MGASA-2025-0271

Advisory lineage Upstream: 3 Downstream: 0

Upstream

CVE-2025-31133 CVE-2025-52565 CVE-2025-52881

Published: 09 Nov 2025, 07:52

Last modified:16 Apr 2026, 04:21

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

09 Nov 2025, 07:52

Published

Vulnerability first disclosed

16 Apr 2026, 04:21

Last Modified

Vulnerability information updated

Description

Updated opencontainers-runc packages fix security vulnerabilities The way masked paths are implemented in runc can be exploited to cause the host system to crash or halt (CVE-2025-31133) and a flaw in /dev/console bind-mounts can lead to container escape (CVE-2025-52565). Also, arbitrary write gadgets and procfs write redirects could be used to engineer container escape and denial of service (CVE-2025-52881).

Affected Systems

mageia•opencontainers-runc
< 1.2.8-2.1.mga9

References (5)

https://advisories.mageia.org/MGASA-2025-0271.html
https://bugs.mageia.org/show_bug.cgi?id=34719
https://github.com/opencontainers/runc/security/advisories/GHSA-9493-h29p-rfm2
https://github.com/opencontainers/runc/security/advisories/GHSA-cgrx-mc8f-2prm
https://www.openwall.com/lists/oss-security/2025/11/05/3