CVE-2025-6032

HIGH

Podman - Improper Certificate Validation in podman machine init

Title source: llm

Description

A flaw was found in Podman. The podman machine init command fails to verify the TLS certificate when downloading the VM images from an OCI registry. This issue results in a Man In The Middle attack.

References (17)

Core 17

Core References

Vendor Advisory vendor-advisory x_refsource_redhat

https://access.redhat.com/errata/RHSA-2025:10295

Vendor Advisory vendor-advisory x_refsource_redhat

https://access.redhat.com/errata/RHSA-2025:10549

Vendor Advisory vendor-advisory x_refsource_redhat

https://access.redhat.com/errata/RHSA-2025:10550

Vendor Advisory vendor-advisory x_refsource_redhat

https://access.redhat.com/errata/RHSA-2025:10551

Vendor Advisory vendor-advisory x_refsource_redhat

https://access.redhat.com/errata/RHSA-2025:10668

Vendor Advisory vendor-advisory x_refsource_redhat

https://access.redhat.com/errata/RHSA-2025:11359

Vendor Advisory vendor-advisory x_refsource_redhat

https://access.redhat.com/errata/RHSA-2025:11363

Vendor Advisory vendor-advisory x_refsource_redhat

https://access.redhat.com/errata/RHSA-2025:11677

Vendor Advisory vendor-advisory x_refsource_redhat

https://access.redhat.com/errata/RHSA-2025:11681

Vendor Advisory vendor-advisory x_refsource_redhat

https://access.redhat.com/errata/RHSA-2025:15397

Vendor Advisory vendor-advisory x_refsource_redhat

https://access.redhat.com/errata/RHSA-2025:9726

Vendor Advisory vendor-advisory x_refsource_redhat

https://access.redhat.com/errata/RHSA-2025:9751

Vendor Advisory vendor-advisory x_refsource_redhat

https://access.redhat.com/errata/RHSA-2025:9766

Vendor Advisory vdb-entry x_refsource_redhat

https://access.redhat.com/security/cve/CVE-2025-6032

Patch

https://github.com/containers/podman/commit/726b506acc8a00d99f1a3a1357ecf619a1f798c3

View Patch ZIP pw:eip

Vendor Advisory

https://github.com/containers/podman/security/advisories/GHSA-65gg-3w2w-hr4h

Issue Tracking issue-tracking x_refsource_redhat

https://bugzilla.redhat.com/show_bug.cgi?id=2372501

Scores

CVSS v3 8.3

EPSS 0.0040

EPSS Percentile 31.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-295

Status published

Products (16)

containers/podman 0 - 5.5.2Go

containers/podman 4.8.0Go

Red Hat/Red Hat Enterprise Linux 10 6:5.4.0-12.el10_0

Red Hat/Red Hat Enterprise Linux 8 8100020250625105344.afee755d

Red Hat/Red Hat Enterprise Linux 9 5:5.4.0-12.el9_6

Red Hat/Red Hat Enterprise Linux 9.4 Extended Update Support 4:4.9.4-18.el9_4.2

Red Hat/Red Hat OpenShift Container Platform 4

Red Hat/Red Hat OpenShift Container Platform 4.16 416.94.202507222002-0

Red Hat/Red Hat OpenShift Container Platform 4.16 4:4.9.4-16.rhaos4.16.el9

Red Hat/Red Hat OpenShift Container Platform 4.17 417.94.202507132309-0

... and 6 more

Published Jun 24, 2025

Tracked Since Feb 18, 2026