lsm bypass

The lsm bypass tag covers discussions around vulnerabilities that allow attackers to bypass Linux Security Module (LSM) protections, particularly in container environments. A key example is CVE-2025-52881, a race condition in runc's procfs handling that enables misdirection of writes to bypass LSM labels, potentially breaking container confinement and allowing host-level exploitation. This tag includes technical analysis of such flaws, affected software versions (e.g., runc 1.2.7, 1.3.2, 1.4.0-rc.2), and details on patches and mitigations. It is relevant for security researchers, system administrators, and developers working with container runtimes and Linux security hardening.