podman-5.4.0-13.el9_6

エラータID: AXSA:2025-10877:09

Release date: 
Friday, September 19, 2025 - 20:58
Subject: 
podman-5.4.0-13.el9_6
Affected Channels: 
MIRACLE LINUX 9 for x86_64
Severity: 
High
Description: 

The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes.

Security Fix(es):

* podman: Podman kube play command may overwrite host files (CVE-2025-9566)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2025-9566
There's a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap volume mount and such volume contains a symbolic link to a host file path. In a successful attack, the attacker can only control the target file to be overwritten but not the content to be written into the file. Binary-Affected: podman Upstream-version-introduced: v4.0.0 Upstream-version-fixed: v5.6.1

Solution: 

Update packages.

CVEs: 
CVE-2025-9566
There's a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap volume mount and such volume contains a symbolic link to a host file path. In a successful attack, the attacker can only control the target file to be overwritten but not the content to be written into the file. Binary-Affected: podman Upstream-version-introduced: v4.0.0 Upstream-version-fixed: v5.6.1
Additional Info: 

N/A

Download: 

SRPMS
  1. podman-5.4.0-13.el9_6.src.rpm
    MD5: 3b4b629c39aeac8a695b076d24cf697b
    SHA-256: 65181a5de2ee9ddba25d9c1ced126e5532fa7f315f294156c04de75a23aca1b9
    Size: 26.28 MB

Asianux Server 9 for x86_64
  1. podman-5.4.0-13.el9_6.x86_64.rpm
    MD5: 53633a3f7b1dec1f221145d136a361c8
    SHA-256: dedc4106b1c0b0f180908387b1268b7854e49c36fdb5b5986aea0ab0cf7ea533
    Size: 17.05 MB
  2. podman-docker-5.4.0-13.el9_6.noarch.rpm
    MD5: 94c61f8d6de5cdac941d3d6d35080d9c
    SHA-256: dd4b560f26e9073c034fefe316462d90c431606d624645282d94bfb39c933a77
    Size: 106.61 kB
  3. podman-plugins-5.4.0-13.el9_6.x86_64.rpm
    MD5: 5c781ce7537d2695268c7ac03e030499
    SHA-256: 9f47010b1da0df51a578fc96259565616052bdbeaea638cff3f647b1b2985286
    Size: 1.42 MB
  4. podman-remote-5.4.0-13.el9_6.x86_64.rpm
    MD5: 2170bb55582ea7c89966352fe0402616
    SHA-256: 79382a6985c31a2197544e0989452df9fea5c5d7ca7ec0bb97c5dcafe4026dee
    Size: 11.16 MB
  5. podman-tests-5.4.0-13.el9_6.x86_64.rpm
    MD5: 6b15fba176fa854676bf6ed1f48541e7
    SHA-256: a100f889bb2b6209d096c65bdfe57dc74e4199ad444d53b90a1a5ead793ec85b
    Size: 12.36 MB