Introduction
Overwrite any file on the host system by simply deploying a Kubernetes YAML with a malicious ConfigMap or Secret volume. This is the real-world risk posed by CVE-2025-9566 in Podman, which affects a wide range of containerized environments that rely on the kube play command for workload orchestration.
Podman is an open-source container engine developed by Red Hat. It is a core component in the Red Hat container ecosystem and is widely used as a secure, rootless alternative to Docker. Podman powers container workflows in Red Hat OpenShift and is adopted in enterprise Linux environments globally due to its security focus and compatibility with Kubernetes.
Technical Information
CVE-2025-9566 is a symlink traversal vulnerability in Podman's kube play command. The flaw is triggered when a Kubernetes YAML configuration is processed by podman kube play and includes a ConfigMap or Secret volume mount. If the volume contains a symbolic link (symlink) that points to a file path on the host system, Podman does not properly restrict file operations to the intended volume directory.
The exploitation scenario involves:
- An attacker crafts or modifies a ConfigMap or Secret volume so that it contains a symlink to a sensitive or critical host file (for example,
/etc/passwd
). - The attacker ensures the volume is reused in multiple kube play operations, creating a race condition or opportunity to manipulate the symlink.
- When podman kube play processes the YAML, it follows the symlink and overwrites the target host file with content from the YAML-defined ConfigMap or Secret.
Key technical points:
- The attacker controls which host file is overwritten but cannot control the content (the content comes from the YAML configuration).
- This is a path traversal issue via symlink resolution, classified as CWE-22.
- No elevated privileges are required. Any user able to supply or modify the YAML and volume content can exploit the flaw.
- The vulnerability is present only when ConfigMap or Secret volumes are involved and contain symlinks to host files.
No public code snippets or PoC are available as of this writing.
Patch Information
To address the vulnerability identified as CVE-2025-9566, a security patch has been released for the affected software. This patch modifies the handling of symlinks within the podman kube play command to prevent unauthorized file overwrites on the host system.
The core of the fix involves updating the volume mount processing logic to detect and properly handle symlinks that could lead to path traversal attacks. By implementing stricter validation and sanitization of volume mount paths, the patch ensures that symlinks cannot be exploited to overwrite unintended files on the host.
Users are strongly encouraged to apply this patch promptly to mitigate the risk associated with this vulnerability. The patch is available through the official channels of the software vendor. For detailed instructions on applying the patch, please refer to the vendor's security advisory.
Patch sources:
Affected Systems and Versions
- Product: Podman
- Affected versions: 4.0.0 through 5.6.0
- Fixed in: 5.6.1 and later
- Vulnerable configurations: Systems using podman kube play with ConfigMap or Secret volume mounts containing symlinks to host file paths
Vendor Security History
Podman, maintained by Red Hat, has previously addressed container escape and filesystem isolation vulnerabilities. For example, Kubernetes CVE-2021-25741 involved similar symlink traversal issues in volume mounts. Red Hat typically responds quickly with coordinated patches and advisories across its products. Podman's rootless architecture and security focus have positioned it as a trusted container engine, but complex features like kube play have introduced subtle security challenges.