PT-2025-33308 · Youki · Youki
Saku3
·
Published
2025-08-14
·
Updated
2025-08-15
·
CVE-2025-54867
CVSS v3.1
7.0
High
| Vector | AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions:
Youki versions prior to 0.5.5
Description:
If
/proc and /sys in the rootfs are symbolic links, they can potentially be exploited to gain access to the host root filesystem. Container creation should be prohibited if /proc or /sys in the rootfs is a symbolic link.Recommendations:
Update to Youki version 0.5.5 or later.
Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Youki