Cyber Resilience

CVE-2025-8283

LowUpdated

Published: 28 July 2025

Published
28 July 2025
Modified
19 May 2026
KEV Added
Patch
CVSS Score v3.1 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
EPSS Score 0.0032 55.6th percentile
Risk Priority 8 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-8283 is a low-severity External Control of System or Configuration Setting (CWE-15) vulnerability in Redhat Enterprise Linux. Its CVSS base score is 3.7 (Low).

Operationally, ranked in the top 44.4% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

EU & UK References

Vulnerability details

A vulnerability was found in the netavark package, a network stack for containers used with Podman. Due to dns.podman search domain being removed, netavark may return external servers if a valid A/AAAA record is sent as a response. When creating…

more

a container with a given name, this name will be used as the hostname for the container itself, as the podman's search domain is not added anymore the container is using the host's resolv.conf, and the DNS resolver will try to look into the search domains contained on it. If one of the domains contain a name with the same hostname as the running container, the connection will forward to unexpected external servers.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

redhat
openshift container platform
4.0
redhat
enterprise linux
10.0, 8.0, 9.0

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-15

The policy and procedures establish internal controls and change management for system configuration settings, reducing the feasibility of external unauthorized modifications.

addresses: CWE-15

Baseline configuration under change control directly prevents unauthorized external modification of system or configuration settings.

addresses: CWE-15

Requires approval, documentation, and security impact review of all configuration changes, directly preventing unauthorized external control of system settings.

addresses: CWE-15

Impact analysis of configuration changes reduces the risk of deploying settings that permit unauthorized external control.

addresses: CWE-15

Restricting changes to system and configuration settings prevents external entities from controlling those settings without approval.

addresses: CWE-15

Establishing, implementing, approving deviations from, and monitoring configuration settings directly prevents external or unauthorized control of system settings.

addresses: CWE-15

The plan defines processes for identifying and managing configuration items, preventing external unauthorized control of system settings.

addresses: CWE-15

Vulnerability scanners directly detect externally controllable or misconfigured settings using standardized checklists.

References