Updated opencontainers-runc packages fix security vulnerabilities
Publication date: 09 Nov 2025Modification date: 09 Nov 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-31133 , CVE-2025-52565 , CVE-2025-52881
Description
The way masked paths are implemented in runc can be exploited to cause
the host system to crash or halt (CVE-2025-31133) and a flaw in
/dev/console bind-mounts can lead to container escape (CVE-2025-52565).
Also, arbitrary write gadgets and procfs write redirects could be used
to engineer container escape and denial of service (CVE-2025-52881).
References
- https://bugs.mageia.org/show_bug.cgi?id=34719
- https://github.com/opencontainers/runc/security/advisories/GHSA-9493-h29p-rfm2
- https://github.com/opencontainers/runc/security/advisories/GHSA-cgrx-mc8f-2prm
- https://www.openwall.com/lists/oss-security/2025/11/05/3
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-31133
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-52565
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-52881
SRPMS
9/core
- opencontainers-runc-1.2.8-2.1.mga9