Vulnerability Description
A vulnerability was found in BlueChi, a multi-node systemd service controller used in RHIVOS. This flaw allows a user with root privileges on a managed node (qm) to create or override systemd service unit files that affect the host node. This issue can lead to privilege escalation, unauthorized service execution, and potential system compromise.
CVSS Score
HIGH
Related Weaknesses (CWE)
References
- https://access.redhat.com/security/cve/CVE-2025-2515
- https://bugzilla.redhat.com/show_bug.cgi?id=2353313
- https://github.com/eclipse-bluechi/bluechi/commit/fe0d28301ce2bd45f0b1d8a98a94ef
- https://github.com/eclipse-bluechi/bluechi/issues/1069
- https://github.com/eclipse-bluechi/bluechi/pull/1073
FAQ
What is CVE-2025-2515?
CVE-2025-2515 is a vulnerability with a CVSS score of 7.2 (HIGH). A vulnerability was found in BlueChi, a multi-node systemd service controller used in RHIVOS. This flaw allows a user with root privileges on a managed node (qm) to create or override systemd service ...
How severe is CVE-2025-2515?
CVE-2025-2515 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-2515?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.