Medium severity6.8NVD Advisory· Published Mar 27, 2023· Updated Jun 17, 2026
CVE-2023-0778
CVE-2023-0778
Description
A Time-of-check Time-of-use (TOCTOU) flaw was found in podman. This issue may allow a malicious user to replace a normal file in a volume with a symlink while exporting the volume, allowing for access to arbitrary files on the host file system.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
github.com/containers/podman/v4Go | < 4.4.2 | 4.4.2 |
Affected products
49- ghsa-coords48 versionspkg:golang/github.com/containers/podman/v4pkg:rpm/almalinux/aardvark-dnspkg:rpm/almalinux/buildahpkg:rpm/almalinux/buildah-testspkg:rpm/almalinux/cockpit-podmanpkg:rpm/almalinux/conmonpkg:rpm/almalinux/containernetworking-pluginspkg:rpm/almalinux/containers-commonpkg:rpm/almalinux/container-selinuxpkg:rpm/almalinux/critpkg:rpm/almalinux/criupkg:rpm/almalinux/criu-develpkg:rpm/almalinux/criu-libspkg:rpm/almalinux/crunpkg:rpm/almalinux/fuse-overlayfspkg:rpm/almalinux/libslirppkg:rpm/almalinux/libslirp-develpkg:rpm/almalinux/netavarkpkg:rpm/almalinux/oci-seccomp-bpf-hookpkg:rpm/almalinux/podmanpkg:rpm/almalinux/podman-catatonitpkg:rpm/almalinux/podman-dockerpkg:rpm/almalinux/podman-gvproxypkg:rpm/almalinux/podman-pluginspkg:rpm/almalinux/podman-remotepkg:rpm/almalinux/podman-testspkg:rpm/almalinux/python3-criupkg:rpm/almalinux/python3-podmanpkg:rpm/almalinux/runcpkg:rpm/almalinux/skopeopkg:rpm/almalinux/skopeo-testspkg:rpm/almalinux/slirp4netnspkg:rpm/almalinux/toolboxpkg:rpm/almalinux/toolbox-testspkg:rpm/almalinux/udicapkg:rpm/opensuse/podman&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/podman&distro=openSUSE%20Leap%20Micro%205.3pkg:rpm/opensuse/podman&distro=openSUSE%20Tumbleweedpkg:rpm/suse/podman&distro=SUSE%20Enterprise%20Storage%207.1pkg:rpm/suse/podman&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-ESPOSpkg:rpm/suse/podman&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSSpkg:rpm/suse/podman&distro=SUSE%20Linux%20Enterprise%20Micro%205.1pkg:rpm/suse/podman&distro=SUSE%20Linux%20Enterprise%20Micro%205.2pkg:rpm/suse/podman&distro=SUSE%20Linux%20Enterprise%20Micro%205.3pkg:rpm/suse/podman&distro=SUSE%20Linux%20Enterprise%20Micro%205.4pkg:rpm/suse/podman&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Containers%2015%20SP4pkg:rpm/suse/podman&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSSpkg:rpm/suse/podman&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3
< 4.4.2+ 47 more
- (no CPE)range: < 4.4.2
- (no CPE)range: < 2:1.5.0-2.module_el8.8.0+3470+252b1910
- (no CPE)range: < 1:1.29.1-1.module_el8.8.0+3470+252b1910
- (no CPE)range: < 1:1.29.1-1.module_el8.8.0+3470+252b1910
- (no CPE)range: < 63.1-1.module_el8.8.0+3557+7ba9cc13
- (no CPE)range: < 3:2.1.6-1.module_el8.8.0+3470+252b1910
- (no CPE)range: < 1:1.2.0-1.module_el8.8.0+3470+252b1910
- (no CPE)range: < 2:1-63.module_el8.8.0+3568+e8578284
- (no CPE)range: < 2:2.205.0-2.module_el8.8.0+3557+7ba9cc13
- (no CPE)range: < 3.15-3.module_el8.7.0+3407+95aa0ca9
- (no CPE)range: < 3.15-3.module_el8.7.0+3407+95aa0ca9
- (no CPE)range: < 3.15-3.module_el8.7.0+3407+95aa0ca9
- (no CPE)range: < 3.15-3.module_el8.7.0+3407+95aa0ca9
- (no CPE)range: < 1.8.1-2.module_el8.8.0+3568+e8578284
- (no CPE)range: < 1.10-1.module_el8.8.0+3470+252b1910
- (no CPE)range: < 4.4.0-1.module_el8.7.0+3407+95aa0ca9
- (no CPE)range: < 4.4.0-1.module_el8.7.0+3407+95aa0ca9
- (no CPE)range: < 2:1.5.0-4.module_el8.8.0+3470+252b1910
- (no CPE)range: < 1.2.8-1.module_el8.8.0+3470+252b1910
- (no CPE)range: < 3:4.4.1-8.module_el8.8.0+3568+e8578284
- (no CPE)range: < 3:4.4.1-8.module_el8.8.0+3568+e8578284
- (no CPE)range: < 3:4.4.1-8.module_el8.8.0+3568+e8578284
- (no CPE)range: < 3:4.4.1-8.module_el8.8.0+3568+e8578284
- (no CPE)range: < 3:4.4.1-8.module_el8.8.0+3568+e8578284
- (no CPE)range: < 3:4.4.1-8.module_el8.8.0+3568+e8578284
- (no CPE)range: < 3:4.4.1-8.module_el8.8.0+3568+e8578284
- (no CPE)range: < 3.15-3.module_el8.7.0+3407+95aa0ca9
- (no CPE)range: < 4.4.1-1.module_el8.8.0+3470+252b1910
- (no CPE)range: < 1:1.1.4-1.module_el8.7.0+3407+95aa0ca9
- (no CPE)range: < 2:1.11.2-0.2.module_el8.8.0+3470+252b1910
- (no CPE)range: < 2:1.11.2-0.2.module_el8.8.0+3470+252b1910
- (no CPE)range: < 1.2.0-2.module_el8.7.0+3407+95aa0ca9
- (no CPE)range: < 0.0.99.3-7.module_el8.8.0+3470+252b1910
- (no CPE)range: < 0.0.99.3-7.module_el8.8.0+3470+252b1910
- (no CPE)range: < 0.2.6-20.module_el8.8.0+3470+252b1910
- (no CPE)range: < 4.4.4-150400.4.16.1
- (no CPE)range: < 4.4.4-150400.4.16.1
- (no CPE)range: < 4.4.2-1.1
- (no CPE)range: < 4.4.4-150300.9.20.1
- (no CPE)range: < 4.4.4-150300.9.20.1
- (no CPE)range: < 4.4.4-150300.9.20.1
- (no CPE)range: < 4.4.4-150300.9.20.1
- (no CPE)range: < 4.4.4-150300.9.20.1
- (no CPE)range: < 4.4.4-150400.4.16.1
- (no CPE)range: < 4.4.4-150400.4.16.1
- (no CPE)range: < 4.4.4-150400.4.16.1
- (no CPE)range: < 4.4.4-150300.9.20.1
- (no CPE)range: < 4.4.4-150300.9.20.1
Patches
Vulnerability mechanics
References
8- bugzilla.redhat.com/show_bug.cginvdIssue TrackingThird Party AdvisoryWEB
- github.com/advisories/GHSA-qwqv-rqgf-8qh8ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2023-0778ghsaADVISORY
- access.redhat.com/security/cve/CVE-2023-0778ghsaWEB
- github.com/containers/podman/commit/6ca857feb07a5fdc96fd947afef03916291673d8ghsaWEB
- github.com/containers/podman/pull/17528ghsaWEB
- github.com/containers/podman/pull/17532ghsaWEB
- pkg.go.dev/vuln/GO-2023-1681ghsaWEB
News mentions
0No linked articles in our index yet.