Alerts This Week
Warning Icon 1 717
Alerts This Week
Warning Icon 1 717

Fedora 43: runc High Risk Security Fix 2025-ebd4913540 CVE-2025-31133

fedora
Calendar Grey November 14, 2025
Dist Fedora Esm H88
Federation 43 releases runc 1.3.3 with security updates for multiple CVEs ensuring container security.
Update to release v1.3.3

Summary

The runc command can be used to start containers which are packaged

in accordance with the Open Container Initiative's specifications,

and to manage containers running under runc.

Update Information:

Update to release v1.3.3

Topics%20covered

Topics Covered

security advisory fedora high runc container management cve-2025-31133

Change Log

* Wed Nov 5 2025 Bradley G Smith - 2:1.3.3-1 - Update to release v1.3.3 - Resolves: rhbz#2411664, rhbz#2411410, rhbz#2411148 - Resolves: rbhz#2410768, rhbz#2410512, rhbz#2410233 - Resolves: rhbz#2409818, rhbz#2409561, rhbz#2409284 - Resolves: rhbz#2408345, rhbz#2408091, rhbz#2407818 - Security. Fixes CVE-2025-31133, CVE-2025-52565, CVE-2025-52881 - Upstream new feature

References


[ 1 ] Bug #2407818 - CVE-2025-58189 runc: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2407818 [ 2 ] Bug #2408091 - CVE-2025-58189 runc: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2408091 [ 3 ] Bug #2408345 - CVE-2025-58189 runc: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2408345 [ 4 ] Bug #2409284 - CVE-2025-61723 runc: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2409284 [ 5 ] Bug #2409561 - CVE-2025-61723 runc: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2409561 [ 6 ] Bug #2409818 - CVE-2025-6...

Read the Full Advisory

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-ebd4913540' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: runc
Product: Fedora 43
Version: 1.3.3
Release: 1.fc43
URL: https://github.com/opencontainers/runc
Summary: CLI for running Open Containers

Topics%20covered

Topics Covered

security advisory fedora high runc container management cve-2025-31133

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here