CVE-2025-62596

Name of the Vulnerable Software and Affected Versions Youki versions 0.5.6 and below

Description Youki, a container runtime written in Rust, has an issue with its apparmor handling. Insufficiently strict write-target validation, combined with path substitution during pathname resolution, can allow writes to unintended procfs locations. A shared-mount race can substitute intermediate path components, redirecting the final target during path resolution.

Recommendations Update to Youki version 0.5.7 or later.