CVE-2025-62161: youki container escape via "masked path" abuse due to mount race conditions
(updated )
Impact
youki utilizes bind mounting the container’s /dev/null as a file mask. When performing this operation, the initial validation of the source /dev/null was insufficient. Specifically, we initially failed to verify whether /dev/null was genuinely present. However, we did perform validation to ensure that the /dev/null path existed within the container, including checking for symbolic links. Additionally, there was a vulnerability in the timing between validation and the actual mount operation.
As a result, by replacing /dev/null with a symbolic link, we can bind-mount arbitrary files from the host system.
This is a different project, but the core logic is similar to the CVE in runc. Issues were identified in runc, and verification was also conducted in youki to confirm the problems. https://github.com/opencontainers/runc/security/advisories/GHSA-9493-h29p-rfm2
Credits
Thanks to Lei Wang (@ssst0n3 from Huawei) for finding and reporting the original runc’s vulnerability (Attack 1), and Li Fubang (@lifubang from acmcoder.com, CIIC) for discovering another attack vector in runc (Attack 2) based on @ssst0n3’s initial findings.
Also, @cyphar helped youki in finding the problem.
References
- github.com/advisories/GHSA-4g74-7cff-xcv8
- github.com/opencontainers/runc/security/advisories/GHSA-9493-h29p-rfm2
- github.com/youki-dev/youki
- github.com/youki-dev/youki/commit/5886c91073b9be748bd8d5aed49c4a820548030a
- github.com/youki-dev/youki/security/advisories/GHSA-4g74-7cff-xcv8
- nvd.nist.gov/vuln/detail/CVE-2025-62161
Code Behaviors & Features
Detect and mitigate CVE-2025-62161 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →