OPENSUSE-SU-2026:20305-1
Vulnerability Summary
Timeline
Description
Security update for podman This update for podman fixes the following issues: Changes in podman: - Add symlink to catatonit in /usr/libexec/podman (bsc#1248988) - CVE-2025-47914: Fixed golang.org/x/crypto/ssh/agent: non validated message size can cause a panic due to an out of bounds read (bsc#1253993) - CVE-2025-47913: Fixed golang.org/x/crypto/ssh/agent: client process termination when receiving an unexpected message type in response to a key listing or signing request (bsc#1253542): - CVE-2025-31133,CVE-2025-52565,CVE-2025-52881: Fixed runc: Container breakouts by bypassing runc's restrictions for writing to arbitrary /proc files (bsc#1252376): - CVE-2025-9566: Fixed that podman kube play command may overwrite host files (bsc#1249154):
Affected Systems
- opensuse•podman&distro=openSUSE Leap 16.0
< 5.4.2-160000.4.1
References (13)
- https://bugzilla.suse.com/1248988
- https://bugzilla.suse.com/1249154
- https://bugzilla.suse.com/1252376
- https://bugzilla.suse.com/1253542
- https://bugzilla.suse.com/1253993
- https://www.suse.com/security/cve/CVE-2025-22869
- https://www.suse.com/security/cve/CVE-2025-31133
- https://www.suse.com/security/cve/CVE-2025-47913
- https://www.suse.com/security/cve/CVE-2025-47914
- https://www.suse.com/security/cve/CVE-2025-52565
- https://www.suse.com/security/cve/CVE-2025-52881
- https://www.suse.com/security/cve/CVE-2025-6032
- https://www.suse.com/security/cve/CVE-2025-9566