Troubleshooting
Problem
The
/etc/passwd file has RW group privileges and is vulnerable to a proven root escalation.CVE Details
CVEID: CVE-2025-12985
Description: IBM Licensing Operator incorrectly assigns privileges to security critical files which could allow a local root escalation inside a container running the IBM Licensing Operator image.
CWE: CWE-732: Incorrect Permission Assignment for Critical Resource
CVSS Source: IBM
CVSS Base Score: 8.4
CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
Severity: High
Acknowledgment
IBM would like to thank Antony Di Scala and Mike Whale for reporting this issue.
Resolving The Problem
The fix is provided in License Service version 4.2.18.
Document Location
Worldwide
[{"Type":"MASTER","Line of Business":{"code":"LOB66","label":"Technology Lifecycle Services"},"Business Unit":{"code":"","label":""},"Product":{"code":"SSX75R7","label":"IBM License Service"},"ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":""}]
Was this topic helpful?
Document Information
Modified date:
03 February 2026
UID
ibm17243285