Untriaged
Permalink
CVE-2025-6032
8.3 HIGH
- CVSS version: 3.1
- Attack vector (AV): NETWORK
- Attack complexity (AC): HIGH
- Privileges required (PR): NONE
- User interaction (UI): REQUIRED
- Scope (S): CHANGED
- Confidentiality impact (C): HIGH
- Integrity impact (I): HIGH
- Availability impact (A): HIGH
Podman: podman missing tls verification
A flaw was found in Podman. The podman machine init command fails to verify the TLS certificate when downloading the VM images from an OCI registry. This issue results in a Man In The Middle attack.
References
- https://access.redhat.com/security/cve/CVE-2025-6032 x_refsource_REDHAT vdb-entry
- RHBZ#2372501 issue-tracking x_refsource_REDHAT
- RHSA-2025:9751 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2025-6032 x_refsource_REDHAT vdb-entry
- RHBZ#2372501 issue-tracking x_refsource_REDHAT
- RHSA-2025:9726 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9751 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9766 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2025-6032 x_refsource_REDHAT vdb-entry
- RHBZ#2372501 issue-tracking x_refsource_REDHAT
- RHSA-2025:10550 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10551 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9726 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9751 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9766 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2025-6032 x_refsource_REDHAT vdb-entry
- RHBZ#2372501 issue-tracking x_refsource_REDHAT
- RHSA-2025:10549 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10295 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10549 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10550 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10551 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10668 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9726 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9751 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9766 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2025-6032 x_refsource_REDHAT vdb-entry
- RHBZ#2372501 issue-tracking x_refsource_REDHAT
- RHSA-2025:10295 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10549 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10550 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10551 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10668 x_refsource_REDHAT vendor-advisory
- RHSA-2025:11363 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9726 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9751 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9766 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2025-6032 x_refsource_REDHAT vdb-entry
- RHBZ#2372501 issue-tracking x_refsource_REDHAT
- RHSA-2025:10295 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10549 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10550 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10551 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10668 x_refsource_REDHAT vendor-advisory
- RHSA-2025:11363 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9726 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9751 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9766 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2025-6032 x_refsource_REDHAT vdb-entry
- RHBZ#2372501 issue-tracking x_refsource_REDHAT
- RHSA-2025:9766 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2025-6032 x_refsource_REDHAT vdb-entry
- RHBZ#2372501 issue-tracking x_refsource_REDHAT
- RHSA-2025:10295 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10549 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10550 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10551 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10668 x_refsource_REDHAT vendor-advisory
- RHSA-2025:11363 x_refsource_REDHAT vendor-advisory
- RHSA-2025:11677 x_refsource_REDHAT vendor-advisory
- RHSA-2025:11681 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9726 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9751 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10668 x_refsource_REDHAT vendor-advisory
- RHSA-2025:11363 x_refsource_REDHAT vendor-advisory
- RHSA-2025:11677 x_refsource_REDHAT vendor-advisory
- RHSA-2025:11681 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9726 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9751 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9766 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2025-6032 x_refsource_REDHAT vdb-entry
- RHBZ#2372501 issue-tracking x_refsource_REDHAT
- RHSA-2025:10295 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10549 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10550 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10551 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9751 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9766 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2025-6032 x_refsource_REDHAT vdb-entry
- RHBZ#2372501 issue-tracking x_refsource_REDHAT
- RHSA-2025:10295 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10549 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10550 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10551 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10668 x_refsource_REDHAT vendor-advisory
- RHSA-2025:11363 x_refsource_REDHAT vendor-advisory
- RHSA-2025:11677 x_refsource_REDHAT vendor-advisory
- RHSA-2025:11681 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9726 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10295 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10549 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10550 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10551 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10668 x_refsource_REDHAT vendor-advisory
- RHSA-2025:11363 x_refsource_REDHAT vendor-advisory
- RHSA-2025:11677 x_refsource_REDHAT vendor-advisory
- RHSA-2025:11681 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9726 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9751 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9766 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2025-6032 x_refsource_REDHAT vdb-entry
- RHBZ#2372501 issue-tracking x_refsource_REDHAT
- RHSA-2025:10295 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10549 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10550 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10551 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10668 x_refsource_REDHAT vendor-advisory
- RHSA-2025:11363 x_refsource_REDHAT vendor-advisory
- RHSA-2025:11677 x_refsource_REDHAT vendor-advisory
- RHSA-2025:11681 x_refsource_REDHAT vendor-advisory
- RHSA-2025:15397 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9726 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9751 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9766 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2025-6032 x_refsource_REDHAT vdb-entry
- RHBZ#2372501 issue-tracking x_refsource_REDHAT
- RHSA-2025:9766 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2025-6032 x_refsource_REDHAT vdb-entry
- RHBZ#2372501 issue-tracking x_refsource_REDHAT
- https://github.com/containers/podman/commit/726b506acc8a00d99f1a3a1357ecf619a1f…
- https://github.com/containers/podman/security/advisories/GHSA-65gg-3w2w-hr4h
- RHSA-2025:10295 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10549 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10550 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10551 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10668 x_refsource_REDHAT vendor-advisory
- RHSA-2025:11363 x_refsource_REDHAT vendor-advisory
- RHSA-2025:11677 x_refsource_REDHAT vendor-advisory
- RHSA-2025:11681 x_refsource_REDHAT vendor-advisory
- RHSA-2025:15397 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9726 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9751 x_refsource_REDHAT vendor-advisory
Affected products
rhcos
- *
podman
- <5.5.2
- *
container-tools:rhel8
- *
container-tools:rhel8/podman
Matching in nixpkgs
pkgs.podman
Program for managing pods, containers and container images
-
nixos-unstable -
- nixpkgs-unstable 5.6.1
pkgs.podman-tui
Podman Terminal UI
-
nixos-unstable -
- nixpkgs-unstable 1.8.0
pkgs.podman-bootc
Streamlining podman+bootc interactions
-
nixos-unstable -
- nixpkgs-unstable 0.1.2
pkgs.podman-compose
Implementation of docker-compose with podman backend
-
nixos-unstable -
- nixpkgs-unstable 1.5.0
pkgs.podman-desktop
Graphical tool for developing on containers and Kubernetes
-
nixos-unstable -
- nixpkgs-unstable 1.21.0
pkgs.nomad-driver-podman
Podman task driver for Nomad
-
nixos-unstable -
- nixpkgs-unstable 0.6.3
pkgs.python312Packages.podman
Python bindings for Podman's RESTful API
-
nixos-unstable -
- nixpkgs-unstable 5.6.0
pkgs.python313Packages.podman
Python bindings for Podman's RESTful API
-
nixos-unstable -
- nixpkgs-unstable 5.6.0
Package maintainers
-
@cpcloud Phillip Cloud
-
@saschagrunert Sascha Grunert <mail@saschagrunert.de>
-
@vdemeester Vincent Demeester <vincent@sbr.pm>
-
@evan-goode Evan Goode <mail@evangoo.de>
-
@sikmir Nikolay Korotkiy <sikmir@disroot.org>
-
@booxter Ihar Hrachyshka <ihar.hrachyshka@gmail.com>
-
@aaronjheng Aaron Jheng <wentworth@outlook.com>
-
@fabaff Fabian Affolter <mail@fabian-affolter.ch>