INFSA-2025:10551: container-tools:rhel8 security update
Information about definition
Identificator: INFSA-2025:10551
Type: security
Release date: 2025-07-17 21:57:41 UTC
Information about package
The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc.
Vulnerabilities description
- CVE-2025-6032
A flaw was found in Podman. The podman machine init command fails to verify the TLS certificate when downloading the VM images from an OCI registry. This issue results in a Man In The Middle attack.
Severity level
| CVE | Score CVSS 2.0 | Score CVSS 3.x | Score CVSS 4.0 |
|---|---|---|---|
|
NIST — CVE-2025-6032
|
no information | 8.3 | no information |
Updated packages