Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

rocky логотип

RLSA-2025:15904

Опубликовано: 29 нояб. 2025
Источник: rocky
Оценка: Important

Описание

Important: container-tools:rhel8 security update

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc.

Security Fix(es):

  • podman: Podman kube play command may overwrite host files (CVE-2025-9566)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Затронутые продукты

  • Rocky Linux 8

НаименованиеАрхитектураРелизRPM
aardvark-dnsx86_642.module+el8.10.0+2001+6a33db9faardvark-dns-1.10.1-2.module+el8.10.0+2001+6a33db9f.x86_64.rpm
buildahx86_642.module+el8.10.0+2001+6a33db9fbuildah-1.33.12-2.module+el8.10.0+2001+6a33db9f.x86_64.rpm
buildah-testsx86_642.module+el8.10.0+2001+6a33db9fbuildah-tests-1.33.12-2.module+el8.10.0+2001+6a33db9f.x86_64.rpm
cockpit-podmannoarch1.module+el8.10.0+2001+6a33db9fcockpit-podman-84.1-1.module+el8.10.0+2001+6a33db9f.noarch.rpm
cockpit-podmannoarch1.module+el8.10.0+2001+6a33db9fcockpit-podman-84.1-1.module+el8.10.0+2001+6a33db9f.noarch.rpm
conmonx86_641.module+el8.10.0+2001+6a33db9fconmon-2.1.10-1.module+el8.10.0+2001+6a33db9f.x86_64.rpm
containernetworking-pluginsx86_646.module+el8.10.0+2001+6a33db9fcontainernetworking-plugins-1.4.0-6.module+el8.10.0+2001+6a33db9f.x86_64.rpm
containers-commonx86_6482.module+el8.10.0+2001+6a33db9fcontainers-common-1-82.module+el8.10.0+2001+6a33db9f.x86_64.rpm
container-selinuxnoarch2.module+el8.10.0+2001+6a33db9fcontainer-selinux-2.229.0-2.module+el8.10.0+2001+6a33db9f.noarch.rpm
container-selinuxnoarch2.module+el8.10.0+2001+6a33db9fcontainer-selinux-2.229.0-2.module+el8.10.0+2001+6a33db9f.noarch.rpm

Показывать по

Связанные CVE

CVE-2025-4953
CVE-2025-9566

Ссылки на источники

Исправления

Связанные уязвимости

ubuntu логотип

CVE-2025-4953

CVSS3: 7.4
ubuntu
3 месяца назад

A flaw was found in Podman. In a Containerfile or Podman, data written to RUN --mount=type=bind mounts during the podman build is not discarded. This issue can lead to files created within the container appearing in the temporary build context directory on the host, leaving the created files accessible.

redhat логотип

CVE-2025-4953

CVSS3: 7.4
redhat
3 месяца назад

A flaw was found in Podman. In a Containerfile or Podman, data written to RUN --mount=type=bind mounts during the podman build is not discarded. This issue can lead to files created within the container appearing in the temporary build context directory on the host, leaving the created files accessible.

nvd логотип

CVE-2025-4953

CVSS3: 7.4
nvd
3 месяца назад

A flaw was found in Podman. In a Containerfile or Podman, data written to RUN --mount=type=bind mounts during the podman build is not discarded. This issue can lead to files created within the container appearing in the temporary build context directory on the host, leaving the created files accessible.

msrc логотип

CVE-2025-4953

msrc
17 дней назад

Podman: build context bind mount

debian логотип

CVE-2025-4953

CVSS3: 7.4
debian
3 месяца назад

A flaw was found in Podman. In a Containerfile or Podman, data written ...