CVE-2025-52881 | runc: LSM labels can be bypassed with malicious config using dummy procfs files

Exp

runc is a CLI tool for spawning and running containers according to the OCI specification. In versions 1.2.7, 1.3.2 and 1.4.0-rc.2, an attacker can trick runc into misdirecting writes to /proc to other procfs files through the use of a racing container with shared mounts (we have also verified this attack is possible to exploit using a standard Dockerfile with docker buildx build as that also permits triggering parallel execution of containers with custom shared mounts configured). This redirect could be through symbolic links in a tmpfs or theoretically other methods such as regular bind-mounts. While similar, the mitigation applied for the related CVE, CVE-2019-19921, was fairly limited and effectively only caused runc to verify that when LSM labels are written they are actually procfs files. This issue is fixed in versions 1.2.8, 1.3.3, and 1.4.0-rc.3.

Published: 2025-11-06 Last update: 2025-12-03 Assigner: [email protected] Source: [email protected]
NVD Status:AnalyzedCVE State: published
View at NVD, CVE.org, EUVD

CVE-2025-52881 is rated Exploit Available (50/100): CVSS High severity, with low exploitation likelihood (EPSS 0.01%). 1 public exploit reference(s) are indexed (Exploit-DB). Public exploits are available—assess exposure, apply mitigations, and prioritize patching.

Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.

Public exploit references (Exploit-DB) for CVE-2025-52881

EDB-ID Source Kind Published Link
nvd_ref exploit_tag Exploit-DB ↗

Exploit prediction scoring system (EPSS) score for CVE-2025-52881

EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).

# Date Old EPSS score New EPSS score Delta (New - Old)
1 2025-11-07 0.01%

Full EPSS history (1 record total)

Common vulnerability scoring system (CVSS) metrics for CVE-2025-52881

CVSS metrics for this CVE.

Base score Version Severity Vector Exploitability Impact Score source
7.3 4.0 HIGH
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Click to expand
Attack vector (AV:L)
Attacker needs local access on the target system.
Attack complexity (AC:L)
Exploitation conditions are straightforward and stable.
Attack requirements (AT:P)
Additional preconditions must be present for exploitation.
Privileges required (PR:L)
Low privileges are required.
User interaction (UI:A)
User interaction is required in an active way.
Vulnerable system confidentiality impact (VC:H)
High confidentiality impact on the vulnerable system.
Vulnerable system integrity impact (VI:H)
High integrity impact on the vulnerable system.
Vulnerable system availability impact (VA:H)
High availability impact on the vulnerable system.
Subsequent system confidentiality impact (SC:H)
High confidentiality impact on subsequent systems.
Subsequent system integrity impact (SI:H)
High integrity impact on subsequent systems.
Subsequent system availability impact (SA:H)
High availability impact on subsequent systems.
Exploit maturity (threat) (E:X)
Not defined: no reliable threat intelligence; scoring assumes the worst case (equivalent to Attacked).
Confidentiality requirement (CR:X)
Not defined: insufficient information; scoring treats this like High (worst case).
Integrity requirement (IR:X)
Not defined: insufficient information; scoring treats this like High (worst case).
Availability requirement (AR:X)
Not defined: insufficient information; scoring treats this like High (worst case).
Modified attack vector (MAV:X)
Not defined: scoring uses the Base Attack Vector (AV).
Modified attack complexity (MAC:X)
Not defined: scoring uses the Base Attack Complexity (AC).
Modified attack requirements (MAT:X)
Not defined: scoring uses the Base Attack Requirements (AT).
Modified privileges required (MPR:X)
Not defined: scoring uses the Base Privileges Required (PR).
Modified user interaction (MUI:X)
Not defined: scoring uses the Base User Interaction (UI).
Modified vulnerable system confidentiality impact (MVC:X)
Not defined: scoring uses the Base VC metric.
Modified vulnerable system integrity impact (MVI:X)
Not defined: scoring uses the Base VI metric.
Modified vulnerable system availability impact (MVA:X)
Not defined: scoring uses the Base VA metric.
Modified subsequent system confidentiality impact (MSC:X)
Not defined: scoring uses the Base SC metric.
Modified subsequent system integrity impact (MSI:X)
Not defined: scoring uses the Base SI metric.
Modified subsequent system availability impact (MSA:X)
Not defined: scoring uses the Base SA metric.
Safety (supplemental) (S:X)
Not evaluated.
Automatable (supplemental) (AU:X)
Not evaluated.
Recovery (supplemental) (R:X)
Not evaluated.
Value density (supplemental) (V:X)
Not evaluated.
Vulnerability response effort (supplemental) (RE:X)
Not evaluated.
Provider urgency (supplemental) (U:X)
Not evaluated.
 [email protected]
7.5 3.1 HIGH
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H Click to expand
Attack vector (AV:L)
They already need access on the box, or another person has to do something wrong; it’s not a remote drive-by.
Attack complexity (AC:H)
Even with access, the exploit needs extra luck, timing, or a fussy environment to actually work.
Privileges required (PR:L)
A normal user session is enough; they don’t have to be admin.
User interaction (UI:R)
A real person has to do something—click, install, enable—otherwise it doesn’t land.
Scope (S:C)
Breaking this can reach past the original component and bite other resources—bigger blast radius.
Confidentiality (C:H)
Serious risk that confidential data gets exposed in a big way.
Integrity (I:H)
They could widely tamper with or forge data—trust in the data is badly hurt.
Availability (A:H)
Could take the service down hard or make it unusable for people who depend on it.
 0.8 6.0 [email protected]

Weakness enumeration for CVE-2025-52881

GitHub Security Advisory for CVE-2025-52881

GHSA-cgrx-mc8f-2prm · Severity: high · Ecosystem: go — runc container escape and denial of service due to arbitrary write gadgets and procfs write redirects

OS Trackers for CVE-2025-52881

vendor priority summary link
alpine CVE-2025-52881: 3 source package rows (buildah, podman, runc); 60 state rows across 3 repos (3.22-community, 3.23-community, edge-community); fixed 18, open 42. https://security.alpinelinux.org/vuln/CVE-2025-52881
debian not yet assigned CVE-2025-52881 not yet assigned priority: Debian including 1 source packages (runc), 5 status rows across 5 suites (bookworm, bullseye, forky, sid, trixie): open 3, resolved 2. https://security-tracker.debian.org/tracker/CVE-2025-52881
redhat high https://access.redhat.com/security/cve/CVE-2025-52881
suse high CVE-2025-52881 severity important: SUSE including 482 source package names (2.0.4-5.5.402:podman-4.9.5-150500.3.56.2, 2.0.4-5.5.402:runc-1.3.3-150000.85.1, …), 1586 product×package rows across 278 product lines (Container suse/sl-micro/6.0/baremetal-os-container, Container suse/sl-micro/6.0/base-os-container, … (278 product lines)): Known Not Affected 761, Fixed 587, Known Affected 231, First Fixed 7. https://www.suse.com/security/cve/CVE-2025-52881/
ubuntu high CVE-2025-52881 high priority: Ubuntu including 3 source packages (runc, runc-app, runc-stable), 22 status rows across 9 suites (bionic, focal, jammy, noble, plucky, questing, trusty, upstream, xenial): ignored 8, released 8, DNE 6. https://ubuntu.com/security/CVE-2025-52881

Affected software / configurations for CVE-2025-52881

Vendor Product Version Raw CPE
linuxfoundation runc < 1.2.8 cpe:2.3:a:linuxfoundation:runc:*:*:*:*:*:*:*:*
linuxfoundation runc >= 1.3.0, < 1.3.3 cpe:2.3:a:linuxfoundation:runc:*:*:*:*:*:*:*:*
linuxfoundation runc 1.4.0 cpe:2.3:a:linuxfoundation:runc:1.4.0:rc1:*:*:*:*:*:*
linuxfoundation runc 1.4.0 cpe:2.3:a:linuxfoundation:runc:1.4.0:rc2:*:*:*:*:*:*

References for CVE-2025-52881

URL Tags
http://github.com/opencontainers/runc/commit/a41366e74080fa9f26a2cd3544e2801449697322 Patch
http://github.com/opencontainers/runc/commit/fdcc9d3cad2f85954a241ccb910a61aaa1ef47f3 Patch
https://github.com/opencontainers/runc/blob/v1.4.0-rc.2/RELEASES.md Patch
https://github.com/opencontainers/runc/commit/3f925525b44d247e390e529e772a0dc0c0bc3557 Patch
https://github.com/opencontainers/runc/commit/435cc81be6b79cdec73b4002c0dae549b2f6ae6d Patch
https://github.com/opencontainers/runc/commit/44a0fcf685db051c80b8c269812bb177f5802c58 Patch
https://github.com/opencontainers/runc/commit/4b37cd93f86e72feac866442988b549b5b7bf3e6 Patch
https://github.com/opencontainers/runc/commit/6fc191449109ea14bb7d61238f24a33fe08c651f Patch
https://github.com/opencontainers/runc/commit/77889b56db939c323d29d1130f28f9aea2edb544 Patch
https://github.com/opencontainers/runc/commit/77d217c7c3775d8ca5af89e477e81568ef4572db Patch
https://github.com/opencontainers/runc/commit/b3dd1bc562ed9996d1a0f249e056c16624046d28 Patch
https://github.com/opencontainers/runc/commit/d40b3439a9614a86e87b81a94c6811ec6fa2d7d2 Patch
https://github.com/opencontainers/runc/commit/d61fd29d854b416feaaf128bf650325cd2182165 Patch
https://github.com/opencontainers/runc/commit/db19bbed5348847da433faa9d69e9f90192bfa64 Patch
https://github.com/opencontainers/runc/commit/ed6b1693b8b3ae7eb0250a7e76fc888cdacf98c1 Patch
https://github.com/opencontainers/runc/commit/ff6fe1324663538167eca8b3d3eec61e1bd4fa51 Patch
https://github.com/opencontainers/runc/commit/ff94f9991bd32076c871ef0ad8bc1b763458e480 Patch
https://github.com/opencontainers/runc/security/advisories/GHSA-9493-h29p-rfm2 Patch Third Party Advisory
https://github.com/opencontainers/runc/security/advisories/GHSA-cgrx-mc8f-2prm Exploit Mitigation Patch Third Party Advisory
https://github.com/opencontainers/runc/security/advisories/GHSA-qw9x-cqr3-wc7r Patch Third Party Advisory
cvelogic Threat Intelligence