podman: fix CVE-2025-9566 - linux/meta-virtualization.git - Mirror of git.yoctoproject.org/meta-virtualization

diff options

author	Divya Chellam <divya.chellam@windriver.com>	2025-10-13 17:17:25 +0530
committer	Bruce Ashfield <bruce.ashfield@gmail.com>	2025-10-13 22:01:08 -0400
commit	38008d99d5bedc7d9769b9e95e3d6019a2df1698 (patch)
tree	4108fde201b18d05d8adcb4cfb6ee475637b1d22 /scripts/lib
parent	898239e810acbb7db93299f20deec8afe434f11b (diff)
download	meta-virtualization-walnascar.tar.gz

podman: fix CVE-2025-9566walnascar

There's a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap volume mount and such volume contains a symbolic link to a host file path. In a successful attack, the attacker can only control the target file to be overwritten but not the content to be written into the file. [EOL][EOL]Binary-Affected: podman[EOL]Upstream-version-introduced: v4.0.0[EOL]Upstream-version-fixed: v5.6.1 Reference: https://security-tracker.debian.org/tracker/CVE-2025-9566 Upstream-patch: https://github.com/containers/podman/commit/ca994186f07822b9048fe711b6903e51614d3e15 Signed-off-by: Divya Chellam <divya.chellam@windriver.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>

Diffstat (limited to 'scripts/lib')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: