VIR Vulnerability Intelligence Relay

CVE-2025-52881

high
Published 2025-11-07 · Modified 2025-11-19
CVSS v3
CVSS v2
VIR risk
8.0

Description

Important: runc security update

Predictions

Exploit likelihood
20%
Patch ETA

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/9/ALSA-2025-20957.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/9/ALSA-2025-19927.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/8/ALSA-2025-21232.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2404708

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2404705

vendor Authored 2026-05-27

Vendor advisory: alma — https://access.redhat.com/errata/RHSA-2025:21232

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/9/ALSA-2025-22011.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2407258

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/9/ALSA-2025-21702.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/8/ALSA-2025-23543.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2404715

vendor Authored 2026-05-27

Vendor advisory: alma — https://access.redhat.com/errata/RHSA-2025:23543

vendor Authored 2026-05-27

Vendor advisory: debian — https://security-tracker.debian.org/tracker/CVE-2025-52881

vendor Authored 2026-05-27

Vendor advisory: rocky — https://errata.rockylinux.org/RLSA-2025:20957

vendor Authored 2026-05-27

Vendor advisory: rocky — https://errata.rockylinux.org/RLSA-2025:21702

vendor Authored 2026-05-27

Vendor advisory: rocky — https://errata.rockylinux.org/RLSA-2025:22011

vendor Authored 2026-05-27

Vendor advisory: suse — https://www.suse.com/security/cve/CVE-2025-52881.html

vendor Authored 2026-05-27

Vendor advisory: redhat — https://access.redhat.com/errata/RHSA-2025:22011

vendor Authored 2026-05-27

Vendor advisory: redhat — https://access.redhat.com/errata/RHSA-2025:21702

vendor Authored 2026-05-27

Vendor advisory: redhat — https://access.redhat.com/errata/RHSA-2025:20957

vendor Authored 2026-05-27

Vendor advisory: redhat — https://access.redhat.com/errata/RHSA-2025:19927

vendor Authored 2026-05-27

Vendor advisory: rocky — https://errata.rockylinux.org/RLSA-2025:21232

vendor Authored 2026-05-27

Vendor advisory: rocky — https://errata.rockylinux.org/RLSA-2025:23543

OS impact
OSVersionStatusFixed in
rockylinux rocky8fixed
redhat rhel9fixed
suse slesaffected
rockylinux rocky9fixed
debian debianbookwormaffected
debian debianbullseyeaffected
debian debianforkyfixed1.3.3+ds1-2
debian debiansidfixed1.3.3+ds1-2
debian debiantrixieaffected

Package impact
EcosystemPackageVulnerableFixed
golang Gogithub.com/opencontainers/runc<1.2.81.2.8
golang Gogithub.com/opencontainers/selinux<1.13.01.13.0
golang Gogithub.com/opencontainers/runc>=1.3.0-rc.1,<1.3.31.3.3
golang Gogithub.com/opencontainers/runc>=1.4.0-rc.1,<1.4.0-rc.31.4.0-rc.3

References

Verify integrity in audit chain (admin only). AS-IS.