CVE-2025-4953
Podman: build context bind mount
A flaw was found in Podman. In a Containerfile or Podman, data written to RUN --mount=type=bind mounts during the podman build is not discarded. This issue can lead to files created within the container appearing in the temporary build context directory on the host, leaving the created files accessible.
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
Produtos afetados
podmanRed Hat · Red Hat Enterprise Linux 10Red Hat · Red Hat Enterprise Linux 8Red Hat · Red Hat Enterprise Linux 9Red Hat · Red Hat OpenShift Container Platform 4Red Hat · Red Hat OpenShift Container Platform 4.12Red Hat · Red Hat OpenShift Container Platform 4.13Red Hat · Red Hat OpenShift Container Platform 4.14Red Hat · Red Hat OpenShift Container Platform 4.15Red Hat · Red Hat OpenShift Container Platform 4.16Red Hat · Red Hat OpenShift Container Platform 4.17Red Hat · Red Hat OpenShift Container Platform 4.18Quer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
https://access.redhat.com/errata/RHSA-2024:8690https://access.redhat.com/errata/RHSA-2025:15904https://access.redhat.com/errata/RHSA-2025:16724https://access.redhat.com/errata/RHSA-2025:16729https://access.redhat.com/errata/RHSA-2025:17669https://access.redhat.com/errata/RHSA-2025:22265https://access.redhat.com/errata/RHSA-2025:22275https://access.redhat.com/errata/RHSA-2025:22695https://access.redhat.com/errata/RHSA-2025:22724https://access.redhat.com/errata/RHSA-2025:22732https://access.redhat.com/errata/RHSA-2025:23113https://access.redhat.com/errata/RHSA-2025:2703