Bug 2404715 (CVE-2025-52881) - CVE-2025-52881 runc: opencontainers/selinux: container escape and denial of service due to arbitrary write gadgets and procfs write redirects
Summary: CVE-2025-52881 runc: opencontainers/selinux: container escape and denial of s...
Keywords:
Status: NEW
Alias: CVE-2025-52881
Deadline: 2025-11-05
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
high
high
Target Milestone: ---
Assignee: Product Security DevOps Team
QA Contact:
URL:
Whiteboard:
Depends On: 2412965 2423984 2423988 2423992 2423998 2423999 2424000 2424001 2424002 2424003 2424004 2424005 2424006 2424007 2424008 2424009 2424010 2424012 2424013 2424015 2424016 2424022 2424023 2424027 2424032 2424033 2424034 2424035 2424036 2424037 2424038 2424039 2424040 2424041 2424043 2424045 2424046 2424053 2424055 2424068 2424069 2424072 2424075 2412964 2423983 2423985 2423986 2423987 2423989 2423990 2423991 2423993 2423994 2423995 2423996 2423997 2424011 2424014 2424017 2424018 2424019 2424020 2424021 2424024 2424025 2424026 2424028 2424029 2424030 2424031 2424044 2424048 2424051 2424057 2424059 2424060 2424063 2424066 2424071 2424073 2424074
Blocks:
TreeView+ depends on / blocked
 
Reported: 2025-10-17 15:10 UTC by OSIDB Bzimport
Modified: 2026-03-17 06:41 UTC (History)
114 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2025:19927 0 None None None 2025-11-07 18:01:05 UTC
Red Hat Product Errata RHSA-2025:20957 0 None None None 2025-11-11 15:00:21 UTC
Red Hat Product Errata RHSA-2025:21220 0 None None None 2025-11-13 09:03:34 UTC
Red Hat Product Errata RHSA-2025:21232 0 None None None 2025-11-13 10:36:13 UTC
Red Hat Product Errata RHSA-2025:21328 0 None None None 2025-11-20 07:48:48 UTC
Red Hat Product Errata RHSA-2025:21633 0 None None None 2025-11-18 00:12:20 UTC
Red Hat Product Errata RHSA-2025:21634 0 None None None 2025-11-18 00:23:27 UTC
Red Hat Product Errata RHSA-2025:21702 0 None None None 2025-11-18 15:27:04 UTC
Red Hat Product Errata RHSA-2025:21795 0 None None None 2025-11-27 04:22:44 UTC
Red Hat Product Errata RHSA-2025:21824 0 None None None 2025-11-27 11:07:19 UTC
Red Hat Product Errata RHSA-2025:22011 0 None None None 2025-11-25 05:17:11 UTC
Red Hat Product Errata RHSA-2025:22012 0 None None None 2025-11-25 04:58:44 UTC
Red Hat Product Errata RHSA-2025:22030 0 None None None 2025-11-25 07:55:04 UTC
Red Hat Product Errata RHSA-2025:22275 0 None None None 2025-12-05 13:27:18 UTC
Red Hat Product Errata RHSA-2025:23113 0 None None None 2026-01-07 07:15:34 UTC
Red Hat Product Errata RHSA-2025:23347 0 None None None 2025-12-18 10:03:06 UTC
Red Hat Product Errata RHSA-2025:23543 0 None None None 2025-12-18 04:19:53 UTC
Red Hat Product Errata RHSA-2026:0315 0 None None None 2026-01-15 00:20:08 UTC
Red Hat Product Errata RHSA-2026:0316 0 None None None 2026-01-15 05:11:25 UTC
Red Hat Product Errata RHSA-2026:0331 0 None None None 2026-01-15 19:03:06 UTC
Red Hat Product Errata RHSA-2026:0418 0 None None None 2026-01-15 19:06:34 UTC
Red Hat Product Errata RHSA-2026:0424 0 None None None 2026-01-12 02:16:06 UTC
Red Hat Product Errata RHSA-2026:0425 0 None None None 2026-01-12 03:35:19 UTC
Red Hat Product Errata RHSA-2026:0426 0 None None None 2026-01-12 03:25:27 UTC
Red Hat Product Errata RHSA-2026:0676 0 None None None 2026-01-22 19:46:35 UTC
Red Hat Product Errata RHSA-2026:0701 0 None None None 2026-01-22 18:46:00 UTC
Red Hat Product Errata RHSA-2026:0995 0 None None None 2026-01-30 15:07:20 UTC
Red Hat Product Errata RHSA-2026:1540 0 None None None 2026-02-05 16:31:35 UTC
Red Hat Product Errata RHSA-2026:2975 0 None None None 2026-02-25 14:35:22 UTC
Red Hat Product Errata RHSA-2026:3391 0 None None None 2026-03-04 15:41:48 UTC
Red Hat Product Errata RHSA-2026:3416 0 None None None 2026-03-04 08:58:21 UTC
Red Hat Product Errata RHSA-2026:4531 0 None None None 2026-03-12 20:53:24 UTC
Red Hat Product Errata RHSA-2026:4532 0 None None None 2026-03-12 20:57:36 UTC
Red Hat Product Errata RHSA-2026:4533 0 None None None 2026-03-12 21:30:52 UTC
Red Hat Product Errata RHSA-2026:4693 0 None None None 2026-03-17 06:40:59 UTC

Description OSIDB Bzimport 2025-10-17 15:10:11 UTC 
A flaw was found in runc. This attack is a more sophisticated variant of CVE-2019-16884, which was a flaw that allowed an attacker to trick runc into writing the LSM process labels for a container process into a dummy tmpfs file and thus not apply the correct LSM labels to the container process. The mitigation applied for CVE-2019-16884 was fairly limited and effectively only caused runc to verify that when we write LSM labels that those labels are actual procfs files.
Comment 6 errata-xmlrpc 2025-11-07 18:01:00 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2025:19927 https://access.redhat.com/errata/RHSA-2025:19927
Comment 9 errata-xmlrpc 2025-11-11 15:00:15 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2025:20957 https://access.redhat.com/errata/RHSA-2025:20957
Comment 11 errata-xmlrpc 2025-11-13 09:03:28 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 10

Via RHSA-2025:21220 https://access.redhat.com/errata/RHSA-2025:21220
Comment 12 errata-xmlrpc 2025-11-13 10:36:08 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2025:21232 https://access.redhat.com/errata/RHSA-2025:21232
Comment 13 errata-xmlrpc 2025-11-18 00:12:14 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 10.0 Extended Update Support

Via RHSA-2025:21633 https://access.redhat.com/errata/RHSA-2025:21633
Comment 14 errata-xmlrpc 2025-11-18 00:23:22 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.6 Extended Update Support

Via RHSA-2025:21634 https://access.redhat.com/errata/RHSA-2025:21634
Comment 15 errata-xmlrpc 2025-11-18 15:26:59 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2025:21702 https://access.redhat.com/errata/RHSA-2025:21702
Comment 16 errata-xmlrpc 2025-11-20 07:48:43 UTC 
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.14

Via RHSA-2025:21328 https://access.redhat.com/errata/RHSA-2025:21328
Comment 17 errata-xmlrpc 2025-11-25 04:58:39 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 10

Via RHSA-2025:22012 https://access.redhat.com/errata/RHSA-2025:22012
Comment 18 errata-xmlrpc 2025-11-25 05:17:05 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2025:22011 https://access.redhat.com/errata/RHSA-2025:22011
Comment 19 errata-xmlrpc 2025-11-25 07:54:58 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.6 Extended Update Support

Via RHSA-2025:22030 https://access.redhat.com/errata/RHSA-2025:22030
Comment 20 errata-xmlrpc 2025-11-27 04:22:39 UTC 
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.18

Via RHSA-2025:21795 https://access.redhat.com/errata/RHSA-2025:21795
Comment 21 errata-xmlrpc 2025-11-27 11:07:14 UTC 
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.16

Via RHSA-2025:21824 https://access.redhat.com/errata/RHSA-2025:21824
Comment 22 errata-xmlrpc 2025-12-05 13:27:13 UTC 
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.13

Via RHSA-2025:22275 https://access.redhat.com/errata/RHSA-2025:22275
Comment 23 errata-xmlrpc 2025-12-18 04:19:44 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2025:23543 https://access.redhat.com/errata/RHSA-2025:23543
Comment 24 errata-xmlrpc 2025-12-18 10:02:59 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 10.0 Extended Update Support

Via RHSA-2025:23347 https://access.redhat.com/errata/RHSA-2025:23347
Comment 25 errata-xmlrpc 2026-01-07 07:15:26 UTC 
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.15

Via RHSA-2025:23113 https://access.redhat.com/errata/RHSA-2025:23113
Comment 31 errata-xmlrpc 2026-01-12 02:15:58 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.4 Extended Update Support

Via RHSA-2026:0424 https://access.redhat.com/errata/RHSA-2026:0424
Comment 32 errata-xmlrpc 2026-01-12 03:25:19 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.4 Extended Update Support

Via RHSA-2026:0426 https://access.redhat.com/errata/RHSA-2026:0426
Comment 33 errata-xmlrpc 2026-01-12 03:35:11 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.4 Extended Update Support

Via RHSA-2026:0425 https://access.redhat.com/errata/RHSA-2026:0425
Comment 34 errata-xmlrpc 2026-01-15 00:20:00 UTC 
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.12

Via RHSA-2026:0315 https://access.redhat.com/errata/RHSA-2026:0315
Comment 35 errata-xmlrpc 2026-01-15 05:11:18 UTC 
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.12

Via RHSA-2026:0316 https://access.redhat.com/errata/RHSA-2026:0316
Comment 36 errata-xmlrpc 2026-01-15 19:02:59 UTC 
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.18

Via RHSA-2026:0331 https://access.redhat.com/errata/RHSA-2026:0331
Comment 37 errata-xmlrpc 2026-01-15 19:06:25 UTC 
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.16

Via RHSA-2026:0418 https://access.redhat.com/errata/RHSA-2026:0418
Comment 38 errata-xmlrpc 2026-01-22 18:45:52 UTC 
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.17

Via RHSA-2026:0701 https://access.redhat.com/errata/RHSA-2026:0701
Comment 39 errata-xmlrpc 2026-01-22 19:46:27 UTC 
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.13

Via RHSA-2026:0676 https://access.redhat.com/errata/RHSA-2026:0676
Comment 40 errata-xmlrpc 2026-01-30 15:07:12 UTC 
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.14

Via RHSA-2026:0995 https://access.redhat.com/errata/RHSA-2026:0995
Comment 41 errata-xmlrpc 2026-02-05 16:31:27 UTC 
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.15

Via RHSA-2026:1540 https://access.redhat.com/errata/RHSA-2026:1540
Comment 42 errata-xmlrpc 2026-02-25 14:35:14 UTC 
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.18

Via RHSA-2026:2975 https://access.redhat.com/errata/RHSA-2026:2975
Comment 43 errata-xmlrpc 2026-03-04 08:58:12 UTC 
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.17

Via RHSA-2026:3416 https://access.redhat.com/errata/RHSA-2026:3416
Comment 44 errata-xmlrpc 2026-03-04 15:41:40 UTC 
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.19

Via RHSA-2026:3391 https://access.redhat.com/errata/RHSA-2026:3391
Comment 45 errata-xmlrpc 2026-03-12 20:53:16 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions

Via RHSA-2026:4531 https://access.redhat.com/errata/RHSA-2026:4531
Comment 46 errata-xmlrpc 2026-03-12 20:57:27 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions

Via RHSA-2026:4532 https://access.redhat.com/errata/RHSA-2026:4532
Comment 47 errata-xmlrpc 2026-03-12 21:30:44 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions

Via RHSA-2026:4533 https://access.redhat.com/errata/RHSA-2026:4533
Comment 48 errata-xmlrpc 2026-03-17 06:40:50 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.8 Telecommunications Update Service

Via RHSA-2026:4693 https://access.redhat.com/errata/RHSA-2026:4693
Note You need to log in before you can comment on or make changes to this bug.