CVE-2025-31133, CVE-2025-52565, CVE-2025-52881 - runc container issues
Summary
Three security vulnerabilities (CVE-2025-31133, CVE-2025-52565, CVE-2025-52881) were found in runc, a component used by container management systems (tools that package and run isolated software environments). AWS says these issues don't create cross-customer risk because AWS doesn't rely on containers as a security boundary (a protective barrier between different users). AWS customers using containers to isolate their own internal workloads should contact their operating system vendor for updates.
Solution / Mitigation
AWS recommends applying all security patches and software version updates as a best practice. Customers using containers to isolate workloads within their own environments should contact their operating system vendor for any updates or instructions necessary to mitigate these issues.
Classification
Affected Vendors
Related Issues
Original source: https://aws.amazon.com/security/security-bulletins/rss/aws-2025-024/
First tracked: June 5, 2026 at 08:00 PM
Classified by LLM (prompt v3) · confidence: 85%