Container Privilege Escalation Flaw in KServe ModelMesh by Red Hat
CVE-2025-57852

5.2MEDIUM

Key Information:

Vendor

Red Hat
Status
Red Hat Openshift Ai 2.16
Red Hat Openshift Ai 2.19
Red Hat Openshift Ai 2.21
Red Hat Openshift Ai 2.22
Vendor
CVE Published:
30 September 2025

What is CVE-2025-57852?

A potential security flaw has been identified in the KServe ModelMesh container images, allowing for privilege escalation due to improperly set permissions on the /etc/passwd file. During the container's build process, this file can be left with group-writable permissions. This allows an attacker, who gains access to the container environment—even as a non-root user—to exploit their membership in the root group. If successful, the attacker can modify the /etc/passwd file to create a new user with arbitrary User IDs, including the highly privileged UID 0, potentially providing them with full root access within the container environment.

Affected Version(s)

Red Hat OpenShift AI 2.16 sha256:97e2bd9b587f08e135a9aeb9b3e0dc6eafa1a9bdacbb5ecb681ce9bd5aa37fc9

Red Hat OpenShift AI 2.19 sha256:53ac36baa374159b9065c718a9ede821bbb61d9ebe9502b2243e0a9f7aca0d16

Red Hat OpenShift AI 2.21 sha256:687c8eeed55f021ecaab1307f0e88b5b16d91f72d63b3d7168d7bbee90e8947b

References

https://access.redhat.com/errata/RHSA-2025:16981
vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:16982
vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:16983
vendor-advisoryx_refsource_REDHAT

CVSS V3.1

Score:
5.2
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
High
Availability:
Low
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Red Hat would like to thank Antony Di Scala and Michael Whale for reporting this issue.
JSON
.
CVE-2025-57852 : Container Privilege Escalation Flaw in KServe ModelMesh by Red Hat