CVE-2025-57854

MEDIUM SEVERITY

CVSS Score & Metrics

Base Score

6.4 / 10

Vector String

                                        CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H                                    

Vulnerability Description

A container privilege escalation flaw was found in certain OpenShift Update Service (OSUS) images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an affected container, even as a non-root user, may be able to leverage their membership in the root group to modify the /etc/passwd file. This could allow the attacker to add a new user with any arbitrary UID, including UID 0, leading to full root privileges within the container.

Vulnerability Details

Published Date

April 08, 2026

Last Modified

April 08, 2026

CWE ID

CWE-276

Source

NVD

Vendor

Red Hat

Product

Red Hat OpenShift Update Service

External References

https://access.redhat.com/security/cve/CVE-2025-57854
https://bugzilla.redhat.com/show_bug.cgi?id=2391107

CVE-2025-57854

CVSS Score & Metrics

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment