Severity
7.3HIGH
EPSS
0.0%
top 96.72%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedNov 6
Latest updateNov 18
Description
runc is a CLI tool for spawning and running containers according to the OCI specification. In versions 1.2.7, 1.3.2 and 1.4.0-rc.2, an attacker can trick runc into misdirecting writes to /proc to other procfs files through the use of a racing container with shared mounts (we have also verified this attack is possible to exploit using a standard Dockerfile with docker buildx build as that also permits triggering parallel execution of containers with custom shared mounts configured). This redirect…
CVSS vector
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
Affected Packages5 packages
Patches
🔴Vulnerability Details
6OSV▶
Container escape and DDoS due to arbitrary write gadgets and procfs write redirects in github.com/opencontainers/runc↗2025-11-18
OSV▶
CVE-2025-52881: runc is a CLI tool for spawning and running containers according to the OCI specification↗2025-11-06
GHSA▶
runc container escape and denial of service due to arbitrary write gadgets and procfs write redirects↗2025-11-05
OSV▶
runc container escape and denial of service due to arbitrary write gadgets and procfs write redirects↗2025-11-05