Description

A vulnerability was found in the netavark package, a network stack for containers used with Podman. Due to dns.podman search domain being removed, netavark may return external servers if a valid A/AAAA record is sent as a response. When creating a container with a given name, this name will be used as the hostname for the container itself, as the podman's search domain is not added anymore the container is using the host's resolv.conf, and the DNS resolver will try to look into the search domains contained on it. If one of the domains contain a name with the same hostname as the running container, the connection will forward to unexpected external servers.

INFO

Published Date :

2025-07-28T18:16:07.853Z

Last Modified :

2025-07-28T18:29:12.662Z

Source :

redhat
AFFECTED PRODUCTS

The following products are affected by CVE-2025-8283 vulnerability.

Vendors Products
Redhat
  • Enterprise Linux
  • Openshift
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-8283.

URL Resource
https://access.redhat.com/security/cve/CVE-2025-8283 cve-icon cve-icon
https://bugzilla.redhat.com/show_bug.cgi?id=2383941 cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2025-8283 cve-icon
https://www.cve.org/CVERecord?id=CVE-2025-8283 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact