CVE-2025-2515 | THREATINT

Description

A vulnerability was found in BlueChi, a multi-node systemd service controller used in RHIVOS. This flaw allows a user with root privileges on a managed node (qm) to create or override systemd service unit files that affect the host node. This issue can lead to privilege escalation, unauthorized service execution, and potential system compromise.

PUBLISHED Reserved 2025-03-19 | Published 2025-12-24 | Updated 2025-12-24 | Assigner redhat

HIGH: 7.2CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Problem types

Incorrect Authorization

Product status

Default status

unaffected

Any version before 1.0.0

affected

Timeline

2025-03-19:	Reported to Red Hat.
2025-10-23:	Made public.

Credits

Red Hat would like to thank Thibault Guittet (RedHat) and Todd Cullum (RedHat) for reporting this issue.

References

access.redhat.com/security/cve/CVE-2025-2515 vdb-entry

bugzilla.redhat.com/show_bug.cgi?id=2353313 (RHBZ#2353313) issue-tracking

github.com/...ommit/fe0d28301ce2bd45f0b1d8a98a94efef799fbc73

github.com/eclipse-bluechi/bluechi/issues/1069

github.com/eclipse-bluechi/bluechi/pull/1073

cve.org (CVE-2025-2515)

nvd.nist.gov (CVE-2025-2515)

Download JSON

Data based on CVE®. Copyright © 1999-2025, The MITRE Corporation. All rights reserved.

help @ threatint.eu