Console and Write-Gadget Lurkers: CVE-2025-52565 & CVE-2025-52881: The second vulnerability, tracked as CVE-2025-52565, targets “/dev/console” bind-mount handling. An attacker can replace the target path with a symlink, which will cause runc to bind-mount the wrong target, allowing the attacker to gain write access to procfs paths.”As with CVE-2025-31133, this happens after pivot_root(2) and so cannot be used to bind-mount host files directly, but an attacker can trick runc into creating a read-write bind-mount of /proc/sys/kernel/core_pattern or /proc/sysrq-trigger, leading to a complete container breakout,” Sarai said, adding that versions 1.0.0-rc3 and later remain vulnerable.The third flaw (CVE-2025-52881) allows an attacker to bypass Linux Security Modules (LSM) such as SELinux or AppArmor by redirecting writes to procfs files. Once the LSM labels are effectively neutered, writes to host-level procfs become possible, enabling full host compromise.”Based on our analysis, neither AppArmor nor SELinux can protect against the full version of the redirected write attack,” Sarai said. ” The container runtime is generally privileged enough to write to arbitrary procfs files, which is more than sufficient to cause a container breakout.” Using rootless containers can help, as doing so will block most of the inadvertent writes, Sarai added. Additional analysis from Sysdig confirmed that all three flaws require the ability to start containers with custom mount configurations, which can be easily achieved through untrusted container images and Dockerfiles. Exploitation of these flaws can be done by monitoring suspicious symlink behaviors, Sysdig said. For this, it has added detection rules for its Secure and Falco users.
First seen on csoonline.com
Jump to article: www.csoonline.com/article/4087323/runtime-bugs-break-container-walls-enabling-root-on-docker-hosts.html
