vulnerability

Red Hat OpenShift: CVE-2025-0750: cri-o: CRI-O Path Traversal in Log Handling Functions Allows Arbitrary Unmounting

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
6	(AV:L/AC:L/Au:S/C:P/I:P/A:C)	Jan 28, 2025	Feb 13, 2025	Aug 11, 2025

Severity

CVSS

(AV:L/AC:L/Au:S/C:P/I:P/A:C)

Published

Jan 28, 2025

Added

Feb 13, 2025

Modified

Aug 11, 2025

Description

A vulnerability was found in CRI-O. A path traversal issue in the log management functions (UnMountPodLogs and LinkContainerLogs) may allow an attacker with permissions to create and delete Pods to unmount arbitrary host paths, leading to node-level denial of service by unmounting critical system directories.

Solution

linuxrpm-upgrade-cri-o

References

CVE-2025-0750
https://attackerkb.com/topics/CVE-2025-0750
CWE-22
REDHAT-RHSA-2025:1122

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today