CVE-2025-57850

Name of the Vulnerable Software and Affected Versions CodeReady Workspaces (affected versions not specified)

Description A container privilege escalation flaw exists in certain CodeReady Workspaces images. The issue arises from the /etc/passwd file being created with group-writable permissions during the build process. An attacker with command execution within an affected container, even as a non-root user, can exploit their root group membership to modify the /etc/passwd file. This allows the attacker to add a new user with an arbitrary UID, potentially including UID 0, resulting in full root privileges within the container.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.