Insecure User Permissions in Operator-SDK from Red Hat
CVE-2025-7195

5.2MEDIUM

Key Information:

Vendor

Red Hat
Status
Compliance Operator 1
File Integrity Operator 1
Multicluster Engine For Kubernetes 2.6
Multicluster Engine For Kubernetes 2.7
Vendor
CVE Published:
7 August 2025

What is CVE-2025-7195?

Early releases of the Operator-SDK from Red Hat contained a security flaw that allowed the /etc/passwd file to be built with insecure group-writable permissions. This issue arises from the use of the 'user_setup' script, which modifies file permissions during the container image build process. If an attacker gains access to an impacted container, they can exploit their non-root user membership in the root group to alter the /etc/passwd file. This exploitation could allow the attacker to create new user accounts with arbitrary user IDs, including root privileges, posing a severe security risk to the container and its environment.

Affected Version(s)

Compliance Operator 1 sha256:0903a7a5c857d96c84fd022e5785514eff201047e2fdd5d6699d79f17440ef02

File Integrity Operator 1 sha256:1d10b1fd2f76dd5e8c97c38747e621c39aca11b7b64cb820c1264680b7686138

multicluster engine for Kubernetes 2.6 sha256:46013beb1d8f782e92088ad4ea2d10155c67edb8d613966a5c069340bcac5ddd

References

https://access.redhat.com/errata/RHSA-2025:19332
vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:19335
vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:19958
vendor-advisoryx_refsource_REDHAT

CVSS V3.1

Score:
5.2
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
High
Availability:
Low
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.