← back
CVE-2025-9566

Podman: podman kube play command may overwrite host files

CVSS 8.1 HIGHEPSS 1.0%CWE-22
Vexday Risk Score
21Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 8.1EPSS 1.0%KEV nãoPoC Nuclei Metasploit Patch referenciado
Lifecycle
05 Sep 2025Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
There's a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap volume mount and such volume contains a symbolic link to a host file path. In a successful attack, the attacker can only control the target file to be overwritten but not the content to be written into the file. Binary-Affected: podman Upstream-version-introduced: v4.0.0 Upstream-version-fixed: v5.6.1
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Affected products
podmanRed Hat · Red Hat Enterprise Linux 10Red Hat · Red Hat Enterprise Linux 8Red Hat · Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update SupportRed Hat · Red Hat Enterprise Linux 8.6 Telecommunications Update ServiceRed Hat · Red Hat Enterprise Linux 8.6 Update Services for SAP SolutionsRed Hat · Red Hat Enterprise Linux 8.8 Telecommunications Update ServiceRed Hat · Red Hat Enterprise Linux 8.8 Update Services for SAP SolutionsRed Hat · Red Hat Enterprise Linux 9Red Hat · Red Hat Enterprise Linux 9.0 Update Services for SAP SolutionsRed Hat · Red Hat Enterprise Linux 9.2 Update Services for SAP SolutionsRed Hat · Red Hat Enterprise Linux 9.4 Extended Update SupportRed Hat · Red Hat Hardened ImagesRed Hat · Red Hat OpenShift Container Platform 4Red Hat · Red Hat OpenShift Container Platform 4.12Red Hat · Red Hat OpenShift Container Platform 4.13Red Hat · Red Hat OpenShift Container Platform 4.14Red Hat · Red Hat OpenShift Container Platform 4.15Red Hat · Red Hat OpenShift Container Platform 4.16Red Hat · Red Hat OpenShift Container Platform 4.17Red Hat · Red Hat OpenShift Container Platform 4.18Red Hat · Red Hat OpenShift Container Platform 4.19Red Hat · Red Hat OpenShift Container Platform 4.20Red Hat · Red Hat OpenShift Dev Spaces (RHOSDS) 3.24

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://access.redhat.com/errata/RHBA-2025:15692https://access.redhat.com/errata/RHBA-2025:15712https://access.redhat.com/errata/RHBA-2025:16158https://access.redhat.com/errata/RHBA-2025:16163https://access.redhat.com/errata/RHEA-2025:4782https://access.redhat.com/errata/RHSA-2025:15900https://access.redhat.com/errata/RHSA-2025:15901https://access.redhat.com/errata/RHSA-2025:15904https://access.redhat.com/errata/RHSA-2025:16480https://access.redhat.com/errata/RHSA-2025:16481https://access.redhat.com/errata/RHSA-2025:16482https://access.redhat.com/errata/RHSA-2025:16488