{"id":"GO-2025-3543","summary":"WITHDRAWN: Libcontainer is affected by capabilities elevation in github.com/opencontainers/runc","details":"(This report has been withdrawn with reason: \"Does not affect Go code.\"). https://nvd.nist.gov/vuln/detail/CVE-2025-27612 lists https://github.com/opencontainers/runc/security/advisories/GHSA-f3fp-gc8g-vw66 which caused automation to flag as Go; the affected repo is https://github.com/youki-dev/youki (Rust).","aliases":["CVE-2025-27612"],"modified":"2025-03-26T20:15:20Z","published":"2025-03-25T19:38:11Z","withdrawn":"2025-03-26T18:45:50Z","database_specific":{"url":"https://pkg.go.dev/vuln/GO-2025-3543","review_status":"REVIEWED"},"references":[{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-27612"},{"type":"FIX","url":"https://github.com/youki-dev/youki/commit/747e342d2026fbf3a395db3e2a491ebef00082f1"},{"type":"WEB","url":"https://github.com/opencontainers/runc/security/advisories/GHSA-f3fp-gc8g-vw66"},{"type":"WEB","url":"https://github.com/youki-dev/youki/blob/9e63fa4da1672a78ca45100f3059a732784a5174/crates/libcontainer/src/container/tenant_builder.rs#L408"},{"type":"WEB","url":"https://github.com/youki-dev/youki/security/advisories/GHSA-5w4j-f78p-4wh9"}],"affected":[{"package":{"name":"github.com/opencontainers/runc","ecosystem":"Go","purl":"pkg:golang/github.com/opencontainers/runc"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"}]}],"ecosystem_specific":{"custom_ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.5.3"}]}]},"database_specific":{"source":"https://vuln.go.dev/ID/GO-2025-3543.json"}}],"schema_version":"1.7.3"}