Name of the Vulnerable Software and Affected Versions:

netavark (affected versions not specified)

Description:

A vulnerability exists in the netavark package, a network stack for containers used with Podman. Due to the removal of the dns.podman search domain, netavark may return external servers if a valid A/AAAA record is sent as a response. When creating a container with a given name, this name is used as the hostname for the container. Because the Podman search domain is no longer added, the container uses the host's resolv.conf, and the DNS resolver searches the domains contained within it. If one of these domains contains a name matching the running container's hostname, the connection may be forwarded to unexpected external servers.

Recommendations:

At the moment, there is no information about a newer version that contains a fix for this vulnerability.