CVE-2025-52565
Public on
Last Modified:
Description
A flaw was found in runc. CVE-2025-52565 is very similar in concept and application toCVE-2025-31133, except that it exploits a flaw in /dev/console bind-mounts. When creating the /dev/console bind-mount (to /dev/pts/$n), if an attacker replaces /dev/pts/$n with a symlink then runc will bind-mount the symlink target over /dev/console.
Statement
Red Hat considers this as an Important flaw since the impact is limited to local attack with minimal privileges in order to jeopardize the environment.
Mitigation
Potential mitigations for this issue include:
* Using user namespaces, with the host root user not mapped into the container's namespace. procfs file permissions are managed using Unix DAC and thus user namespaces stop a container process from being able to write to them.
* Not running as a root user in the container (this includes disabling setuid binaries with noNewPrivileges). As above, procfs file permissions are managed using Unix DAC and thus non-root users cannot write to them.
* The default SELinux policy should mitigate this issue, as the /dev/console bind-mount does not re-label the mount and so the container process should not be able to write to unsafe procfs files. However, CVE-2025-52881 allows an attacker to bypass LSM labels, and so this mitigation is not helpful when considered in combination with CVE-2025-52881.
* The default AppArmor profile used by most runtimes will NOT help mitigate this issue, as /dev/console access is permitted. You could create a custom profile that blocks access to /dev/console, but such a profile might break regular containers. In addition, CVE-2025-52881 allows an attacker to bypass LSM labels, and so that mitigation is not helpful when considered in combination with CVE-2025-52881.
Additional Information
- This content is not included.Bugzilla 2404708: runc: container escape with malicious config due to /dev/console mount and related races
- Content from cwe.mitre.org is not included.CWE-59: Improper Link Resolution Before File Access ('Link Following')
- FAQ: Frequently asked questions about CVE-2025-52565
- Offline Security Data data is available for integration with other systems. See Offline Security Data API to get started.
External References
Content from www.cve.org is not included.https://www.cve.org/CVERecord?id=CVE-2025-52565
Content from nvd.nist.gov is not included.https://nvd.nist.gov/vuln/detail/CVE-2025-52565
Affected Packages and Issued Red Hat Security Errata
| Products / Services | Components | State | Errata |
|---|---|---|---|
| Red Hat AI Inference Server 3.2 | rhaiis/vllm-cuda-rhel9 | Fixed | RHSA-2025:23078 |
| Red Hat AI Inference Server 3.2 | rhaiis/vllm-rocm-rhel9 | Fixed | RHSA-2025:23079 |
| Red Hat AI Inference Server 3.2 | rhaiis/model-opt-cuda-rhel9 | Fixed | RHSA-2025:23080 |
| Red Hat AI Inference Server 3.2 | rhaiis/model-opt-cuda-rhel9 | Fixed | RHSA-2025:23202 |
| Red Hat AI Inference Server 3.2 | rhaiis/vllm-cuda-rhel9 | Fixed | RHSA-2025:23204 |
| Red Hat AI Inference Server 3.2 | rhaiis/vllm-rocm-rhel9 | Fixed | RHSA-2025:23205 |
| Red Hat AI Inference Server 3.2 | rhaiis/vllm-tpu-rhel9 | Fixed | RHSA-2025:23209 |
| Red Hat AI Inference Server 3.2 | rhaiis/vllm-rocm-rhel9 | Fixed | RHSA-2025:23449 |
| Red Hat AI Inference Server 3.2 | rhaiis/vllm-cuda-rhel9 | Fixed | RHSA-2026:3461 |
| Red Hat AI Inference Server 3.2 | rhaiis/vllm-rocm-rhel9 | Fixed | RHSA-2026:3462 |
| Red Hat Enterprise Linux 8 | container-tools:rhel8 | Fixed | RHSA-2025:21232 |
| Red Hat Enterprise Linux 8.8 Telecommunications Update Service | container-tools:rhel8 | Fixed | RHSA-2026:4693 |
| Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions | container-tools:rhel8 | Fixed | RHSA-2026:4693 |
| Red Hat Enterprise Linux 9 | runc | Fixed | RHSA-2025:19927 |
| Red Hat Enterprise Linux 9 | runc | Fixed | RHSA-2025:20957 |
| Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions | runc | Fixed | RHSA-2026:4531 |
| Red Hat Enterprise Linux 9.4 Extended Update Support | runc | Fixed | RHSA-2026:0425 |
| Red Hat OpenShift Container Platform 4 | openshift-clients | Not affected | |
| Red Hat OpenShift Container Platform 4.12 | runc | Fixed | RHSA-2026:0315 |
| Red Hat OpenShift Container Platform 4.13 | rhcos | Fixed | RHSA-2025:22275 |
| Red Hat OpenShift Container Platform 4.13 | runc | Fixed | RHSA-2026:0676 |
| Red Hat OpenShift Container Platform 4.14 | runc | Fixed | RHSA-2026:0995 |
| Red Hat OpenShift Container Platform 4.15 | rhcos | Fixed | RHSA-2025:23113 |
| Red Hat OpenShift Container Platform 4.15 | runc | Fixed | RHSA-2026:1540 |
| Red Hat OpenShift Container Platform 4.16 | rhcos | Fixed | RHSA-2025:21824 |
| Red Hat OpenShift Container Platform 4.16 | runc | Fixed | RHSA-2026:0418 |
| Red Hat OpenShift Container Platform 4.17 | runc | Fixed | RHSA-2026:0701 |
| Red Hat OpenShift Container Platform 4.18 | rhcos | Fixed | RHSA-2025:21795 |
| Red Hat OpenShift Container Platform 4.18 | runc | Fixed | RHSA-2026:0331 |
Common Vulnerability Scoring System (CVSS) Score Details
Important note
CVSS scores for open source components depend on vendor-specific factors (e.g. version or build chain). Therefore, Red Hat's score and impact rating can be different from NVD and other vendors. Red Hat remains the authoritative CVE Naming Authorities (CNA) source for its products and services (see Red Hat classifications ).
| CVSS v3 Score Breakdown | Red Hat | NVD |
|---|---|---|
| CVSS v3 Base Score | 8.2 | 7.5 |
| Attack Vector | Local | Local |
| Attack Complexity | Low | High |
| Privileges Required | Low | Low |
| User Interaction | Required | Required |
| Scope | Changed | Changed |
| Confidentiality Impact | High | High |
| Integrity Impact | High | High |
| Availability Impact | High | High |
CVSS v3 Vector
Red Hat CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
NVD CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H
Frequently Asked Questions
Why is Red Hat's CVSS v3 score or Impact different from other vendors?
For more information, see https://access.redhat.com/solutions/762393.
My product is listed as "Under investigation" or "Affected", when will Red Hat release a fix for this vulnerability?
- "Under investigation" doesn't necessarily mean that the product is affected by this vulnerability. It only means that our Analysis Team is still working on determining whether the product is affected and how it is affected.
- "Affected" means that our Analysis Team has determined that this product is affected by this vulnerability and might release a fix to address this in the near future.
What can I do if my product is listed as "Will not fix"?
Available options depend mostly on the Impact of the vulnerability and the current Life Cycle phase of your product. Overall, you have the following options:
- Upgrade to a supported product version that includes a fix for this vulnerability (recommended).
- Apply a mitigation (if one exists).
- Open a This content is not included.support case to request a prioritization of releasing a fix for this vulnerability.
What can I do if my product is listed as "Fix deferred"?
Available options depend mostly on the Impact of the vulnerability and the current Life Cycle phase of your product. Overall, you have the following options:
- Apply a mitigation (if one exists).
- Open a This content is not included.support case to request a prioritization of releasing a fix for this vulnerability.
- Red Hat Engineering focuses on addressing high-priority issues based on their complexity or limited lifecycle support. Therefore, lower-priority issues will not receive immediate fixes.
What is a mitigation?
I have a Red Hat product but it is not in the above list, is it affected?
Why is my security scanner reporting my product as vulnerable to this vulnerability even though my product version is fixed or not affected?
My product is listed as "Out of Support Scope". What does this mean?
Not sure what something means? Check out our Security Glossary.