskedPaths for the container. (The original purpose of this ENOENT-ignore behaviour was to permit configurations where maskedPaths references non-existent files, but runc did not consider that the source path could also not exist in this kind of race-attack scenario.)
With maskedPaths rendered inoperative, an attacker would be able to access sensitive host information from files in /proc that would usually be masked (such as /proc/kcore). However, note that /proc/sys and /proc/sysrq-trigger are mounted read-only rather than being masked with files, so this attack variant will not allow the same breakout or host denial of service attacks as in Attack 1.
Patches ###
This advisory is being published as part of a set of three advisories:
* CVE-2025-31133
* CVE-2025-52881
* CVE-2025-52565
The patches fixing this issue have accordingly been combined into a single patchset. The following patches from that patchset resolve the issues in this advisory:
db19bbed5348 ("internal/sys: add VerifyInode helper")
8476df83b534 ("libct: add/use isDevNull, verifyDevNull")
1a30a8f3d921 ("libct: maskPaths: only ignore ENOENT on mount dest")
5d7b24240724 ("libct: maskPaths: don't rely on ENOTDIR for mount")
runc 1.2.8, 1.3.3, and 1.4.0-rc.3 have been released and all contain fixes for these issues. As per runc's new release model, runc 1.1.x and earlier are no longer supported and thus have not been patched. https://github.com/opencontainers/runc/blob/v1.4.0-rc.2/RELEASES.md
Mitigations ###
- Use containers with user namespaces (with the host root user not mapped into the container's user namespace). This will block most of the most serious aspects of these attacks, as the
procfsfiles used for the container breakout use Unix DAC permissions and user namespaced users will not have access to the relevant files.
runc would also like to take this opportunity to re-iterate that runc strongly recommend all users use user namespaced containers. They have proven to be one of the best security hardening mechanisms against container breakouts, and the kernel applies additional restrictions to user namespaced containers above and beyond the user remapping functionality provided. With the advent of id-mapped mounts (Linux 5.12), there is very little reason to not use user namespaces for most applications. Note that using user namespaces to configure your container does not mean you have to enable unprivileged user namespace creation inside the container -- most container runtimes apply a seccomp-bpf profile which blocks unshare(CLONE_NEWUSER) inside containers regardless of whether the container itself uses user namespaces.
Rootless containers can provide even more protection if your configuration can use them -- by having runc itself be an unprivileged process, in general you would expect the impact scope of a runc bug to be less severe as it would only have the privileges afforded to the host user which spawned runc.
- For non-user namespaced containers, configure all containers you spawn to not permit processes to run with root privileges. In most cases this would require configuring the container to use a non-root user and enabling
noNewPrivilegesto disable any setuid or set-capability binaries. (Note that this is runc's general recommendation for a secure container setup -- it is very difficult, if not impossible, to run an untrusted program with root privileges safely.) If you need to usepingin your containers, there is anet.ipv4.ping_group_rangesysctl that can be used to allow unprivileged users to ping without requiring setuid or set-capability binaries. - Do not run untrusted container images from unknown or unverified sources.
- Depending on the configuration of
maskedPaths, an AppArmor profile (such as the default one applied by higher level runtimes including Docker and Podman) can block write attempts to most of/procand/sys. This means that even with a procfs file maliciously bind-mounted to amaskedPathstarget, all of the targets ofmaskedPathsin the default configuration of runtimes such as Docker or Podman will still not permit write access to said files. However, if a container is configured with amaskedPathsthat is not protected by AppArmor then the same attack can be carried out. Please note that CVE-2025-52881 allows an attacker to bypass LSM labels, and so this mitigation is not that helpful when considered in combination with CVE-2025-52881. - Based on runc's analysis, SELinux policies have a limited effect when trying to protect against this attack. The reason is that the
/dev/nullbind-mount gets implicitly relabelled withcontext=...set to the container's SELinux context, and thus the container process will have access to the source of the bind-mount even if they otherwise wouldn't.
https://github.com/opencontainers/runc/security/advisories/GHSA-cgrx-mc8f-2prm
Other Runtimes ###
As this vulnerability boils down to a fairly easy-to-make logic bug, runc has provided information to other OCI (crun, youki) and non-OCI (LXC) container runtimes about this vulnerability. Based on discussions with other runtimes, it seems that crun and youki may have similar security issues and will release a coordinated security release along with runc. LXC appears to also be vulnerable in some aspects, but their security stance is (understandably) that non-user-namespaced containers are fundamentally insecure by design.
https://linuxcontainers.org/lxc/security/
Credits ###
Thanks to Lei Wang (@ssst0n3 from Huawei) for finding and reporting the original vulnerability (Attack 1), and Li Fubang (@lifubang from acmcoder.com, CIIC) for discovering another attack vector (Attack 2) based on @ssst0n3's initial findings.
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 1.2.7"
},
"package": {
"ecosystem": "Go",
"name": "github.com/opencontainers/runc"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.2.8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 1.3.2"
},
"package": {
"ecosystem": "Go",
"name": "github.com/opencontainers/runc"
},
"ranges": [
{
"events": [
{
"introduced": "1.3.0-rc.1"
},
{
"fixed": "1.3.3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 1.4.0-rc.2"
},
"package": {
"ecosystem": "Go",
"name": "github.com/opencontainers/runc"
},
"ranges": [
{
"events": [
{
"introduced": "1.4.0-rc.1"
},
{
"fixed": "1.4.0-rc.3"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2025-31133"
],
"database_specific": {
"cwe_ids": [
"CWE-363",
"CWE-61"
],
"github_reviewed": true,
"github_reviewed_at": "2025-11-05T16:37:15Z",
"nvd_published_at": "2025-11-06T19:15:41Z",
"severity": "HIGH"
},
"details": "### Impact ### \nThe OCI runtime specification has a `maskedPaths` feature that allows for files or directories to be \"masked\" by placing a mount on top of them to conceal their contents. This is primarily intended to protect against privileged users in non-user-namespaced from being able to write to files or access directories that would either provide sensitive information about the host to containers or allow containers to perform destructive or other privileged operations on the host (examples include `/proc/kcore`, `/proc/timer_list`, `/proc/acpi`, and `/proc/keys`). \n\n`maskedPaths` can be used to either mask a directory or a file -- directories are masked using a new read-only `tmpfs` instance that is mounted on top of the masked path, while files are masked by bind-mounting the container\u0027s `/dev/null` on top of the masked path. \n\nIn all known versions of runc, when using the container\u0027s `/dev/null` to mask files, runc would not perform sufficient verification that the source of the bind-mount (i.e., the container\u0027s `/dev/null`) was actually a real `/dev/null` inode. While `/dev/null` is usually created by runc when doing container creation, it is possible for an attacker to create a `/dev/null` or modify the `/dev/null` inode created by runc through race conditions with other containers sharing mounts (runc has also verified this attack is possible to exploit using a standard Dockerfile with `docker buildx build` as that also permits triggering parallel execution of containers with custom shared mounts configured). \n\nThis could lead to two separate issues: \n\n#### Attack 1: Arbitrary Mount Gadget (leading to Host Information Disclosure, Host Denial of Service, or Container Escape) #### \nBy replacing `/dev/null` with a symlink to an attacker-controlled path, an attacker could cause runc to bind-mount an arbitrary source path to a path inside the container. This could lead to: \n* **Host Denial of Service**: By bind-mounting files such as `/proc/sysrq-trigger`, the attacker can gain access to a read-write version of files which can be destructive to write to (`/proc/sysrq-trigger` would allow an attacker to trigger a kernel panic, shutting down the machine, or causing the machine to freeze without rebooting). \n* **Container Escape**: By bind-mounting `/proc/sys/kernel/core_pattern`, the attacker can reconfigure a coredump helper -- as kernel upcalls are not namespaced, the configured binary (which could be a container binary or a host binary with a malicious command-line) will run with full privileges on the host system. Thus, the attacker can simply trigger a coredump and gain complete root privileges over the host. \n\nNote that while `config.json` allows users to bind-mount arbitrary paths (and thus an attacker that can modify `config.json` arbitrarily could gain the same access as this exploit), because `maskedPaths` is applied by almost all higher-level container runtimes (and thus provides a guaranteed mount source) this flaw effectively allows any attacker that can spawn containers (with some degree of control over what kinds of containers are being spawned) to achieve the above goals. \n\n#### Attack 2: Bypassing `maskedPaths` #### \nWhile investigating Attack 1, runc discovered that the runc validation mechanism when bind-mounting `/dev/null` for `maskedPaths` would ignore `ENOENT` errors -- meaning that if an attacker deleted `/dev/null` before runc did the bind-mount, runc would silently skip applying `maskedPaths` for the container. (The original purpose of this `ENOENT`-ignore behaviour was to permit configurations where `maskedPaths` references non-existent files, but runc did not consider that the source path could also not exist in this kind of race-attack scenario.) \n\nWith `maskedPaths` rendered inoperative, an attacker would be able to access sensitive host information from files in `/proc` that would usually be masked (such as `/proc/kcore`). However, note that `/proc/sys` and `/proc/sysrq-trigger` are mounted read-only rather than being masked with files, so this attack variant will not allow the same breakout or host denial of service attacks as in Attack 1. \n\n### Patches ### \nThis advisory is being published as part of a set of three advisories: \n* CVE-2025-31133\n* CVE-2025-52881\n* CVE-2025-52565\n\nThe patches fixing this issue have accordingly been combined into a single patchset. The following patches from that patchset resolve the issues in this advisory: \n* db19bbed5348 (\"internal/sys: add VerifyInode helper\") \n* 8476df83b534 (\"libct: add/use isDevNull, verifyDevNull\") \n* 1a30a8f3d921 (\"libct: maskPaths: only ignore ENOENT on mount dest\") \n* 5d7b24240724 (\"libct: maskPaths: don\u0027t rely on ENOTDIR for mount\") \n\nrunc 1.2.8, 1.3.3, and 1.4.0-rc.3 have been released and all contain fixes for these issues. As per [runc\u0027s new release model](https://github.com/opencontainers/runc/blob/v1.4.0-rc.2/RELEASES.md), runc 1.1.x and earlier are no longer supported and thus have not been patched. https://github.com/opencontainers/runc/blob/v1.4.0-rc.2/RELEASES.md \n\n### Mitigations ### \n- Use containers with user namespaces (with the host root user not mapped into the container\u0027s user namespace). This will block most of the most serious aspects of these attacks, as the `procfs` files used for the container breakout use Unix DAC permissions and user namespaced users will not have access to the relevant files.\n\n runc would also like to take this opportunity to re-iterate that runc **strongly** recommend all users use user namespaced containers. They have proven to be one of the best security hardening mechanisms against container breakouts, and the kernel applies additional restrictions to user namespaced containers above and beyond the user remapping functionality provided. With the advent of id-mapped mounts (Linux 5.12), there is very little reason to not use user namespaces for most applications. Note that using user namespaces to configure your container does not mean you have to enable unprivileged user namespace creation *inside* the container -- most container runtimes apply a seccomp-bpf profile which blocks `unshare(CLONE_NEWUSER)` inside containers regardless of whether the container itself uses user namespaces.\n\n Rootless containers can provide even more protection if your configuration can use them -- by having runc itself be an unprivileged process, in general you would expect the impact scope of a runc bug to be less severe as it would only have the privileges afforded to the host user which spawned runc. \n\n- For non-user namespaced containers, configure all containers you spawn to not permit processes to run with root privileges. In most cases this would require configuring the container to use a non-root user and enabling `noNewPrivileges` to disable any setuid or set-capability binaries. (Note that this is runc\u0027s general recommendation for a secure container setup -- it is very difficult, if not impossible, to run an untrusted program with root privileges safely.) If you need to use `ping` in your containers, there is a `net.ipv4.ping_group_range` sysctl that can be used to allow unprivileged users to ping without requiring setuid or set-capability binaries. \n - Do not run untrusted container images from unknown or unverified sources. \n - Depending on the configuration of `maskedPaths`, an AppArmor profile (such as the default one applied by higher level runtimes including Docker and Podman) can block write attempts to most of `/proc` and `/sys`. This means that even with a procfs file maliciously bind-mounted to a `maskedPaths` target, all of the targets of `maskedPaths` in the default configuration of runtimes such as Docker or Podman will still not permit write access to said files. However, if a container is configured with a `maskedPaths` that is not protected by AppArmor then the same attack can be carried out. Please note that CVE-2025-52881 allows an attacker to bypass LSM labels, and so this mitigation is not that helpful when considered in combination with CVE-2025-52881. \n - Based on runc\u0027s analysis, SELinux policies have a limited effect when trying to protect against this attack. The reason is that the `/dev/null` bind-mount gets implicitly relabelled with `context=...` set to the container\u0027s SELinux context, and thus the container process will have access to the source of the bind-mount even if they otherwise wouldn\u0027t. \nhttps://github.com/opencontainers/runc/security/advisories/GHSA-cgrx-mc8f-2prm \n\n### Other Runtimes ### \nAs this vulnerability boils down to a fairly easy-to-make logic bug, runc has provided information to other OCI (crun, youki) and non-OCI (LXC) container runtimes about this vulnerability. Based on discussions with other runtimes, it seems that crun and youki may have similar security issues and will release a coordinated security release along with runc. LXC appears to also be vulnerable in some aspects, but [their security stance](https://linuxcontainers.org/lxc/security/) is (understandably) that non-user-namespaced containers are fundamentally insecure by design. \nhttps://linuxcontainers.org/lxc/security/ \n\n### Credits ### \nThanks to Lei Wang (@ssst0n3 from Huawei) for finding and reporting the original vulnerability (Attack 1), and Li Fubang (@lifubang from acmcoder.com, CIIC) for discovering another attack vector (Attack 2) based on @ssst0n3\u0027s initial findings.",
"id": "GHSA-9493-h29p-rfm2",
"modified": "2025-11-06T23:12:38Z",
"published": "2025-11-05T16:37:15Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/opencontainers/runc/security/advisories/GHSA-9493-h29p-rfm2"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-31133"
},
{
"type": "WEB",
"url": "https://github.com/opencontainers/runc/commit/1a30a8f3d921acbbb6a4bb7e99da2c05f8d48522"
},
{
"type": "WEB",
"url": "https://github.com/opencontainers/runc/commit/5d7b2424072449872d1cd0c937f2ca25f418eb66"
},
{
"type": "WEB",
"url": "https://github.com/opencontainers/runc/commit/8476df83b534a2522b878c0507b3491def48db9f"
},
{
"type": "WEB",
"url": "https://github.com/opencontainers/runc/commit/db19bbed5348847da433faa9d69e9f90192bfa64"
},
{
"type": "PACKAGE",
"url": "https://github.com/opencontainers/runc"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
"type": "CVSS_V4"
}
],
"summary": "runc container escape via \"masked path\" abuse due to mount race conditions"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…