Fedora 42: FEDORA-2025-8a7d23116e critical: podman-tui DoS Risk
fedora
April 15, 2025
release 1.5.0
Summary
podman-tui is a terminal user interface for Podman v4 and v5.
podman-tui is using podman.socket service to communicate with podman environment
and SSH to connect to remote podman machines.
Update Information:
release 1.5.0
Topics Covered
Change Log
* Sun Apr 6 2025 Navid Yaghoobi
References
[ 1 ] Bug #2350799 - CVE-2025-22869 podman-tui: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh [fedora-40]
https://bugzilla.redhat.com/show_bug.cgi?id=2350799
[ 2 ] Bug #2350842 - CVE-2025-22869 podman-tui: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2350842
[ 3 ] Bug #2352104 - CVE-2025-22870 podman-tui: HTTP Proxy bypass using IPv6 Zone IDs in golang.org/x/net [fedora-40]
https://bugzilla.redhat.com/show_bug.cgi?id=2352104
[ 4 ] Bug #2352324 - CVE-2025-22870 podman-tui: HTTP Proxy bypass using IPv6 Zone IDs in golang.org/x/net [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2352324
Update Instructions
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-8a7d23116e' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Name: podman-tui
Product: Fedora 42
Version: 1.5.0
Release: 1.fc42
Summary: Podman Terminal User Interface
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!