CNNVD-202511-488 Information

Nov 06, 2025 cve

CNNVD ID

CNNVD-202511-488

CVE-2025-52881

  • CNNVD Published: 2025-11-06

Description (Chinese)

runc是Open Container Initiative开源的一款用于根据OCI规范生成和运行容器的CLI(命令行界面)工具。 runc 1.2.7版本、1.3.2版本和1.4.0-rc.2版本存在安全漏洞,该漏洞源于攻击者可通过共享挂载的竞争容器误导写入操作,可能导致任意文件写入。

Description (English)

Runc is a CLI (command line interface) tool for the generation and operation of containers in accordance with OCI specifications. Runc Version 1.2.7, Version 1.3.2 and Version 1.4.0-rc.2 have a security loophole, which stems from the fact that the aggressor can misinform the operation by sharing a mounted competitive container, which may lead to any document being written.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

Open Container Initiative

Published

2025-11-06

Last Modified

2026-02-24

References

https://github.com/opencontainers/runc/commit/d40b3439a9614a86e87b81a94c6811ec6fa2d7d2 http://github.com/opencontainers/runc/commit/a41366e74080fa9f26a2cd3544e2801449697322 https://github.com/opencontainers/runc/commit/77889b56db939c323d29d1130f28f9aea2edb544 https://github.com/opencontainers/runc/commit/6fc191449109ea14bb7d61238f24a33fe08c651f https://github.com/opencontainers/runc/commit/d61fd29d854b416feaaf128bf650325cd2182165 https://github.com/opencontainers/runc/commit/77d217c7c3775d8ca5af89e477e81568ef4572db https://github.com/opencontainers/runc/security/advisories/GHSA-9493-h29p-rfm2 https://github.com/opencontainers/runc/commit/db19bbed5348847da433faa9d69e9f90192bfa64 https://github.com/opencontainers/runc/security/advisories/GHSA-qw9x-cqr3-wc7r http://github.com/opencontainers/runc/commit/fdcc9d3cad2f85954a241ccb910a61aaa1ef47f3 https://github.com/opencontainers/runc/commit/435cc81be6b79cdec73b4002c0dae549b2f6ae6d https://github.com/opencontainers/runc/blob/v1.4.0-rc.2/RELEASES.md https://github.com/opencontainers/runc/commit/ff94f9991bd32076c871ef0ad8bc1b763458e480 https://github.com/opencontainers/runc/commit/ff6fe1324663538167eca8b3d3eec61e1bd4fa51 https://github.com/opencontainers/runc/security/advisories/GHSA-cgrx-mc8f-2prm https://github.com/opencontainers/runc/commit/44a0fcf685db051c80b8c269812bb177f5802c58 https://github.com/opencontainers/runc/commit/b3dd1bc562ed9996d1a0f249e056c16624046d28 https://github.com/opencontainers/runc/commit/3f925525b44d247e390e529e772a0dc0c0bc3557 https://github.com/opencontainers/runc/commit/ed6b1693b8b3ae7eb0250a7e76fc888cdacf98c1 https://github.com/opencontainers/runc/commit/4b37cd93f86e72feac866442988b549b5b7bf3e6 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-52881 https://vigilance.fr/vulnerability/runc-privilege-escalation-via-Procfs-Write-Redirects-48666

Patch

https://github.com/opencontainers/runc/releases

Share on: