CVE-2025-27612: libcontainer Privilege Escalation Flaw

CVE-2025-27612 Overview

CVE-2025-27612 affects libcontainer, a Rust library used by the youki container runtime project for container lifecycle control. The flaw resides in the tenant builder logic, which constructs a tenant container that joins an existing container's namespaces. When callers supply a list of Linux capabilities to add to the tenant, the builder writes those values into the inherited capability set without proper restriction. This behavior parallels CVE-2022-29162 in runc and can lead to elevation of capabilities inside the tenant process. The issue is fixed in libcontainer 0.5.3.

Critical Impact

A local actor invoking the tenant builder API can cause excessive Linux capabilities to be granted to a tenant container, weakening the security boundary of the host and co-tenant workloads.

Affected Products

• youki libcontainer crate prior to version 0.5.3
• Downstream projects consuming libcontainer directly and using the tenant builder
• The youki binary itself is not affected

Discovery Timeline

• 2025-03-21 - CVE-2025-27612 published to NVD
• 2026-04-15 - Last updated in NVD database

Technical Details for CVE-2025-27612

Vulnerability Analysis

The vulnerability is classified as Incorrect Default Permissions [CWE-276]. The tenant builder in libcontainer allows API consumers to pass an additional list of capabilities to be assigned to a tenant container that attaches to an existing container's namespaces. The intent is to extend the tenant's effective privileges to perform a specific operation. The implementation, however, writes the supplied capabilities into the tenant's inherited capability set unconditionally. Inherited capabilities propagate across execve calls when a file capability mask permits them, which broadens the privilege scope beyond what the caller intended. Because the tenant container shares namespaces with the main container, the elevated capabilities operate within that shared security context.

Root Cause

The defect is in the tenant builder source at crates/libcontainer/src/container/tenant_builder.rs. The code path adds caller-supplied capabilities to the main container's capability sets when a spec is present, and otherwise assigns the supplied list as the tenant's capability set. In both branches the inherited set is populated, which is the elevation primitive. See the youki tenant_builder.rs reference and the fix commit.

Attack Vector

Exploitation requires local access and the ability to invoke the tenant builder API of a vulnerable libcontainer consumer. An actor able to influence the capability list passed to the builder can cause the resulting tenant process to receive elevated inherited capabilities. The runtime impact depends on which capabilities are granted and how the tenant interacts with files carrying file capabilities. Refer to the youki GHSA-5w4j-f78p-4wh9 advisory for the upstream description.

Detection Methods for CVE-2025-27612

Indicators of Compromise

• Tenant container processes whose /proc/<pid>/statusCapInh mask is broader than expected for the workload.
• Build manifests or service code that depend on libcontainer versions earlier than 0.5.3.
• Unexpected execution of privileged binaries inside containers created through the tenant builder API.

Detection Strategies

• Inventory Rust dependencies across container tooling and identify projects pinned to libcontainer < 0.5.3.
• Audit calls to the tenant builder for use of with_capabilities or equivalent parameters and review the supplied capability lists.
• Compare runtime capability sets of tenant containers against their declared OCI spec to detect drift.

Monitoring Recommendations

• Collect Linux audit records for capset and execve events from containerized workloads and alert on inherited capabilities outside an approved baseline.
• Track exec events that gain capabilities not present in the parent's effective set.
• Monitor for upgrades and downgrades of the libcontainer crate in CI artifact metadata.

How to Mitigate CVE-2025-27612

Immediate Actions Required

• Upgrade libcontainer to version 0.5.3 or later in all dependent projects and rebuild affected binaries.
• Review every code path that invokes the tenant builder and restrict the capability list to the minimum required.
• Re-deploy services that embed libcontainer so running processes use the patched library.

Patch Information

The fix is included in libcontainer 0.5.3 and is delivered through the commit referenced in the youki commit history. The patch corrects how the tenant builder assigns capabilities so that the inherited set is not populated unconditionally. Additional context is published in the youki GHSA-5w4j-f78p-4wh9 advisory and the related runc GHSA-f3fp-gc8g-vw66 advisory.

Workarounds

• Avoid passing additional capabilities to the tenant builder until the patched version is deployed.
• Restrict access to APIs and CLI wrappers that expose the tenant builder to non-privileged local users.
• Apply file capability hygiene by removing unnecessary file capabilities from binaries inside container images to limit the impact of an elevated inherited set.