Critical runC Flaws Expose Docker and Kubernetes to Container Escape, Fixes Available
Published
Key Takeaways
- Vulnerability disclosure: Three new high-severity flaws have been found in runC, the universal container runtime used by Docker and Kubernetes.
- Potential impact: They could allow an attacker to bypass container isolation and gain root-level access to the underlying host system.
- Patches released: Fixes for the vulnerabilities are available in runC versions 1.2.8, 1.3.3, 1.4.0-rc.3, and later.
Three critical vulnerabilities in runC, the low-level Open Container Initiative (OCI) runtime, have been disclosed, creating significant container security risks for environments using Docker and Kubernetes. The flaws could be exploited to achieve a Docker container escape, granting an attacker write access and root privileges on the host operating system.
Understanding the Attack Vector and Impact
AWS acknowledged these flaws are “affecting the runC component of several open source container management systems” when launching new containers:
- CVE-2025-31133
- CVE-2025-52565
- CVE-2025-52881
The vulnerabilities exploit race conditions and symbolic link (symlink) manipulations during the container initialization process, tricking runC into mounting attacker-controlled targets or performing arbitrary writes to sensitive host files.
An attacker with the ability to start a container using custom mount configurations—achievable through a malicious container image or Dockerfile—could exploit these runC vulnerabilities. Yet, there are no reports of active exploitation.
Mitigation and Recommended Actions
The maintainers of runC have released patches to address all three vulnerabilities. System administrators are strongly urged to update to runC versions 1.2.8, 1.3.3, 1.4.0-rc.3, or newer to remediate the flaws.
On November 12, 2025, an updated Amazon ECS and EKS Optimized AMI will be available as the default Compute Environment AMI.
Among security measures are:
- activating user namespaces for all containers without mapping the host's root user as a precaution that limits an attacker's permissions even if an escape occurs.
- running containers in rootless mode whenever possible to minimize the potential damage from a successful exploit,
- monitoring for suspicious symlink activity.
“AWS does not consider containers a security boundary, and does not utilize containers to isolate customers from each other,” the AWS advisory said. “There is no cross-customer risk from these issues.”
AWS encourages customers who use containers to isolate workloads within self-managed environments to consult their operating system vendor for any updates or instructions.
Ratan Tipirneni, President and CEO at Tigera, describes how Kubernetes adoption as the orchestrator of generative AI applications brings both opportunity and risk in an interview with TechNadu.
Related
Get expert insights on threats, breaches, scams, and security trends — delivered every Saturday.
Most Popular
Get expert insights on threats, breaches, scams, and security trends — delivered every Saturday.
Most Popular