#VU114987 Link following in Podman - CVE-2025-9566
Published: September 8, 2025
Vulnerability identifier: #VU114987
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2025-9566
CWE-ID: CWE-59
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
Podman
Podman
Software vendor:
Container Projects
Container Projects
Description
The vulnerability allows a malicious container to perform a denial of service (DoS) attack.
The vulnerability exists due to an insecure link following issue in podman kube play command. A malicious container can overwrite host files when the kube file contains a ConfigMap or Secret volume mount and the volume already contains a symlink to a host file.
Note, a malicious container can write to arbitrary files on the host BUT the attacker only controls the target path not the contents that will be written to the file.
Remediation
Install updates from vendor's website.