CVE-2025-2713

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2025-2713
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-2713.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2025-2713
Downstream
Published
2025-03-28T16:15:30.043Z
Modified
2026-02-26T01:23:21.282160Z
Severity
  • 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

Google gVisor's runsc component exhibited a local privilege escalation vulnerability due to incorrect handling of file access permissions, which allowed unprivileged users to access restricted files. This occurred because the process initially ran with root-like permissions until the first fork.

References

Affected packages

Git / github.com/google/gvisor

Affected ranges

Type
GIT
Repo
https://github.com/google/gvisor
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
e1ffb147787ac37d003c60519a7e859a80f89b1f

Affected versions

release-20190304.*
release-20190304.1
release-20190529.*
release-20190529.1
release-20190722.*
release-20190722.1
release-20190806.*
release-20190806.1
release-20191104.*
release-20191104.0
release-20191114.*
release-20191114.0
release-20191129.*
release-20191129.0
release-20191210.*
release-20191210.0
release-20191213.*
release-20191213.0
release-20200115.*
release-20200115.0
release-20200127.*
release-20200127.0
release-20200211.*
release-20200211.0
release-20200219.*
release-20200219.0
release-20200323.*
release-20200323.0
release-20200413.*
release-20200413.0
release-20200422.*
release-20200422.0
release-20200511.*
release-20200511.0
release-20200518.*
release-20200518.0
release-20200522.*
release-20200522.0
release-20200601.*
release-20200601.0
release-20200608.*
release-20200608.0
release-20200622.*
release-20200622.1
release-20200804.*
release-20200804.0
release-20200810.*
release-20200810.0
release-20200818.*
release-20200818.0
release-20200907.*
release-20200907.0
release-20200914.*
release-20200914.0
release-20200921.*
release-20200921.0
release-20200928.*
release-20200928.0
release-20201005.*
release-20201005.0
release-20201012.*
release-20201012.0
release-20201019.*
release-20201019.0
release-20201027.*
release-20201027.0
release-20201030.*
release-20201030.0
release-20201109.*
release-20201109.0
release-20201117.*
release-20201117.0
release-20201130.*
release-20201130.0
release-20201208.*
release-20201208.0
release-20201216.*
release-20201216.0
release-20210112.*
release-20210112.0
release-20210121.*
release-20210121.1
release-20210125.*
release-20210125.0
release-20210201.*
release-20210201.0
release-20210208.*
release-20210208.0
release-20210301.*
release-20210301.0
release-20210309.*
release-20210309.0
release-20210315.*
release-20210315.0
release-20210322.*
release-20210322.0
release-20210408.*
release-20210408.0
release-20210412.*
release-20210412.0
release-20210419.*
release-20210419.0
release-20210503.*
release-20210503.0
release-20210510.*
release-20210510.0
release-20210518.*
release-20210518.0
release-20210601.*
release-20210601.0
release-20210607.*
release-20210607.0
release-20210614.*
release-20210614.0
release-20210622.*
release-20210622.0
release-20210628.*
release-20210628.0
release-20210705.*
release-20210705.0
release-20210712.*
release-20210712.0
release-20210720.*
release-20210720.0
release-20210726.*
release-20210726.0
release-20210806.*
release-20210806.0
release-20210816.*
release-20210816.0
release-20210823.*
release-20210823.0
release-20210830.*
release-20210830.0
release-20210906.*
release-20210906.0
release-20210921.*
release-20210921.0
release-20210927.*
release-20210927.0
release-20211005.*
release-20211005.0
release-20211011.*
release-20211011.0
release-20211019.*
release-20211019.0
release-20211026.*
release-20211026.0
release-20211101.*
release-20211101.0
release-20211108.*
release-20211108.0
release-20211115.*
release-20211115.0
release-20211122.*
release-20211122.0
release-20211129.*
release-20211129.0
release-20220103.*
release-20220103.0
release-20220117.*
release-20220117.0
release-20220124.*
release-20220124.0
release-20220131.*
release-20220131.0
release-20220208.*
release-20220208.0
release-20220214.*
release-20220214.0
release-20220221.*
release-20220221.0
release-20220222.*
release-20220222.0
release-20220228.*
release-20220228.0
release-20220309.*
release-20220309.0
release-20220314.*
release-20220314.0
release-20220321.*
release-20220321.0
release-20220328.*
release-20220328.0
release-20220405.*
release-20220405.0
release-20220411.*
release-20220411.0
release-20220418.*
release-20220418.0
release-20220425.*
release-20220425.0
release-20220502.*
release-20220502.1
release-20220510.*
release-20220510.0
release-20220516.*
release-20220516.0
release-20220606.*
release-20220606.0
release-20220621.*
release-20220621.0
release-20220627.*
release-20220627.0
release-20220704.*
release-20220704.0
release-20220713.*
release-20220713.0
release-20220718.*
release-20220718.0
release-20220801.*
release-20220801.0
release-20220808.*
release-20220808.0
release-20220815.*
release-20220815.0
release-20220822.*
release-20220822.0
release-20220905.*
release-20220905.0
release-20220913.*
release-20220913.0
release-20220919.*
release-20220919.0
release-20220926.*
release-20220926.0
release-20221003.*
release-20221003.0
release-20221010.*
release-20221010.0
release-20221017.*
release-20221017.0
release-20221026.*
release-20221026.0
release-20221102.*
release-20221102.1
release-20221107.*
release-20221107.0
release-20221122.*
release-20221122.0
release-20221128.*
release-20221128.0
release-20221205.*
release-20221205.0
release-20221212.*
release-20221212.0
release-20221219.*
release-20221219.0
release-20230102.*
release-20230102.0
release-20230109.*
release-20230109.0
release-20230118.*
release-20230118.0
release-20230123.*
release-20230123.0
release-20230130.*
release-20230130.0
release-20230214.*
release-20230214.0
release-20230227.*
release-20230227.0
release-20230306.*
release-20230306.0
release-20230313.*
release-20230313.0
release-20230320.*
release-20230320.0
release-20230327.*
release-20230327.0
release-20230417.*
release-20230417.0
release-20230501.*
release-20230501.0
release-20230508.*
release-20230508.0
release-20230517.*
release-20230517.0
release-20230522.*
release-20230522.0
release-20230529.*
release-20230529.0
release-20230605.*
release-20230605.0
release-20230621.*
release-20230621.0
release-20230627.*
release-20230627.0
release-20230710.*
release-20230710.0
release-20230717.*
release-20230717.0
release-20230724.*
release-20230724.0
release-20230731.*
release-20230731.0
release-20230801.*
release-20230801.0
release-20230807.*
release-20230807.0
release-20230814.*
release-20230814.0
release-20230823.*
release-20230823.0
release-20230904.*
release-20230904.0
release-20230911.*
release-20230911.0
release-20230920.*
release-20230920.0
release-20230925.*
release-20230925.0
release-20231003.*
release-20231003.0
release-20231009.*
release-20231009.0
release-20231016.*
release-20231016.0
release-20231023.*
release-20231023.0
release-20231030.*
release-20231030.0
release-20231106.*
release-20231106.0
release-20231113.*
release-20231113.0
release-20231120.*
release-20231120.0
release-20231204.*
release-20231204.0
release-20231211.*
release-20231211.0
release-20231218.*
release-20231218.0
release-20240109.*
release-20240109.0
release-20240115.*
release-20240115.0
release-20240122.*
release-20240122.0
release-20240129.*
release-20240129.0
release-20240206.*
release-20240206.0
release-20240212.*
release-20240212.0
release-20240305.*
release-20240305.0
release-20240311.*
release-20240311.0

Database specific

vanir_signatures 
[
    {
        "id": "CVE-2025-2713-03e5ed0f",
        "signature_version": "v1",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "987311230596704344963499087642512643",
                "71951412179097876717608766614907006387",
                "160707445793111294189659153068046278640",
                "144516135713139208523067105826992476969",
                "98274917187627560292695531658977843199",
                "280038435893020112415055307429409833632",
                "65570565448779031504661038384452736637",
                "162175069984543986683411973822755644117",
                "224182529936298398885381809273423839089",
                "106461853330453344771300417014098745254",
                "60202344809128481004252555690415696349",
                "60063360857373039625478709454960523353",
                "232824914436416352972637396424806301571",
                "192492773791665838436033261265162205908",
                "17547826281782737523060171366706858914"
            ]
        },
        "deprecated": false,
        "source": "https://github.com/google/gvisor/commit/e1ffb147787ac37d003c60519a7e859a80f89b1f",
        "signature_type": "Line",
        "target": {
            "file": "test/util/test_util.h"
        }
    },
    {
        "id": "CVE-2025-2713-79a8757a",
        "signature_version": "v1",
        "digest": {
            "function_hash": "216268905067353538568695623042931707340",
            "length": 99.0
        },
        "deprecated": false,
        "source": "https://github.com/google/gvisor/commit/e1ffb147787ac37d003c60519a7e859a80f89b1f",
        "signature_type": "Function",
        "target": {
            "file": "test/util/test_util.h",
            "function": "SpecificErrno"
        }
    }
]
source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-2713.json"