6.4
CVE-2025-57852
- EPSS 0.01%
- Veröffentlicht 30.09.2025 15:15:53
- Zuletzt bearbeitet 15.04.2026 00:35:42
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
Openshift-ai: privilege escalation via excessive /etc/passwd permissions
A container privilege escalation flaw was found in KServe ModelMesh container images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an affected container, even as a non-root user, can leverage their membership in the root group to modify the /etc/passwd file. This could allow the attacker to add a new user with any arbitrary UID, including UID 0, leading to full root privileges within the container.
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerRed Hat
≫
Produkt
Red Hat OpenShift AI 2.16
Default Statusaffected
Version
sha256:97e2bd9b587f08e135a9aeb9b3e0dc6eafa1a9bdacbb5ecb681ce9bd5aa37fc9
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat OpenShift AI 2.19
Default Statusaffected
Version
sha256:53ac36baa374159b9065c718a9ede821bbb61d9ebe9502b2243e0a9f7aca0d16
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat OpenShift AI 2.21
Default Statusaffected
Version
sha256:687c8eeed55f021ecaab1307f0e88b5b16d91f72d63b3d7168d7bbee90e8947b
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat OpenShift AI 2.22
Default Statusaffected
Version
sha256:1709fa3c79aad4ba7eb9be8299949396092c8e20210124e0c0936385bc04e839
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat OpenShift AI 2.24
Default Statusaffected
Version
sha256:92629b1462ca2ed121dd2f3069a005d78e00e1344d330d6a8710f53ec58b74b8
Version <
*
Status
unaffected
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.01% | 0.018 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| secalert@redhat.com | 6.4 | 0.5 | 5.9 |
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
|
CWE-276 Incorrect Default Permissions
During installation, installed file permissions are set to allow anyone to modify those files.