CNNVD-202510-3204 Information

CNNVD ID

CNNVD-202510-3204

Related CVE

CVE-2025-57848

• CNNVD Published: 2025-10-23

Description (Chinese)

Red Hat OpenShift Virtualization 4是美国红帽（Red Hat）公司的一个虚拟机管理组件。 Red Hat OpenShift Virtualization 4存在安全漏洞，该漏洞源于Container-native Virtualization组件中/etc/passwd文件在构建时被设置为组可写权限，可能导致权限提升。

Description (English)

Red Hat OpenShift Virtualization 4 is a virtual machine management component of Red Hat. There is a security loophole in Red Hat OpenShift Virtualization 4, which originates from the /etc/passwd file in the Container-native Virtualization component, which was set to group write permissions at the time of construction, which could lead to an increase in permissions.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

红帽

Published

2025-10-23

Last Modified

2026-02-24

References

https://access.redhat.com/security/cve/CVE-2025-57848 https://bugzilla.redhat.com/show_bug.cgi?id=2391099 https://access.redhat.com/security/cve/cve-2025-57848