CVE-2025-0750

CVSS v3.1

6.6

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H

Name of the Vulnerable Software and Affected Versions CRI-O (affected versions not specified)

Description A path traversal issue in the log management functions, specifically UnMountPodLogs and LinkContainerLogs, may allow an attacker with permissions to create and delete Pods to unmount arbitrary host paths. This could lead to node-level denial of service by unmounting critical system directories.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

Path traversal

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-22

Related Identifiers

CVE-2025-0750

GHSA-HP5J-2585-QX6G

GO-2025-3426

OPENSUSE-SU-2025:14728-1

OPENSUSE-SU-2025_0429-1

RHSA-2025:1122

SUSE-SU-2025:0429-1

Affected Products

Cri-O

Suse

CVE-2025-0750

Weakness Enumeration

Related Identifiers

Affected Products

References · 43