Container Privilege Escalation Flaw in CodeReady Workspaces by Red Hat
CVE-2025-57850

5.2MEDIUM

Key Information:

Vendor

Red Hat
Status
Red Hat Openshift Dev Spaces
Vendor
CVE Published:
2 December 2025

What is CVE-2025-57850?

A vulnerability exists in CodeReady Workspaces images that enables a privilege escalation threat in container environments. This arises from the /etc/passwd file being configured with group-writable permissions during the build process. Consequently, if an attacker, regardless of their user status within the container, executes commands, they can exploit their membership in the root group to manipulate the /etc/passwd file. This can lead to adding a new user with any arbitrary UID, including UID 0, which grants full root privileges within the container, compromising the integrity and security of the application.

References

https://access.redhat.com/security/cve/CVE-2025-57850
vdb-entryx_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2391103
issue-trackingx_refsource_REDHAT

CVSS V3.1

Score:
5.2
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
High
Availability:
Low
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.