{"document":{"aggregate_severity":{"namespace":"https://www.suse.com/support/security/rating/","text":"low"},"category":"csaf_vex","csaf_version":"2.0","distribution":{"text":"Copyright 2024 SUSE LLC. All rights reserved.","tlp":{"label":"WHITE","url":"https://www.first.org/tlp/"}},"lang":"en","notes":[{"category":"summary","text":"SUSE CVE-2025-8283","title":"Title"},{"category":"description","text":"A vulnerability was found in the netavark package, a network stack for containers used with Podman. Due to dns.podman search domain being removed, netavark may return external servers if a valid A/AAAA record is sent as a response. When creating a container with a given name, this name will be used as the hostname for the container itself, as the podman's search domain is not added anymore the container is using the host's resolv.conf, and the DNS resolver will try to look into the search domains contained on it. If one of the domains contain a name with the same hostname as the running container, the connection will forward to unexpected external servers.","title":"Description of the CVE"},{"category":"legal_disclaimer","text":"CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).","title":"Terms of use"}],"publisher":{"category":"vendor","contact_details":"https://www.suse.com/support/security/contact/","name":"SUSE Product Security Team","namespace":"https://www.suse.com/"},"references":[{"category":"external","summary":"CVE-2025-8283","url":"https://www.suse.com/security/cve/CVE-2025-8283"},{"category":"external","summary":"SUSE Security Ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"external","summary":"SUSE Bug 1247319 for CVE-2025-8283","url":"https://bugzilla.suse.com/1247319"}],"title":"SUSE CVE CVE-2025-8283","tracking":{"current_release_date":"2025-07-29T23:27:08Z","generator":{"date":"2025-07-29T23:27:08Z","engine":{"name":"cve-database.git:bin/generate-csaf-vex.pl","version":"1"}},"id":"CVE-2025-8283","initial_release_date":"2025-07-29T23:27:08Z","revision_history":[{"date":"2025-07-29T23:27:08Z","number":"2","summary":"Current version"}],"status":"interim","version":"2"}},"product_tree":{"branches":[{"branches":[{"branches":[{"category":"product_name","name":"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS","product":{"name":"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS","product_id":"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS","product_identification_helper":{"cpe":"cpe:/o:suse:sle_hpc-ltss:15:sp3"}}},{"category":"product_name","name":"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS","product":{"name":"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS","product_id":"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS","product_identification_helper":{"cpe":"cpe:/o:suse:sle_hpc-ltss:15:sp4"}}},{"category":"product_name","name":"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS","product":{"name":"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS","product_id":"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS","product_identification_helper":{"cpe":"cpe:/o:suse:sle_hpc-espos:15:sp5"}}},{"category":"product_name","name":"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS","product":{"name":"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS","product_id":"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS","product_identification_helper":{"cpe":"cpe:/o:suse:sle_hpc-ltss:15:sp5"}}},{"category":"product_name","name":"SUSE Linux Enterprise High Performance Computing 15 SP6","product":{"name":"SUSE Linux Enterprise High Performance Computing 15 SP6","product_id":"SUSE Linux Enterprise High Performance Computing 15 SP6","product_identification_helper":{"cpe":"cpe:/o:suse:sle_hpc:15:sp6"}}},{"category":"product_name","name":"SUSE Linux Enterprise High Performance Computing 15 SP7","product":{"name":"SUSE Linux Enterprise High Performance Computing 15 SP7","product_id":"SUSE Linux Enterprise High Performance Computing 15 SP7","product_identification_helper":{"cpe":"cpe:/o:suse:sle_hpc:15:sp7"}}},{"category":"product_name","name":"SUSE Linux Enterprise Micro 5.1","product":{"name":"SUSE Linux Enterprise Micro 5.1","product_id":"SUSE Linux Enterprise Micro 5.1","product_identification_helper":{"cpe":"cpe:/o:suse:suse-microos:5.1"}}},{"category":"product_name","name":"SUSE Linux Enterprise Micro 5.2","product":{"name":"SUSE Linux Enterprise Micro 5.2","product_id":"SUSE Linux Enterprise Micro 5.2","product_identification_helper":{"cpe":"cpe:/o:suse:suse-microos:5.2"}}},{"category":"product_name","name":"SUSE Linux Enterprise Micro 5.3","product":{"name":"SUSE Linux Enterprise Micro 5.3","product_id":"SUSE Linux Enterprise Micro 5.3","product_identification_helper":{"cpe":"cpe:/o:suse:sle-micro:5.3"}}},{"category":"product_name","name":"SUSE Linux Enterprise Micro 5.4","product":{"name":"SUSE Linux Enterprise Micro 5.4","product_id":"SUSE Linux Enterprise Micro 5.4","product_identification_helper":{"cpe":"cpe:/o:suse:sle-micro:5.4"}}},{"category":"product_name","name":"SUSE Linux Enterprise Micro 5.5","product":{"name":"SUSE Linux Enterprise Micro 5.5","product_id":"SUSE Linux Enterprise Micro 5.5","product_identification_helper":{"cpe":"cpe:/o:suse:sle-micro:5.5"}}},{"category":"product_name","name":"SUSE Linux Enterprise Module for Containers 15 SP6","product":{"name":"SUSE Linux Enterprise Module for Containers 15 SP6","product_id":"SUSE Linux Enterprise Module for Containers 15 SP6","product_identification_helper":{"cpe":"cpe:/o:suse:sle-module-containers:15:sp6"}}},{"category":"product_name","name":"SUSE Linux Enterprise Module for Containers 15 SP7","product":{"name":"SUSE Linux Enterprise Module for Containers 15 SP7","product_id":"SUSE Linux Enterprise Module for Containers 15 SP7","product_identification_helper":{"cpe":"cpe:/o:suse:sle-module-containers:15:sp7"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server 15 SP3-LTSS","product":{"name":"SUSE Linux Enterprise Server 15 SP3-LTSS","product_id":"SUSE Linux Enterprise Server 15 SP3-LTSS","product_identification_helper":{"cpe":"cpe:/o:suse:sles-ltss:15:sp3"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server 15 SP4-LTSS","product":{"name":"SUSE Linux Enterprise Server 15 SP4-LTSS","product_id":"SUSE Linux Enterprise Server 15 SP4-LTSS","product_identification_helper":{"cpe":"cpe:/o:suse:sles-ltss:15:sp4"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server 15 SP5-LTSS","product":{"name":"SUSE Linux Enterprise Server 15 SP5-LTSS","product_id":"SUSE Linux Enterprise Server 15 SP5-LTSS","product_identification_helper":{"cpe":"cpe:/o:suse:sles-ltss:15:sp5"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server 15 SP6","product":{"name":"SUSE Linux Enterprise Server 15 SP6","product_id":"SUSE Linux Enterprise Server 15 SP6","product_identification_helper":{"cpe":"cpe:/o:suse:sles:15:sp6"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server 15 SP7","product":{"name":"SUSE Linux Enterprise Server 15 SP7","product_id":"SUSE Linux Enterprise Server 15 SP7","product_identification_helper":{"cpe":"cpe:/o:suse:sles:15:sp7"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server Teradata 15 SP4","product":{"name":"SUSE Linux Enterprise Server Teradata 15 SP4","product_id":"SUSE Linux Enterprise Server Teradata 15 SP4","product_identification_helper":{"cpe":"cpe:/o:suse:sles_teradata:15:sp4"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server for SAP Applications 15 SP3","product":{"name":"SUSE Linux Enterprise Server for SAP Applications 15 SP3","product_id":"SUSE Linux Enterprise Server for SAP Applications 15 SP3","product_identification_helper":{"cpe":"cpe:/o:suse:sles_sap:15:sp3"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server for SAP Applications 15 SP4","product":{"name":"SUSE Linux Enterprise Server for SAP Applications 15 SP4","product_id":"SUSE Linux Enterprise Server for SAP Applications 15 SP4","product_identification_helper":{"cpe":"cpe:/o:suse:sles_sap:15:sp4"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server for SAP Applications 15 SP5","product":{"name":"SUSE Linux Enterprise Server for SAP Applications 15 SP5","product_id":"SUSE Linux Enterprise Server for SAP Applications 15 SP5","product_identification_helper":{"cpe":"cpe:/o:suse:sles_sap:15:sp5"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server for SAP Applications 15 SP6","product":{"name":"SUSE Linux Enterprise Server for SAP Applications 15 SP6","product_id":"SUSE Linux Enterprise Server for SAP Applications 15 SP6","product_identification_helper":{"cpe":"cpe:/o:suse:sles_sap:15:sp6"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server for SAP Applications 15 SP7","product":{"name":"SUSE Linux Enterprise Server for SAP Applications 15 SP7","product_id":"SUSE Linux Enterprise Server for SAP Applications 15 SP7","product_identification_helper":{"cpe":"cpe:/o:suse:sles_sap:15:sp7"}}},{"category":"product_name","name":"SUSE Linux Micro 6.0","product":{"name":"SUSE Linux Micro 6.0","product_id":"SUSE Linux Micro 6.0","product_identification_helper":{"cpe":"cpe:/o:suse:sl-micro:6.0"}}},{"category":"product_name","name":"SUSE Linux Micro 6.1","product":{"name":"SUSE Linux Micro 6.1","product_id":"SUSE Linux Micro 6.1","product_identification_helper":{"cpe":"cpe:/o:suse:sl-micro:6.1"}}},{"category":"product_name","name":"openSUSE Leap 15.6","product":{"name":"openSUSE Leap 15.6","product_id":"openSUSE Leap 15.6","product_identification_helper":{"cpe":"cpe:/o:opensuse:leap:15.6"}}},{"category":"product_version","name":"netavark","product":{"name":"netavark","product_id":"netavark","product_identification_helper":{"purl":"pkg:rpm/suse/netavark@?upstream=netavark.src.rpm"}}}],"category":"product_family","name":"SUSE Linux Enterprise"}],"category":"vendor","name":"SUSE"}],"relationships":[{"category":"default_component_of","full_product_name":{"name":"netavark as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS","product_id":"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:netavark"},"product_reference":"netavark","relates_to_product_reference":"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"},{"category":"default_component_of","full_product_name":{"name":"netavark as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS","product_id":"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netavark"},"product_reference":"netavark","relates_to_product_reference":"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"},{"category":"default_component_of","full_product_name":{"name":"netavark as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS","product_id":"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netavark"},"product_reference":"netavark","relates_to_product_reference":"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"},{"category":"default_component_of","full_product_name":{"name":"netavark as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS","product_id":"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netavark"},"product_reference":"netavark","relates_to_product_reference":"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"},{"category":"default_component_of","full_product_name":{"name":"netavark as component of SUSE Linux Enterprise Micro 5.1","product_id":"SUSE Linux Enterprise Micro 5.1:netavark"},"product_reference":"netavark","relates_to_product_reference":"SUSE Linux Enterprise Micro 5.1"},{"category":"default_component_of","full_product_name":{"name":"netavark as component of SUSE Linux Enterprise Micro 5.2","product_id":"SUSE Linux Enterprise Micro 5.2:netavark"},"product_reference":"netavark","relates_to_product_reference":"SUSE Linux Enterprise Micro 5.2"},{"category":"default_component_of","full_product_name":{"name":"netavark as component of SUSE Linux Enterprise Micro 5.3","product_id":"SUSE Linux Enterprise Micro 5.3:netavark"},"product_reference":"netavark","relates_to_product_reference":"SUSE Linux Enterprise Micro 5.3"},{"category":"default_component_of","full_product_name":{"name":"netavark as component of SUSE Linux Enterprise Micro 5.4","product_id":"SUSE Linux Enterprise Micro 5.4:netavark"},"product_reference":"netavark","relates_to_product_reference":"SUSE Linux Enterprise Micro 5.4"},{"category":"default_component_of","full_product_name":{"name":"netavark as component of SUSE Linux Enterprise Micro 5.5","product_id":"SUSE Linux Enterprise Micro 5.5:netavark"},"product_reference":"netavark","relates_to_product_reference":"SUSE Linux Enterprise Micro 5.5"},{"category":"default_component_of","full_product_name":{"name":"netavark as component of SUSE Linux Enterprise Server 15 SP6","product_id":"SUSE Linux Enterprise Server 15 SP6:netavark"},"product_reference":"netavark","relates_to_product_reference":"SUSE Linux Enterprise Server 15 SP6"},{"category":"default_component_of","full_product_name":{"name":"netavark as component of SUSE Linux Enterprise Server for SAP Applications 15 SP6","product_id":"SUSE Linux Enterprise Server for SAP Applications 15 SP6:netavark"},"product_reference":"netavark","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 15 SP6"},{"category":"default_component_of","full_product_name":{"name":"netavark as component of SUSE Linux Enterprise High Performance Computing 15 SP6","product_id":"SUSE Linux Enterprise High Performance Computing 15 SP6:netavark"},"product_reference":"netavark","relates_to_product_reference":"SUSE Linux Enterprise High Performance Computing 15 SP6"},{"category":"default_component_of","full_product_name":{"name":"netavark as component of SUSE Linux Enterprise Module for Containers 15 SP6","product_id":"SUSE Linux Enterprise Module for Containers 15 SP6:netavark"},"product_reference":"netavark","relates_to_product_reference":"SUSE Linux Enterprise Module for Containers 15 SP6"},{"category":"default_component_of","full_product_name":{"name":"netavark as component of SUSE Linux Enterprise Server 15 SP7","product_id":"SUSE Linux Enterprise Server 15 SP7:netavark"},"product_reference":"netavark","relates_to_product_reference":"SUSE Linux Enterprise Server 15 SP7"},{"category":"default_component_of","full_product_name":{"name":"netavark as component of SUSE Linux Enterprise Server for SAP Applications 15 SP7","product_id":"SUSE Linux Enterprise Server for SAP Applications 15 SP7:netavark"},"product_reference":"netavark","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 15 SP7"},{"category":"default_component_of","full_product_name":{"name":"netavark as component of SUSE Linux Enterprise High Performance Computing 15 SP7","product_id":"SUSE Linux Enterprise High Performance Computing 15 SP7:netavark"},"product_reference":"netavark","relates_to_product_reference":"SUSE Linux Enterprise High Performance Computing 15 SP7"},{"category":"default_component_of","full_product_name":{"name":"netavark as component of SUSE Linux Enterprise Module for Containers 15 SP7","product_id":"SUSE Linux Enterprise Module for Containers 15 SP7:netavark"},"product_reference":"netavark","relates_to_product_reference":"SUSE Linux Enterprise Module for Containers 15 SP7"},{"category":"default_component_of","full_product_name":{"name":"netavark as component of SUSE Linux Enterprise Server 15 SP3-LTSS","product_id":"SUSE Linux Enterprise Server 15 SP3-LTSS:netavark"},"product_reference":"netavark","relates_to_product_reference":"SUSE Linux Enterprise Server 15 SP3-LTSS"},{"category":"default_component_of","full_product_name":{"name":"netavark as component of SUSE Linux Enterprise Server 15 SP4-LTSS","product_id":"SUSE Linux Enterprise Server 15 SP4-LTSS:netavark"},"product_reference":"netavark","relates_to_product_reference":"SUSE Linux Enterprise Server 15 SP4-LTSS"},{"category":"default_component_of","full_product_name":{"name":"netavark as component of SUSE Linux Enterprise Server 15 SP5-LTSS","product_id":"SUSE Linux Enterprise Server 15 SP5-LTSS:netavark"},"product_reference":"netavark","relates_to_product_reference":"SUSE Linux Enterprise Server 15 SP5-LTSS"},{"category":"default_component_of","full_product_name":{"name":"netavark as component of SUSE Linux Enterprise Server Teradata 15 SP4","product_id":"SUSE Linux Enterprise Server Teradata 15 SP4:netavark"},"product_reference":"netavark","relates_to_product_reference":"SUSE Linux Enterprise Server Teradata 15 SP4"},{"category":"default_component_of","full_product_name":{"name":"netavark as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3","product_id":"SUSE Linux Enterprise Server for SAP Applications 15 SP3:netavark"},"product_reference":"netavark","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 15 SP3"},{"category":"default_component_of","full_product_name":{"name":"netavark as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4","product_id":"SUSE Linux Enterprise Server for SAP Applications 15 SP4:netavark"},"product_reference":"netavark","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 15 SP4"},{"category":"default_component_of","full_product_name":{"name":"netavark as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5","product_id":"SUSE Linux Enterprise Server for SAP Applications 15 SP5:netavark"},"product_reference":"netavark","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 15 SP5"},{"category":"default_component_of","full_product_name":{"name":"netavark as component of SUSE Linux Micro 6.0","product_id":"SUSE Linux Micro 6.0:netavark"},"product_reference":"netavark","relates_to_product_reference":"SUSE Linux Micro 6.0"},{"category":"default_component_of","full_product_name":{"name":"netavark as component of SUSE Linux Micro 6.1","product_id":"SUSE Linux Micro 6.1:netavark"},"product_reference":"netavark","relates_to_product_reference":"SUSE Linux Micro 6.1"},{"category":"default_component_of","full_product_name":{"name":"netavark as component of openSUSE Leap 15.6","product_id":"openSUSE Leap 15.6:netavark"},"product_reference":"netavark","relates_to_product_reference":"openSUSE Leap 15.6"}]},"vulnerabilities":[{"cve":"CVE-2025-8283","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2025-8283"}],"notes":[{"category":"general","text":"A vulnerability was found in the netavark package, a network stack for containers used with Podman. Due to dns.podman search domain being removed, netavark may return external servers if a valid A/AAAA record is sent as a response. When creating a container with a given name, this name will be used as the hostname for the container itself, as the podman's search domain is not added anymore the container is using the host's resolv.conf, and the DNS resolver will try to look into the search domains contained on it. If one of the domains contain a name with the same hostname as the running container, the connection will forward to unexpected external servers.","title":"CVE description"}],"product_status":{"known_not_affected":["SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:netavark","SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netavark","SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netavark","SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netavark","SUSE Linux Enterprise High Performance Computing 15 SP6:netavark","SUSE Linux Enterprise High Performance Computing 15 SP7:netavark","SUSE Linux Enterprise Micro 5.1:netavark","SUSE Linux Enterprise Micro 5.2:netavark","SUSE Linux Enterprise Micro 5.3:netavark","SUSE Linux Enterprise Micro 5.4:netavark","SUSE Linux Enterprise Micro 5.5:netavark","SUSE Linux Enterprise Module for Containers 15 SP6:netavark","SUSE Linux Enterprise Module for Containers 15 SP7:netavark","SUSE Linux Enterprise Server 15 SP3-LTSS:netavark","SUSE Linux Enterprise Server 15 SP4-LTSS:netavark","SUSE Linux Enterprise Server 15 SP5-LTSS:netavark","SUSE Linux Enterprise Server 15 SP6:netavark","SUSE Linux Enterprise Server 15 SP7:netavark","SUSE Linux Enterprise Server Teradata 15 SP4:netavark","SUSE Linux Enterprise Server for SAP Applications 15 SP3:netavark","SUSE Linux Enterprise Server for SAP Applications 15 SP4:netavark","SUSE Linux Enterprise Server for SAP Applications 15 SP5:netavark","SUSE Linux Enterprise Server for SAP Applications 15 SP6:netavark","SUSE Linux Enterprise Server for SAP Applications 15 SP7:netavark","SUSE Linux Micro 6.0:netavark","SUSE Linux Micro 6.1:netavark","openSUSE Leap 15.6:netavark"]},"references":[{"category":"external","summary":"CVE-2025-8283","url":"https://www.suse.com/security/cve/CVE-2025-8283"},{"category":"external","summary":"SUSE Security Ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"external","summary":"SUSE Bug 1247319 for CVE-2025-8283","url":"https://bugzilla.suse.com/1247319"}],"threats":[{"category":"impact","date":"2025-07-28T20:00:29Z","details":"low"}],"title":"CVE-2025-8283"}]}