Aardvark-dns, the DNS server in Podman’s networking stack, crashes into an infinite error loop consuming 100% CPU when hit with a truncated TCP DNS query followed by a connection reset. Attackers can trigger this remotely with basic packet crafting tools, turning it into a denial-of-service vector against Podman hosts.
This flaw stems from netavark’s poor error handling for malformed TCP packets, as flagged in a recent security advisory. Podman users on Fedora, RHEL, and other distros relying on container-native networking face exposure. The patch landed in aardvark-dns commit 3b49ea7, credited to @dkane01. No workarounds exist, so update immediately if you’re running affected versions.
Breaking Down the Components
Podman, Red Hat’s daemonless container engine, uses netavark as its CNI-compatible network backend since version 4.0. Netavark handles virtual networks, IP allocation, and traffic routing for containers. Aardvark-dns pairs with it to resolve container names to IPs over TCP/UDP port 53, enabling seamless service discovery without external DNS servers.
These tools replaced the older slirp4netns and dnsmasq setup, aiming for better performance and security. But this incident exposes a classic software weakness: inadequate bounds checking in network code. Aardvark-dns expects well-formed TCP DNS messages. When fed a short payload—say, fewer bytes than a valid query header—followed by a RST flag, its parsing loop spins endlessly logging errors.
Real-world context: Podman powers enterprise container deployments, with millions of installs across Linux distros. Fedora 38+ and RHEL 9 ship it by default. Exposed services like aardvark-dns listen on host interfaces, making them ripe for internet scans and exploits.
How the Attack Unfolds
Step one: Attacker crafts a TCP SYN to aardvark-dns’s port 53. Server responds with SYN-ACK. Attacker sends a minimal payload, truncated before the DNS query length field completes—perhaps just 1-2 bytes past the transaction ID.
Server attempts to read the full query length (up to 65535 bytes for TCP DNS). It times out or reads partial data, then the attacker blasts a RST packet. Aardvark-dns hits an error path that doesn’t clean up properly, entering a retry loop. CPU pegs at 100%, and the process becomes unresponsive. One such packet suffices; scripts can automate floods.
Tools like Scapy or hping3 make this trivial. Public PoCs likely emerge soon, given the advisory’s visibility on GitHub. CVEs aren’t assigned yet, but expect one—similar to past container net vulns like CVE-2023-28464 in runc.
Skepticism check: Is this catastrophic? Not zero-day ransomware, but effective DoS. Container hosts often run critical workloads; spiking a node’s CPU disrupts clusters. In multi-tenant setups, one noisy container can starve others. Podman’s rootless mode mitigates some risks, but rootful deploys amplify impact.
Implications and Why Update Now
This matters because container adoption surges—Gartner pegs 95% of new apps containerized by 2025. Podman gains traction as Docker’s lightweight alternative, especially post-Oracle’s Docker Desktop pricing fiasco. Weak spots in its networking layer undermine that momentum.
Broadly, it signals ongoing challenges in userspace networking stacks. Netavark/aardvark-dns ditched dnsmasq to avoid its bloat and vulns (dnsmasq had 20+ CVEs last decade). Yet, rewriting doesn’t erase bad input handling. Developers fixed it by clamping read sizes and improving RST detection—simple, but it took a report to surface.
Scan your estate: Podman < 5.x likely vulnerable; check podman info for netavark/aardvark-dns versions. Update via dnf/yum:
$ sudo dnf update podman netavark aardvark-dns Rebuild networks post-patch: podman network reload.
Forward risk: Attackers probe container ports routinely (Shodan shows 100k+ open Podman DNS). Combine with other flaws—like recent Podman image pull vulns—and you get persistent DoS chains. Fair props to containers.org for quick patching; they average <30 days on fixes. But operators, firewall port 53 TCP/UDP externally. Segment container nets from the wild internet.
Bottom line: Patch today. This isn’t hype—it’s a concrete reminder that even “secure” container tools leak under malformed traffic. Stay vigilant; container security evolves slower than deployment speed.
