Improper File Access

runc is vulnerable to improper file access. The vulnerability is due to insufficient validation of write targets in /proc during concurrent container execution with shared mounts, which allows an attacker to exploit race conditions and redirect writes to unintended procfs files...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : runc (SUSE-SU-2025:4073-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4073-1 advisory. Update to runc v1.3.3. Upstream changelog is available from . bsc1252232 CVE-2025-31133...

Photon OS 5.0: Runc PHSA-2025-5.0-0676

An update of the runc package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-5.0-0676. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

RHEL 8 : container-tools:rhel8 (RHSA-2025:21232)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:21232 advisory. The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: runc:...

Fedora 42 : runc (2025-ef192f5d10)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-ef192f5d10 advisory. Update to release v1.3.3 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

Important: container-tools:rhel8 security update

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: runc: container escape via 'masked path' abuse due to mount race conditions CVE-2025-31133 runc: container escape with malicious config due to /dev/console mount and...

SUSE SLES15 / openSUSE 15 Security Update : podman (SUSE-SU-2025:4081-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4081-1 advisory. - CVE-2025-31133: Fixed container escape via 'masked path' abuse due to mount race conditions bsc1252376 -...

SUSE SLES15 Security Update : buildah (SUSE-SU-2025:4075-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2025:4075-1 advisory. - CVE-2025-52881: Fixed container breakouts by bypassing runc's restrictions for writing to arbitrary /proc files bsc1253096 Other fixes: -...

SUSE SLES15 Security Update : buildah (SUSE-SU-2025:4074-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2025:4074-1 advisory. - CVE-2025-52881: Fixed container breakouts by bypassing runc's restrictions for writing to arbitrary /proc files bsc1253096 Other fixes: -...

SUSE SLES15 Security Update : podman (SUSE-SU-2025:4079-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4079-1 advisory. - CVE-2025-31133: Fixed container escape via 'masked path' abuse due to mount race conditions bsc1252376 - CVE-2025-52565: Fixed...

ALSA-2025:21232 Important: container-tools:rhel8 security update

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: runc: container escape via 'masked path' abuse due to mount race conditions CVE-2025-31133 runc: container escape with malicious config due to /dev/console mount and...

openSUSE Security Advisory (SUSE-SU-2025:4076-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2025:4076-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES12 Security Update : runc (SUSE-SU-2025:4077-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4077-1 advisory. Update to runc v1.3.3. Upstream changelog is available from . bsc1252232 CVE-2025-31133 CVE-2025-52565 CVE-2025-52881 Update to runc v1.3.2...

SUSE SLES15 Security Update : podman (SUSE-SU-2025:4080-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4080-1 advisory. - CVE-2025-31133: Fixed container escape via 'masked path' abuse due to mount race conditions bsc1252376 - CVE-2025-52565: Fixed...

SUSE SLES15 / openSUSE 15 Security Update : buildah (SUSE-SU-2025:4076-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2025:4076-1 advisory. - CVE-2025-52881: Fixed container breakouts by bypassing runc's restrictions for writing to arbitrary /proc files bsc1253096...

Security update for podman

This update for podman fixes the following issues: CVE-2025-31133: Fixed container escape via 'masked path' abuse due to mount race conditions bsc1252376 CVE-2025-52565: Fixed container escape with malicious config due to /dev/console mount and related races bsc1252376 CVE-2025-52881: Fixed...

SUSE-SU-2025:4081-1 Security update for podman

This update for podman fixes the following issues: - CVE-2025-31133: Fixed container escape via 'masked path' abuse due to mount race conditions bsc1252376 - CVE-2025-52565: Fixed container escape with malicious config due to /dev/console mount and related races bsc1252376 - CVE-2025-52881: Fixed...

Security update for podman

This update for podman fixes the following issues: CVE-2025-31133: Fixed container escape via 'masked path' abuse due to mount race conditions bsc1252376 CVE-2025-52565: Fixed container escape with malicious config due to /dev/console mount and related races bsc1252376 CVE-2025-52881: Fixed...

SUSE-SU-2025:4080-1 Security update for podman

This update for podman fixes the following issues: - CVE-2025-31133: Fixed container escape via 'masked path' abuse due to mount race conditions bsc1252376 - CVE-2025-52565: Fixed container escape with malicious config due to /dev/console mount and related races bsc1252376 - CVE-2025-52881: Fixed...