Ubuntu 25.10: runC Critical Denial of Service Threat USN-7851-2

A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 25.10 - Ubuntu 25.04 - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS Summary: USN-7851-1 introduced a regression in runC Software Description: - runc-app: Open Container Project - runc-stable: Open Container Project Details: USN-7851-1 fixed vulnerabilities in runC. The introduction of a new upstream release has caused regressions in runc-app and runc-stable. This update fixes the problem. Original advisory details: Lei Wang and Li Fubang discovered that runC incorrectly handled masked paths. An attacker could possibly replace a container's /dev/null with a symlink to some other procfs file and possibly escape a container. (CVE-2025-31133) Lei Wang and Li Fubang discovered that runC incorrectly handled the /dev/console bind-mounts. An attacker could potentially exploit this issue to build-mount a symlink and escape a container. (CVE-2025-52565) Li Fubang and Tõnis Tiigi discovered that the fix ...