CVE-2025-52565
Publication date 5 November 2025
Last updated 5 November 2025
Ubuntu priority
Description
container escape with malicious config due to /dev/console mount and related races
Read the notes from the security team
Why is this CVE high priority?
runc developers have rated this as being high severity
Status
| Package | Ubuntu Release | Status |
|---|---|---|
| runc | 25.10 questing | Ignored backport too intrusive |
| 25.04 plucky | Ignored backport too intrusive | |
| 24.04 LTS noble | Ignored backport too intrusive | |
| 22.04 LTS jammy | Ignored backport too intrusive | |
| 20.04 LTS focal | Ignored backport too intrusive | |
| 18.04 LTS bionic | Ignored backport too intrusive | |
| 16.04 LTS xenial | Ignored backport too intrusive | |
| runc-app | 25.10 questing |
Fixed 1.3.3-0ubuntu1~25.10.2
|
| 25.04 plucky |
Fixed 1.3.3-0ubuntu1~25.04.2
|
|
| 24.04 LTS noble |
Fixed 1.3.3-0ubuntu1~24.04.2
|
|
| 22.04 LTS jammy |
Fixed 1.3.3-0ubuntu1~22.04.2
|
|
| 20.04 LTS focal | Ignored backport too intrusive | |
| runc-stable | 25.10 questing |
Fixed 1.3.3-0ubuntu1~25.10.2
|
| 24.04 LTS noble | Not in release | |
| 22.04 LTS jammy | Not in release | |
| 20.04 LTS focal | Not in release | |
| 18.04 LTS bionic | Not in release | |
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release |
Notes
sbeattie
src:runc-app provides the runc binaries, src:runc provides golang-github-opencontainers-runc-dev in older releases. See LP: #2022390 and LP: #2040460 for details.
References
Related Ubuntu Security Notices (USN)
- USN-7851-1
- runC vulnerabilities
- 4 November 2025