AI description
CVE-2025-9566 involves a vulnerability in podman where the `kube play` command can be exploited to overwrite host files. This occurs when the kube file contains a ConfigMap or Secret volume mount, and the volume already has a symbolic link to a host file. An attacker can create a malicious symlink on the volume during the first start. Subsequent starts will follow this symlink, allowing the container to write to arbitrary files on the host. While the attacker controls the target path, they do not control the content written to the file, as the contents are defined in the YAML file by the end user.
- Description
- There's a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap volume mount and such volume contains a symbolic link to a host file path. In a successful attack, the attacker can only control the target file to be overwritten but not the content to be written into the file. Binary-Affected: podman Upstream-version-introduced: v4.0.0 Upstream-version-fixed: v5.6.1
- Source
- secalert@redhat.com
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Primary
- Base score
- 8.1
- Impact score
- 5.2
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
- Severity
- HIGH
- secalert@redhat.com
- CWE-22
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
- Hype score
3
CyberDudeBivash Global Vulnerability Report CVE-2025-9566 – Podman kube play Symlink Traversal Vulnerability https://t.co/TyT78l7zUf https://t.co/zqJfURrnM8
@Iambivash007
8 Sept 2025
17 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
A high-severity flaw (CVE-2025-9566) in Podman allows malicious containers to overwrite host files via a symlink traversal attack. A patch is available in Podman v5.6.1. #Podman #ContainerSecurity #Vulnerability #Kubernetes #Cybersecurity https://t.co/bb4DsvfU46
@the_yellow_fall
8 Sept 2025
38 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Podmanプロジェクトはセキュリティ勧告を発表した(CVE-2025-9566)。これはpodman kube playコマンドに存在し、ConfigMapやSecretをマウントする際にシンボリックリンクを悪用されると、ホスト上の任意ファイルが上書
@yousukezan
8 Sept 2025
615 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🗣️ Podman Patches Symlink Traversal Vulnerability in kube play Command (CVE-2025-9566) https://t.co/HKEsGyIfwC
@fridaysecurity
8 Sept 2025
155 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes
🟧 CVE-2025-9566, CVSS: 8.1 (High) Podman version 4.0.0 to 5.6.1. The vulnerability allows attackers to overwrite host files using the kube play command with symbolic links. Attackers can control the target file to be overwritten but not the content to be written into the ht
@UjlakiMarci
6 Sept 2025
1815 Impressions
7 Retweets
34 Likes
3 Bookmarks
2 Replies
0 Quotes
CVE-2025-9566 There's a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap volume m… https://t.co/pVxtJv5Rba
@CVEnew
6 Sept 2025
171 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE Alert: CVE-2025-9566 - Red Hat - Red Hat Enterprise Linux 10 - https://t.co/EGPsvZKf3Y #OSINT #ThreatIntel #CyberSecurity #cve-2025-9566 #red-hat #red-hat-enterprise-linux-10
@RedPacketSec
5 Sept 2025
78 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-9566 - Podman: podman kube play command may overwrite host files https://t.co/AM1MgTeqzL https://t.co/2k7lsdmFjP #cybersecurity #infosec #hacking
@cypmsecnews
5 Sept 2025
95 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes