CVE-2025-0750

CVSS 3.1 Score 6.6 of 10 (medium)

Details

Published Jan 28, 2025

Updated: Feb 11, 2025

CWE ID 22

Summary

CVE-2025-0750 is a newly discovered vulnerability affecting CRI-O, an open-source container runtime for Kubernetes. The issue lies within the log management functions, UnMountPodLogs and LinkContainerLogs. An attacker with the ability to create and delete Pods can exploit this path traversal weakness, potentially unmounting arbitrary host paths. This denial-of-service vulnerability targets critical system directories, leading to node-level disruptions. By unmounting essential files, an attacker can hinder the normal functioning of the Kubernetes node.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/21woBa
https://www.cve.org/CVERecord?id=CVE-2025-0750
https://nvd.nist.gov/vuln/detail/CVE-2025-0750

Back to Vulnerability Database

CVE-2025-0750

CVSS 3.1 Score 6.6 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations