Amazon Linux 2 : runc, --advisory ALAS2DOCKER-2025-085 (ALASDOCKER-2025-085)

The version of runc installed on the remote host is prior to 1.3.3-2. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2DOCKER-2025-085 advisory. Placeholder CVE. Details forthcoming CVE-2025-31133 net/url: insufficient validation of bracketed IPv6 hostnames The Par...

RHEL 9 : runc (RHSA-2025:20957)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:20957 advisory. The runC tool is a lightweight, portable implementation of the Open Container Format OCF that provides container runtime. Security Fixes:...

Amazon Linux 2 : runc, --advisory ALAS2ECS-2025-082 (ALASECS-2025-082)

The version of runc installed on the remote host is prior to 1.3.3-2. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2ECS-2025-082 advisory. Placeholder CVE. Details forthcoming CVE-2025-31133 net/url: insufficient validation of bracketed IPv6 hostnames The Parse...

Amazon Linux 2 : runc, --advisory ALAS2NITRO-ENCLAVES-2025-077 (ALASNITRO-ENCLAVES-2025-077)

The version of runc installed on the remote host is prior to 1.3.3-2. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2NITRO-ENCLAVES-2025-077 advisory. Placeholder CVE. Details forthcoming CVE-2025-31133 net/url: insufficient validation of bracketed IPv6 hostnames...

Important: runc security update

The runC tool is a lightweight, portable implementation of the Open Container Format OCF that provides container runtime. Security Fixes: runc: container escape via 'masked path' abuse due to mount race conditions CVE-2025-31133 runc: container escape with malicious config due to /dev/console mou...

ALSA-2025:20957 Important: runc security update

The runC tool is a lightweight, portable implementation of the Open Container Format OCF that provides container runtime. Security Fixes: runc: container escape via 'masked path' abuse due to mount race conditions CVE-2025-31133 runc: container escape with malicious config due to /dev/console mou...

SUSE-SU-2025:21038-1 Security update for podman

This update for podman fixes the following issues: - CVE-2025-31133,CVE-2025-52565,CVE-2025-52881: Fixed various container breakouts bsc1252376: - Fixed podman & buildah with runc 1.3.2 fail with lots of warnings as rootless bsc1252543...

SUSE-SU-2025:21036-1 Security update for runc

This update for runc fixes the following issues: Update to runc v1.3.3. Upstream changelog is available from . bsc1252232 CVE-2025-31133 CVE-2025-52565 CVE-2025-52881 Update to runc v1.3.2. Upstream changelog is available from bsc1252110 - Includes an important fix for the CPUSet translation for...

SUSE-SU-2025:21054-1 Security update for runc

This update for runc fixes the following issues: - Update to runc v1.3.3. Upstream changelog is available from . bsc1252232 CVE-2025-31133 CVE-2025-52565 CVE-2025-52881 - Update to runc v1.3.2. Upstream changelog is available from bsc1252110 - Includes an important fix for the CPUSet translation...

Improper Access Control

github.com/opencontainers/runc is vulnerable to improper access control. The vulnerability is due to insufficient validation when bind-mounting /dev/pts/$n to /dev/console after pivotroot, which allows an attacker to manipulate mount paths and gain writable access to sensitive locations,...

Oracle Linux 9 : runc (ELSA-2025-19927)

The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2025-19927 advisory. - fix CVE-2025-31133 CVE-2025-52565 CVE-2025-52881 Tenable has extracted the preceding description block directly from the Oracle Linux security...

AlmaLinux 9 : runc (ALSA-2025:19927)

The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2025:19927 advisory. runc: container escape via 'masked path' abuse due to mount race conditions CVE-2025-31133 runc: container escape with malicious config due to /dev/conso...

Important: runc

Issue Overview: Placeholder CVE. Details forthcoming CVE-2025-31133 net/url: insufficient validation of bracketed IPv6 hostnames The Parse function permitted values other than IPv6 addresses to be included in square brackets within the host component of a URL. RFC 3986 permits IPv6 addresses to b...

Mageia: Security Advisory (MGASA-2025-0271)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RHEL 9 : runc (RHSA-2025:19927)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:19927 advisory. The runC tool is a lightweight, portable implementation of the Open Container Format OCF that provides container runtime. Security Fixes:...

runc: LSM labels can be bypassed with malicious config using dummy procfs files

...

runc container escape via "masked path" abuse due to mount race conditions

...

MGASA-2025-0271 Updated opencontainers-runc packages fix security vulnerabilities

The way masked paths are implemented in runc can be exploited to cause the host system to crash or halt CVE-2025-31133 and a flaw in /dev/console bind-mounts can lead to container escape CVE-2025-52565. Also, arbitrary write gadgets and procfs write redirects could be used to engineer container...

RHSA-2025:19927 Red Hat Security Advisory: runc security update

Bulletin has no description...

Important: Red Hat Security Advisory: runc security update

An update for runc is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...