CVE-2025-8283 โ€” External Control of System or Configuration Setting in Redhat Openshift Container Platform

CWE-15 โ€” External Control of System or Configuration Setting7 documents6 sources
Severity
3.7LOWNVD
EPSS
0.1%
top 79.73%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Redhat Enterprise LinuxRedhat Openshift Container Platform
Timeline
PublishedJul 28

Description

A vulnerability was found in the netavark package, a network stack for containers used with Podman. Due to dns.podman search domain being removed, netavark may return external servers if a valid A/AAAA record is sent as a response. When creating a container with a given name, this name will be used as the hostname for the container itself, as the podman's search domain is not added anymore the container is using the host's resolv.conf, and the DNS resolver will try to look into the search domainโ€ฆ

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:NExploitability: 2.2 | Impact: 1.4

Affected Packages0 packages

Also affects: Openshift Container Platform 4.0, Enterprise Linux 10.0, 8.0, 9.0

๐Ÿ”ดVulnerability Details

4
GHSA
Netavark Has Possible DNS Resolve Confusionโ†—2025-07-28
โ–ถ
CVEList
Netavark: podman: netavark may resolve hostnames to unexpected hostsโ†—2025-07-28
โ–ถ
OSV
Netavark Has Possible DNS Resolve Confusionโ†—2025-07-28
โ–ถ
OSV
CVE-2025-8283: A vulnerability was found in the netavark package, a network stack for containers used with Podmanโ†—2025-07-28
โ–ถ

๐Ÿ“‹Vendor Advisories

2
Red Hat
netavark: podman: netavark may resolve hostnames to unexpected hostsโ†—2025-07-28
โ–ถ
Debian
CVE-2025-8283: netavark - A vulnerability was found in the netavark package, a network stack for container...โ†—2025
โ–ถ
CVE-2025-8283 โ€” Redhat vulnerability | cvebase