UBUNTU-CVE-2025-4953

See a problem?
Please try reporting it to the source first.
Source
https://ubuntu.com/security/CVE-2025-4953
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2025/UBUNTU-CVE-2025-4953.json
JSON Data
https://api.osv.dev/v1/vulns/UBUNTU-CVE-2025-4953
Upstream
Published
2025-09-16T15:15:00Z
Modified
2025-09-25T05:13:26Z
Severity
  • 7.4 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N CVSS Calculator
  • Ubuntu - medium
Summary
[none]
Details

A flaw was found in Podman. In a Containerfile or Podman, data written to RUN --mount=type=bind mounts during the podman build is not discarded. This issue can lead to files created within the container appearing in the temporary build context directory on the host, leaving the created files accessible.

References

Affected packages

Ubuntu:22.04:LTS / libpod

Package

Name
libpod
Purl
pkg:deb/ubuntu/libpod@3.4.4+ds1-1ubuntu1.22.04.3?arch=source&distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

3.*

3.2.1+ds1-2ubuntu3
3.4.4+ds1-1ubuntu1
3.4.4+ds1-1ubuntu1.22.04.1
3.4.4+ds1-1ubuntu1.22.04.2
3.4.4+ds1-1ubuntu1.22.04.3

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "podman",
            "binary_version": "3.4.4+ds1-1ubuntu1.22.04.3"
        },
        {
            "binary_name": "podman-docker",
            "binary_version": "3.4.4+ds1-1ubuntu1.22.04.3"
        }
    ]
}

Ubuntu:24.04:LTS / libpod

Package

Name
libpod
Purl
pkg:deb/ubuntu/libpod@4.9.3+ds1-1ubuntu0.2?arch=source&distro=noble

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

4.*

4.3.1+ds1-8
4.7.2+ds1-2
4.7.2+ds1-2build1
4.8.3+ds1-2
4.9.0+ds1-2
4.9.3+ds1-1
4.9.3+ds1-1build1
4.9.3+ds1-1build2
4.9.3+ds1-1ubuntu0.1
4.9.3+ds1-1ubuntu0.2

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "podman",
            "binary_version": "4.9.3+ds1-1ubuntu0.2"
        },
        {
            "binary_name": "podman-docker",
            "binary_version": "4.9.3+ds1-1ubuntu0.2"
        },
        {
            "binary_name": "podman-remote",
            "binary_version": "4.9.3+ds1-1ubuntu0.2"
        }
    ]
}

Ubuntu:25.04 / podman

Package

Name
podman
Purl
pkg:deb/ubuntu/podman@5.4.1+ds1-1?arch=source&distro=plucky

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

5.*

5.3.1+ds1-7
5.3.2+ds1-1
5.4.0+ds1-1
5.4.1+ds1-1

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "podman",
            "binary_version": "5.4.1+ds1-1"
        },
        {
            "binary_name": "podman-docker",
            "binary_version": "5.4.1+ds1-1"
        },
        {
            "binary_name": "podman-remote",
            "binary_version": "5.4.1+ds1-1"
        }
    ]
}