MGASA-2025-0271
- Source
- https://advisories.mageia.org/MGASA-2025-0271.html
- Import Source
- https://advisories.mageia.org/MGASA-2025-0271.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/MGASA-2025-0271
- Related
- Published
- 2025-11-09T07:52:10Z
- Modified
- 2025-11-09T07:10:19Z
- Summary
- Updated opencontainers-runc packages fix security vulnerabilities
- Details
-
The way masked paths are implemented in runc can be exploited to cause the host system to crash or halt (CVE-2025-31133) and a flaw in /dev/console bind-mounts can lead to container escape (CVE-2025-52565). Also, arbitrary write gadgets and procfs write redirects could be used to engineer container escape and denial of service (CVE-2025-52881).
- References
-
- https://advisories.mageia.org/MGASA-2025-0271.html
- https://bugs.mageia.org/show_bug.cgi?id=34719
- https://github.com/opencontainers/runc/security/advisories/GHSA-9493-h29p-rfm2
- https://github.com/opencontainers/runc/security/advisories/GHSA-cgrx-mc8f-2prm
- https://www.openwall.com/lists/oss-security/2025/11/05/3
- Credits
-
-
- Mageia - COORDINATOR
-
Affected packages
Mageia:9 / opencontainers-runc
Package
- Name
- opencontainers-runc
- Purl
- pkg:rpm/mageia/opencontainers-runc?arch=source&distro=mageia-9