Zero Day MonitorZDM

← Back to list

6.4

CVE-2025-57854

red hat · red hat openshift update service

Osus-operator: privilege escalation via excessive /etc/passwd permissions

Description

A container privilege escalation flaw was found in certain OpenShift Update Service (OSUS) images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an affected container, even as a non-root user, may be able to leverage their membership in the root group to modify the /etc/passwd file. This could allow the attacker to add a new user with any arbitrary UID, including UID 0, leading to full root privileges within the container.

Affected Products

Vendor	Product	Versions
red hat	red hat openshift update service	—

References

https://access.redhat.com/security/cve/CVE-2025-57854(vdb-entry, x_refsource_REDHAT)
https://bugzilla.redhat.com/show_bug.cgi?id=2391107(issue-tracking, x_refsource_REDHAT)

Related News (1 articles)

Tier C

VulDB2h ago

CVE-2025-57854 | Red Hat OpenShift Update Service default permission

→ No new info (linked only)

CVSS 3.16.4 NONE

CISA KEV❌ No

Actively exploited❌ No

CWECWE-276

PublishedApr 8, 2026

Last enriched2h agov2

Trending Score25

Source articles1

Independent1

Info Completeness7/14

Missing: versions, epss, kev, exploit, patch, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

HIGHCVE-2026-4634EXP

Keycloak: keycloak: denial of service via excessive processing of openid connect scope parameters

HIGHCVE-2026-4636EXP

Keycloak: keycloak: uma policy bypass allows authenticated users to gain unauthorized access to victim-owned resources.

NONECVE-2026-5745EXP

Libarchive: a null pointer dereference vulnerability exists in the acl parser of libarchive

NONECVE-2026-3872EXP

Keycloak: keycloak: information disclosure due to redirect_uri validation bypass

NONECVE-2026-4282EXP

Keycloak: keycloak: privilege escalation via forged authorization codes due to singleuseobjectprovider isolation flaw

Pin to Dashboard

Verification

State: unverified

Confidence: 0%

Vulnerability Timeline

CVE Published

Apr 8, 2026

Discovered by ZDM

Apr 8, 2026

Updated: severity

Apr 8, 2026

Version History

v2

Last enriched 2h ago

v2Tier C2h ago

Updated severity to CRITICAL and corrected exploit availability to false.

severity

via VulDB

v12h ago

Initial creation