CVE-2025-57847 | THREATINT

Description

A container privilege escalation flaw was found in certain Ansible Automation Platform images. This issue arises from the /etc/passwd file being created with group-writable permissions during the build process. In certain conditions, an attacker who can execute commands within an affected container, even as a non-root user, can leverage their membership in the root group to modify the /etc/passwd file. This vulnerability allows an attacker to add a new user with any arbitrary UID, including UID 0, gaining full root privileges within the container.

PUBLISHED Reserved 2025-08-21 | Published 2026-04-08 | Updated 2026-04-08 | Assigner redhat

MEDIUM: 6.4CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

Problem types

Incorrect Default Permissions

Product status

Default status

affected

Default status

affected

Default status

affected

Default status

affected

Default status

affected

Default status

affected

Default status

affected

Default status

affected

Default status

affected

Default status

affected

Default status

affected

Default status

affected

Default status

unaffected

Default status

affected

Default status

affected

Default status

affected

Timeline

2025-08-26:	Reported to Red Hat.
2026-04-08:	Made public.

Credits

Red Hat would like to thank Antony Di Scala and Mike Whale for reporting this issue.

References

access.redhat.com/security/cve/CVE-2025-57847 vdb-entry

bugzilla.redhat.com/show_bug.cgi?id=2391092 (RHBZ#2391092) issue-tracking

cve.org (CVE-2025-57847)

nvd.nist.gov (CVE-2025-57847)

Download JSON