Description
There's a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap volume mount and such volume contains a symbolic link to a host file path. In a successful attack, the attacker can only control the target file to be overwritten but not the content to be written into the file. Binary-Affected: podman Upstream-version-introduced: v4.0.0 Upstream-version-fixed: v5.6.1
References (30)
Scores
CVSS v3
8.1
EPSS
0.0005
EPSS Percentile
16.7%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-22
Status
published
Products (50)
containers/podman
0Go
containers/podman
0 - 5.6.1Go
Red Hat/Red Hat Enterprise Linux 10
6:5.4.0-13.el10_0
Red Hat/Red Hat Enterprise Linux 10
7:5.6.0-5.el10_1
Red Hat/Red Hat Enterprise Linux 8
8100020250911075811.afee755d
Red Hat/Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support
8060020250919150821.3b538bd8
Red Hat/Red Hat Enterprise Linux 8.6 Telecommunications Update Service
8060020250919150821.3b538bd8
Red Hat/Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions
8060020250919150821.3b538bd8
Red Hat/Red Hat Enterprise Linux 8.8 Telecommunications Update Service
8080020250919060528.0f77c1b7
Red Hat/Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions
8080020250919060528.0f77c1b7
... and 40 more
Published
Sep 05, 2025
Tracked Since
Feb 18, 2026