Описание
Security update for podman
This update for podman fixes the following issues:
- CVE-2025-9566: fixed an issue where kube play command could cause host files to get overwritten (bsc#1249154)
Список пакетов
SUSE Enterprise Storage 7.1
podman-4.9.5-150300.9.55.1
podman-remote-4.9.5-150300.9.55.1
SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS
podman-4.9.5-150300.9.55.1
podman-remote-4.9.5-150300.9.55.1
SUSE Linux Enterprise Micro 5.1
podman-4.9.5-150300.9.55.1
podman-remote-4.9.5-150300.9.55.1
SUSE Linux Enterprise Micro 5.2
podman-4.9.5-150300.9.55.1
podman-remote-4.9.5-150300.9.55.1
SUSE Linux Enterprise Server 15 SP3-LTSS
podman-4.9.5-150300.9.55.1
podman-remote-4.9.5-150300.9.55.1
SUSE Linux Enterprise Server for SAP Applications 15 SP3
podman-4.9.5-150300.9.55.1
podman-remote-4.9.5-150300.9.55.1
Ссылки
- Link for SUSE-SU-2025:03534-1
- E-Mail link for SUSE-SU-2025:03534-1
- SUSE Security Ratings
- SUSE Bug 1249154
- SUSE CVE CVE-2025-9566 page
Описание
There's a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap volume mount and such volume contains a symbolic link to a host file path. In a successful attack, the attacker can only control the target file to be overwritten but not the content to be written into the file. Binary-Affected: podman Upstream-version-introduced: v4.0.0 Upstream-version-fixed: v5.6.1
Затронутые продукты
SUSE Enterprise Storage 7.1:podman-4.9.5-150300.9.55.1
SUSE Enterprise Storage 7.1:podman-remote-4.9.5-150300.9.55.1
SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-4.9.5-150300.9.55.1
SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-remote-4.9.5-150300.9.55.1
Ссылки
- CVE-2025-9566
- SUSE Bug 1249154