Path Traversal Vulnerability in CRI-O Affects Node-Level Operations
CVE-2025-0750

6.6MEDIUM

Key Information:

Status
Red Hat Openshift Container Platform 4.17
Red Hat Openshift Container Platform 4
Vendor
CVE Published:
28 January 2025

What is CVE-2025-0750?

A significant vulnerability exists in the CRI-O log management functionalities, specifically within the UnMountPodLogs and LinkContainerLogs methods. This flaw allows a malicious actor, possessing the necessary permissions to create and delete Pods, to exploit path traversal techniques. By doing so, they may unmount arbitrary host paths, potentially compromising node stability and availability. Such actions could culminate in a denial of service at the node level, impacting the integrity and performance of critical system directories.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://access.redhat.com/errata/RHSA-2025:1122
vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-0750
vdb-entryx_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2339405
issue-trackingx_refsource_REDHAT

CVSS V3.1

Score:
6.6
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Red Hat would like to thank Dongha Kim for reporting this issue.
JSON
.