{ "affected": [ { "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "bd54457ba9de1629f21fe678687f433aec63e7c7" } ], "repo": "https://github.com/youki-dev/youki", "type": "GIT" } ] } ], "aliases": [ "GHSA-vf95-55w6-qmrf" ], "database_specific": { "cna_assigner": "GitHub_M", "cwe_ids": [ "CWE-363", "CWE-61" ], "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/62xxx/CVE-2025-62596.json" }, "details": "Youki is a container runtime written in Rust. In versions 0.5.6 and below, youki’s apparmor handling performs insufficiently strict write-target validation, and when combined with path substitution during pathname resolution, can allow writes to unintended procfs locations. While resolving a path component-by-component, a shared-mount race can substitute intermediate components and redirect the final target. This issue is fixed in version 0.5.7.", "id": "CVE-2025-62596", "modified": "2026-04-01T23:09:47.148160656Z", "published": "2025-11-05T23:14:37.167Z", "references": [ { "type": "WEB", "url": "https://pkg.go.dev/github.com/cyphar/filepath-securejoin/pathrs-lite/procfs" }, { "type": "WEB", "url": "https://youtu.be/tGseJW_uBB8" }, { "type": "WEB", "url": "https://youtu.be/y1PaBzxwRWQ" }, { "type": "ADVISORY", "url": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/62xxx/CVE-2025-62596.json" }, { "type": "ADVISORY", "url": "https://github.com/youki-dev/youki/security/advisories/GHSA-vf95-55w6-qmrf" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62596" }, { "type": "FIX", "url": "https://github.com/youki-dev/youki/commit/5886c91073b9be748bd8d5aed49c4a820548030a" } ], "schema_version": "1.7.3", "severity": [ { "score": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H", "type": "CVSS_V4" } ], "summary": "youki container escape and denial of service due to arbitrary write gadgets and procfs write redirects" }