{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-57852", "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "state": "PUBLISHED", "assignerShortName": "redhat", "dateReserved": "2025-08-21T14:40:40.822Z", "datePublished": "2025-09-30T14:37:10.024Z", "dateUpdated": "2026-03-06T23:45:29.053Z"}, "containers": {"cna": {"title": "Openshift-ai: privilege escalation via excessive /etc/passwd permissions", "metrics": [{"other": {"content": {"value": "Low", "namespace": "https://access.redhat.com/security/updates/classification/"}, "type": "Red Hat severity rating"}}, {"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS"}], "descriptions": [{"lang": "en", "value": "A container privilege escalation flaw was found in KServe ModelMesh container images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an affected container, even as a non-root user, can leverage their membership in the root group to modify the /etc/passwd file. This could allow the attacker to add a new user with any arbitrary UID, including UID 0, leading to full root privileges within the container."}], "affected": [{"vendor": "Red Hat", "product": "Red Hat OpenShift AI 2.16", "collectionURL": "https://catalog.redhat.com/software/containers/", "packageName": "rhoai/odh-modelmesh-rhel8", "defaultStatus": "affected", "versions": [{"version": "sha256:97e2bd9b587f08e135a9aeb9b3e0dc6eafa1a9bdacbb5ecb681ce9bd5aa37fc9", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:openshift_ai:2.16::el8"]}, {"vendor": "Red Hat", "product": "Red Hat OpenShift AI 2.19", "collectionURL": "https://catalog.redhat.com/software/containers/", "packageName": "rhoai/odh-modelmesh-rhel8", "defaultStatus": "affected", "versions": [{"version": "sha256:53ac36baa374159b9065c718a9ede821bbb61d9ebe9502b2243e0a9f7aca0d16", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:openshift_ai:2.19::el8"]}, {"vendor": "Red Hat", "product": "Red Hat OpenShift AI 2.21", "collectionURL": "https://catalog.redhat.com/software/containers/", "packageName": "rhoai/odh-modelmesh-rhel9", "defaultStatus": "affected", "versions": [{"version": "sha256:687c8eeed55f021ecaab1307f0e88b5b16d91f72d63b3d7168d7bbee90e8947b", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:openshift_ai:2.21::el9"]}, {"vendor": "Red Hat", "product": "Red Hat OpenShift AI 2.22", "collectionURL": "https://catalog.redhat.com/software/containers/", "packageName": "rhoai/odh-modelmesh-rhel9", "defaultStatus": "affected", "versions": [{"version": "sha256:1709fa3c79aad4ba7eb9be8299949396092c8e20210124e0c0936385bc04e839", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:openshift_ai:2.22::el9"]}, {"vendor": "Red Hat", "product": "Red Hat OpenShift AI 2.24", "collectionURL": "https://catalog.redhat.com/software/containers/", "packageName": "rhoai/odh-modelmesh-rhel9", "defaultStatus": "affected", "versions": [{"version": "sha256:92629b1462ca2ed121dd2f3069a005d78e00e1344d330d6a8710f53ec58b74b8", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:openshift_ai:2.24::el9"]}], "references": [{"url": "https://access.redhat.com/errata/RHSA-2025:16981", "name": "RHSA-2025:16981", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:16982", "name": "RHSA-2025:16982", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:16983", "name": "RHSA-2025:16983", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:16984", "name": "RHSA-2025:16984", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:17501", "name": "RHSA-2025:17501", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/security/cve/CVE-2025-57852", "tags": ["vdb-entry", "x_refsource_REDHAT"]}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2391105", "name": "RHBZ#2391105", "tags": ["issue-tracking", "x_refsource_REDHAT"]}], "datePublic": "2025-09-30T14:25:00.000Z", "problemTypes": [{"descriptions": [{"cweId": "CWE-276", "description": "Incorrect Default Permissions", "lang": "en", "type": "CWE"}]}], "x_redhatCweChain": "CWE-276: Incorrect Default Permissions", "timeline": [{"lang": "en", "time": "2025-08-26T00:00:00.000Z", "value": "Reported to Red Hat."}, {"lang": "en", "time": "2025-09-30T14:25:00.000Z", "value": "Made public."}], "credits": [{"lang": "en", "value": "Red Hat would like to thank Antony Di Scala and Michael Whale for reporting this issue."}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2026-03-06T23:45:29.053Z"}, "x_generator": {"engine": "cvelib 1.8.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-09-30T15:27:58.164163Z", "id": "CVE-2025-57852", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-09-30T15:35:07.031Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-57852", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-09-30T15:27:58.164163Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-09-30T15:28:00.770Z"}}], "cna": {"title": "Openshift-ai: privilege escalation via excessive /etc/passwd permissions", "credits": [{"lang": "en", "value": "Red Hat would like to thank Antony Di Scala and Michael Whale for reporting this issue."}], "metrics": [{"other": {"type": "Red Hat severity rating", "content": {"value": "Low", "namespace": "https://access.redhat.com/security/updates/classification/"}}}, {"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.4, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}}], "affected": [{"cpes": ["cpe:/a:redhat:openshift_ai:2.16::el8"], "vendor": "Red Hat", "product": "Red Hat OpenShift AI 2.16", "versions": [{"status": "unaffected", "version": "sha256:97e2bd9b587f08e135a9aeb9b3e0dc6eafa1a9bdacbb5ecb681ce9bd5aa37fc9", "lessThan": "*", "versionType": "rpm"}], "packageName": "rhoai/odh-modelmesh-rhel8", "collectionURL": "https://catalog.redhat.com/software/containers/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:openshift_ai:2.19::el8"], "vendor": "Red Hat", "product": "Red Hat OpenShift AI 2.19", "versions": [{"status": "unaffected", "version": "sha256:53ac36baa374159b9065c718a9ede821bbb61d9ebe9502b2243e0a9f7aca0d16", "lessThan": "*", "versionType": "rpm"}], "packageName": "rhoai/odh-modelmesh-rhel8", "collectionURL": "https://catalog.redhat.com/software/containers/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:openshift_ai:2.21::el9"], "vendor": "Red Hat", "product": "Red Hat OpenShift AI 2.21", "versions": [{"status": "unaffected", "version": "sha256:687c8eeed55f021ecaab1307f0e88b5b16d91f72d63b3d7168d7bbee90e8947b", "lessThan": "*", "versionType": "rpm"}], "packageName": "rhoai/odh-modelmesh-rhel9", "collectionURL": "https://catalog.redhat.com/software/containers/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:openshift_ai:2.22::el9"], "vendor": "Red Hat", "product": "Red Hat OpenShift AI 2.22", "versions": [{"status": "unaffected", "version": "sha256:1709fa3c79aad4ba7eb9be8299949396092c8e20210124e0c0936385bc04e839", "lessThan": "*", "versionType": "rpm"}], "packageName": "rhoai/odh-modelmesh-rhel9", "collectionURL": "https://catalog.redhat.com/software/containers/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:openshift_ai:2.24::el9"], "vendor": "Red Hat", "product": "Red Hat OpenShift AI 2.24", "versions": [{"status": "unaffected", "version": "sha256:92629b1462ca2ed121dd2f3069a005d78e00e1344d330d6a8710f53ec58b74b8", "lessThan": "*", "versionType": "rpm"}], "packageName": "rhoai/odh-modelmesh-rhel9", "collectionURL": "https://catalog.redhat.com/software/containers/", "defaultStatus": "affected"}], "timeline": [{"lang": "en", "time": "2025-08-26T00:00:00.000Z", "value": "Reported to Red Hat."}, {"lang": "en", "time": "2025-09-30T14:25:00.000Z", "value": "Made public."}], "datePublic": "2025-09-30T14:25:00.000Z", "references": [{"url": "https://access.redhat.com/errata/RHSA-2025:16981", "name": "RHSA-2025:16981", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:16982", "name": "RHSA-2025:16982", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:16983", "name": "RHSA-2025:16983", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:16984", "name": "RHSA-2025:16984", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:17501", "name": "RHSA-2025:17501", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/security/cve/CVE-2025-57852", "tags": ["vdb-entry", "x_refsource_REDHAT"]}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2391105", "name": "RHBZ#2391105", "tags": ["issue-tracking", "x_refsource_REDHAT"]}], "x_generator": {"engine": "cvelib 1.8.0"}, "descriptions": [{"lang": "en", "value": "A container privilege escalation flaw was found in KServe ModelMesh container images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an affected container, even as a non-root user, can leverage their membership in the root group to modify the /etc/passwd file. This could allow the attacker to add a new user with any arbitrary UID, including UID 0, leading to full root privileges within the container."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-276", "description": "Incorrect Default Permissions"}]}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2026-03-06T23:45:29.053Z"}, "x_redhatCweChain": "CWE-276: Incorrect Default Permissions"}}, "cveMetadata": {"cveId": "CVE-2025-57852", "state": "PUBLISHED", "dateUpdated": "2026-03-06T23:45:29.053Z", "dateReserved": "2025-08-21T14:40:40.822Z", "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "datePublished": "2025-09-30T14:37:10.024Z", "assignerShortName": "redhat"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A container privilege escalation flaw was found in KServe ModelMesh container images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an affected container, even as a non-root user, can leverage their membership in the root group to modify the /etc/passwd file. This could allow the attacker to add a new user with any arbitrary UID, including UID 0, leading to full root privileges within the container."}, {"lang": "es", "value": "Una falla de escalada de privilegios de contenedor fue encontrada en las im\u00e1genes de contenedor de KServe ModelMesh. Este problema se origina en que el archivo /etc /passwd es creado con permisos de escritura para el grupo durante el tiempo de compilaci\u00f3n. En ciertas condiciones, un atacante que puede ejecutar comandos dentro de un contenedor afectado, incluso como un usuario no-root, puede aprovechar su membres\u00eda en el grupo root para modificar el archivo /etc /passwd. Esto podr\u00eda permitir al atacante a\u00f1adir un nuevo usuario con cualquier UID arbitrario, incluyendo UID 0, lo que lleva a privilegios de root completos dentro del contenedor."}], "id": "CVE-2025-57852", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.5, "impactScore": 5.9, "source": "secalert@redhat.com", "type": "Primary"}]}, "published": "2025-09-30T15:15:53.720", "references": [{"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2025:16981"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2025:16982"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2025:16983"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2025:16984"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2025:17501"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/security/cve/CVE-2025-57852"}, {"source": "secalert@redhat.com", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2391105"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-276"}], "source": "secalert@redhat.com", "type": "Secondary"}]}

{"acknowledgement": "Red Hat would like to thank Antony Di Scala and Michael Whale for reporting this issue.", "bugzilla": {"description": "openshift-ai: privilege escalation via excessive /etc/passwd permissions", "id": "2391105", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2391105"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.2", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:H/A:L", "status": "draft"}, "cwe": "CWE-276", "details": ["A container privilege escalation flaw was found in KServe ModelMesh container images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an affected container, even as a non-root user, can leverage their membership in the root group to modify the /etc/passwd file. This could allow the attacker to add a new user with any arbitrary UID, including UID 0, leading to full root privileges within the container."], "name": "CVE-2025-57852", "package_state": [{"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Affected", "impact": "low", "package_name": "rhoai/odh-modelmesh-rhel8", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Affected", "impact": "low", "package_name": "rhoai/odh-modelmesh-rhel9", "product_name": "Red Hat OpenShift AI (RHOAI)"}], "public_date": "2025-09-30T14:25:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-57852\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-57852"], "statement": "Red Hat Security Ratings classify this as a Low and not Moderate in Red Hat OpenShift AI due to the restrictive SCC profile used for the ModelMesh containers. The restricted-v2 profile fully mitigates this vulnerability by dropping the SETUID and SETGID privileges, blocking the two system calls from processes within the container and preventing privilege escalation.", "threat_severity": "Low"}

{}