SUSE-SU-2026:20641-1

See a problem?
Please try reporting it to the source first.
Source
https://www.suse.com/support/update/announcement/2026/suse-su-202620641-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2026:20641-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2026:20641-1
Upstream
Related
Published
2026-03-03T16:04:58Z
Modified
2026-03-23T04:53:05.826535Z
Summary
Security update for podman
Details

This update for podman fixes the following issues:

Changes in podman:

  • Add symlink to catatonit in /usr/libexec/podman (bsc#1248988)

  • CVE-2025-47914: Fixed golang.org/x/crypto/ssh/agent: non validated message size can cause a panic due to an out of bounds read (bsc#1253993)

  • CVE-2025-47913: Fixed golang.org/x/crypto/ssh/agent: client process termination when receiving an unexpected message type in response to a key listing or signing request (bsc#1253542):

  • CVE-2025-31133,CVE-2025-52565,CVE-2025-52881: Fixed runc: Container breakouts by bypassing runc's restrictions for writing to arbitrary /proc files (bsc#1252376):

  • CVE-2025-9566: Fixed that podman kube play command may overwrite host files (bsc#1249154):
References

Affected packages

SUSE:Linux Micro 6.2 / podman

Package

Name
podman
Purl
pkg:rpm/suse/podman&distro=SUSE%20Linux%20Micro%206.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.4.2-160000.4.1

Ecosystem specific 

{
    "binaries": [
        {
            "podmansh": "5.4.2-160000.4.1",
            "podman-remote": "5.4.2-160000.4.1",
            "podman": "5.4.2-160000.4.1",
            "podman-docker": "5.4.2-160000.4.1"
        }
    ]
}

Database specific

source 
"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2026:20641-1.json"