GHSA-856v-8qm2-9wjv
Suggest an improvement- Source
- https://github.com/advisories/GHSA-856v-8qm2-9wjv
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2025/08/GHSA-856v-8qm2-9wjv/GHSA-856v-8qm2-9wjv.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-856v-8qm2-9wjv
- Aliases
-
- CVE-2025-7195
- GO-2025-3852
- Published
- 2025-08-07T21:31:08Z
- Modified
- 2026-03-24T15:47:03.928520Z
- Severity
-
- 5.2 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:H/A:L CVSS Calculator
- Summary
- operator-sdk: privilege escalation due to incorrect permissions of /etc/passwd
- Details
-
Early versions of Operator-SDK provided an insecure method to allow operator containers to run in environments that used a random UID. Operator-SDK before 0.15.2 provided a script, usersetup, which modifies the permissions of the /etc/passwd file to 664 during build time. Developers who used Operator-SDK before 0.15.2 to scaffold their operator may still be impacted by this if the insecure usersetup script is still being used to build new container images. In affected images, the /etc/passwd file was created during build time with group-writable permissions and a group ownership of root (gid=0). An attacker who can execute commands within an affected container, even as a non-root user, may be able to leverage their membership in the root group to modify the /etc/passwd file. This could allow the attacker to add a new user with any arbitrary UID, including UID 0, leading to full root privileges within the container.
- Database specific
{ "cwe_ids": [ "CWE-276" ], "github_reviewed": true, "nvd_published_at": "2025-08-07T19:15:29Z", "severity": "MODERATE", "github_reviewed_at": "2025-08-07T21:59:46Z" }- References
-
- https://nvd.nist.gov/vuln/detail/CVE-2025-7195
- https://github.com/operator-framework/operator-sdk
- https://bugzilla.redhat.com/show_bug.cgi?id=2376300
- https://access.redhat.com/security/cve/CVE-2025-7195
- https://access.redhat.com/errata/RHSA-2026:5633
- https://access.redhat.com/errata/RHSA-2026:2572
- https://access.redhat.com/errata/RHSA-2026:0737
- https://access.redhat.com/errata/RHSA-2026:0722
- https://access.redhat.com/errata/RHSA-2026:0718
- https://access.redhat.com/errata/RHSA-2026:0627
- https://access.redhat.com/errata/RHSA-2025:23542
- https://access.redhat.com/errata/RHSA-2025:23529
- https://access.redhat.com/errata/RHSA-2025:23528
- https://access.redhat.com/errata/RHSA-2025:22684
- https://access.redhat.com/errata/RHSA-2025:22683
- https://access.redhat.com/errata/RHSA-2025:22420
- https://access.redhat.com/errata/RHSA-2025:22418
- https://access.redhat.com/errata/RHSA-2025:22416
- https://access.redhat.com/errata/RHSA-2025:22415
- https://access.redhat.com/errata/RHSA-2025:21885
- https://access.redhat.com/errata/RHSA-2025:21368
- https://access.redhat.com/errata/RHSA-2025:19961
- https://access.redhat.com/errata/RHSA-2025:19958
- https://access.redhat.com/errata/RHSA-2025:19335
- https://access.redhat.com/errata/RHSA-2025:19332
- https://access.redhat.com/errata/RHEA-2026:0129
- https://access.redhat.com/errata/RHEA-2025:23478
- https://access.redhat.com/errata/RHEA-2025:23406
- https://access.redhat.com/errata/RHBA-2024:11569
Affected packages
Go / github.com/operator-framework/operator-sdk
Package
- Name
- github.com/operator-framework/operator-sdk
- View open source insights on deps.dev
- Purl
- pkg:golang/github.com/operator-framework/operator-sdk