Critical runC Vulnerabilities Discovered in Docker and Kubernetes

Three newly disclosed vulnerabilities in the runC container runtime, critical for Docker and Kubernetes, could allow attackers to bypass container isolation and gain access to the host system. These vulnerabilities, tracked as CVE-2025-31133, CVE-2025-52565, and CVE-2025-52881, were reported by SUSE software engineer and Open Container Initiative board member Aleksa Sarai. runC is the universal container runtime responsible for low-level operations, including creating container processes and managing namespaces. If exploited, the vulnerabilities could grant an attacker write access to the underlying host with root privileges.

CVE-2025-31133 allows an attacker to replace /dev/null with a symlink during container initialization, enabling the bind-mounting of an attacker-controlled target into the container. This could lead to unauthorized writes to critical system files, facilitating a container escape. CVE-2025-52565 affects how the /dev/console bind mount can be redirected, potentially exposing writable access to sensitive procfs entries. Lastly, CVE-2025-52881 can trick runC into performing writes to /proc, bypassing Linux Security Module relabel protections, allowing arbitrary writes to dangerous files like /proc/sysrq-trigger.

These vulnerabilities affect all versions of runC for CVE-2025-31133 and CVE-2025-52881, while CVE-2025-52565 impacts versions 1.0.0-rc3 and later. Fixes are available in runC versions 1.2.8, 1.3.3, and 1.4.0-rc.3 and later. Sysdig, a cloud security company, highlights that exploiting these vulnerabilities requires the ability to start containers with custom mount configurations, which could be achieved through malicious container images or Dockerfiles. Currently, there are no reports of these flaws being actively exploited in the wild. Sysdig advises monitoring for suspicious symlink behaviors to detect attempts to exploit these vulnerabilities.

To mitigate the risks, runC developers recommend enabling user namespaces for all containers without mapping the host root user into the container's namespace. This precaution could help prevent significant parts of the attack due to Unix discretionary access control permissions. Sysdig also suggests using rootless containers to further reduce the potential damage from any exploitation attempts. The discovery of these critical vulnerabilities emphasizes the ongoing challenges in securing containerized applications within Docker and Kubernetes environments.