PatchSiren cyber security CVE debrief
CVE-2025-8766 Red Hat CVE debrief
A container privilege escalation flaw was found in certain Multi-Cloud Object Gateway Core images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an affected container, even as a non-root user, can leverage their membership in the root group to modify the /etc/passwd file. This could allow the attacker to add a new user with any arbitrary UID, including UID 0, leading to full root privileges within the container.
- Vendor
- Red Hat
- Product
- Red Hat Openshift Data Foundation 4
- CVSS
- MEDIUM 6.4
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-03-13
- Original CVE updated
- 2026-06-05
- Advisory published
- 2026-03-13
- Advisory updated
- 2026-06-05
Who should care
Users of Redhat Openshift Data Foundation 4.0
Technical summary
The /etc/passwd file is created with group-writable permissions during build time. An attacker who can execute commands within an affected container can leverage their membership in the root group to modify the /etc/passwd file.
Defensive priority
MEDIUM
Recommended defensive actions
- Apply patches and updates provided by Redhat to address the vulnerability.
- Restrict access to affected containers to only trusted users.
- Monitor container logs for suspicious activity.
Evidence notes
The CVE-2025-8766 record was published on 2026-03-13T19:53:56.157Z and last modified on 2026-06-05T19:54:17.780Z.
Official resources
-
CVE-2025-8766 CVE record
CVE.org
-
CVE-2025-8766 NVD detail
NVD
-
Source item URL
nvd_modified
-
Mitigation or vendor reference
[email protected] - Third Party Advisory
-
Mitigation or vendor reference
[email protected] - Third Party Advisory
CVE-2025-8766 was published on 2026-03-13T19:53:56.157Z.