NIXPKGS-2025-0020

published on 2 Oct 2025

Permalink CVE-2025-0750

updated 4 months ago by @Erethon Activity log

Created automatic suggestion 1 year ago
@fricklerhandwerk accepted 1 year ago
@Erethon published on GitHub 4 months ago

Cri-o: cri-o path traversal in log handling functions allows arbitrary unmounting

A vulnerability was found in CRI-O. A path traversal issue in the log management functions (UnMountPodLogs and LinkContainerLogs) may allow an attacker with permissions to create and delete Pods to unmount arbitrary host paths, leading to node-level denial of service by unmounting critical system directories.

Affected products

cri-o

*
<1.33.1

rhcos

Matching in nixpkgs

pkgs.cri-o

Open Container Initiative-based implementation of the Kubernetes Container Runtime Interface

nixos-unstable 1.31.2
- nixpkgs-unstable 1.31.2
- nixos-unstable-small 1.31.3

pkgs.cri-o-unwrapped

Open Container Initiative-based implementation of the Kubernetes Container Runtime Interface

nixos-unstable 1.31.2
- nixpkgs-unstable 1.31.2
- nixos-unstable-small 1.31.3

Package maintainers

@saschagrunert Sascha Grunert <mail@saschagrunert.de>
@vdemeester Vincent Demeester <vincent@sbr.pm>

Nixpkgs Security Tracker

Details of issue NIXPKGS-2025-0020

Affected products

Matching in nixpkgs

pkgs.cri-o

pkgs.cri-o-unwrapped

Package maintainers