ALSA-2025:19927

[ALSA-2025:19927] Important: runc security update

Type:

security

Severity:

important

Release date:

2025-11-10

Description:

The runC tool is a lightweight, portable implementation of the Open Container Format (OCF) that provides container runtime.  

Security Fix(es):  

  * runc: container escape via 'masked path' abuse due to mount race conditions (CVE-2025-31133)
  * runc: container escape with malicious config due to /dev/console mount and related races (CVE-2025-52565)
  * runc: container escape and denial of service due to arbitrary write gadgets and procfs write redirects (CVE-2025-52881)


For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	runc-1.2.5-3.el9_6.aarch64.rpm	0fc1baae6db8f9fc9a1f13fbe837360ae3b8533a775d19d039869b57701694f3
ppc64le	runc-1.2.5-3.el9_6.ppc64le.rpm	f9e2c08793284ac95ac628a7f3395d81082315b63f711ee2e8f2eb44a3e6f223
s390x	runc-1.2.5-3.el9_6.s390x.rpm	1f81a90565da1d20e7b1b4d1141879bfc422bfe16b1538411040fcf8d2e3f245
x86_64	runc-1.2.5-3.el9_6.x86_64.rpm	711a40b34b32bbe49d4b2caefd5573401a3d409f5a14199f139f3aa679af7ec2

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.