Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
  • Products

    Top Products

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Products

    Downloads and Containers

    • Downloads
    • Packages
    • Containers

    Top Resources

    • Documentation
    • Product Life Cycles
    • Product Compliance
    • Errata
  • Knowledge

    Red Hat Knowledge Center

    • Knowledgebase Solutions
    • Knowledgebase Articles
    • Customer Portal Labs
    • Errata

    Top Product Docs

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Product Docs

    Training and Certification

    • About
    • Course Index
    • Certification Index
    • Skill Assessment
  • Security

    Red Hat Product Security Center

    • Security Updates
    • Security Advisories
    • Red Hat CVE Database
    • Errata

    References

    • Security Bulletins
    • Severity Ratings
    • Security Data

    Top Resources

    • Security Labs
    • Backporting Policies
    • Security Blog
  • Support

    Red Hat Support

    • Support Cases
    • Troubleshoot
    • Get Support
    • Contact Red Hat Support

    Red Hat Community Support

    • Customer Portal Community
    • Community Discussions
    • Red Hat Accelerator Program

    Top Resources

    • Product Life Cycles
    • Customer Portal Labs
    • Red Hat JBoss Supported Configurations
    • Red Hat Lightspeed
Or troubleshoot an issue.

Select Your Language

  • English
  • Français
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Lightspeed
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift
  • Red Hat OpenShift AI
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat build of Keycloak
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Application Foundations
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
All Products
Red Hat Product Errata RHSA-2026:29703 - Security Advisory
Issued:
2026-06-25
Updated:
2026-06-25

RHSA-2026:29703 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: containernetworking-plugins security update

Type/Severity

Security Advisory: Important

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for containernetworking-plugins is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The Container Network Interface (CNI) project consists of a specification and libraries for writing plug-ins for configuring network interfaces in Linux containers, along with a number of supported plug-ins. CNI concerns itself only with network connectivity of containers and removing allocated resources when the container is deleted.

Security Fix(es):

  • net/url: Incorrect parsing of IPv6 host literals in net/url (CVE-2026-25679)
  • crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation (CVE-2026-32281)
  • crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages (CVE-2026-32283)
  • crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building (CVE-2026-32280)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux for x86_64 9 x86_64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.8 x86_64
  • Red Hat Enterprise Linux for IBM z Systems 9 s390x
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.8 s390x
  • Red Hat Enterprise Linux for Power, little endian 9 ppc64le
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.8 ppc64le
  • Red Hat Enterprise Linux for ARM 64 9 aarch64
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.8 aarch64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.8 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.8 x86_64
  • Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.8 aarch64
  • Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.8 s390x
  • Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.8 x86_64
  • Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.8 aarch64
  • Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.8 ppc64le
  • Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.8 s390x

Fixes

  • BZ - 2445356 - CVE-2026-25679 net/url: Incorrect parsing of IPv6 host literals in net/url
  • BZ - 2456333 - CVE-2026-32281 crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation
  • BZ - 2456338 - CVE-2026-32283 crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages
  • BZ - 2456339 - CVE-2026-32280 crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building

CVEs

  • CVE-2026-25679
  • CVE-2026-32280
  • CVE-2026-32281
  • CVE-2026-32283

References

  • https://access.redhat.com/security/updates/classification/#important
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux for x86_64 9

SRPM
containernetworking-plugins-1.9.0-3.el9_8.src.rpm SHA-256: 4b94cf1db3a057828e0bf2e3fbcc44049452b2a4ca2f4a9c5d9a44bb8667dab7
x86_64
containernetworking-plugins-1.9.0-3.el9_8.x86_64.rpm SHA-256: 6d114a082c8cb9152a4f3353b8eb2fd501c62118b991c31cbe6ec3ca93a6f9ea
containernetworking-plugins-debuginfo-1.9.0-3.el9_8.x86_64.rpm SHA-256: 72367463525d5ef7654b98c90b6c11def7a86b5f19ca1092dde26078a9977856
containernetworking-plugins-debugsource-1.9.0-3.el9_8.x86_64.rpm SHA-256: ebc28a61454a618274256d9f674255c435add842de4ed836ea908a69051f12c3

Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.8

SRPM
containernetworking-plugins-1.9.0-3.el9_8.src.rpm SHA-256: 4b94cf1db3a057828e0bf2e3fbcc44049452b2a4ca2f4a9c5d9a44bb8667dab7
x86_64
containernetworking-plugins-1.9.0-3.el9_8.x86_64.rpm SHA-256: 6d114a082c8cb9152a4f3353b8eb2fd501c62118b991c31cbe6ec3ca93a6f9ea
containernetworking-plugins-debuginfo-1.9.0-3.el9_8.x86_64.rpm SHA-256: 72367463525d5ef7654b98c90b6c11def7a86b5f19ca1092dde26078a9977856
containernetworking-plugins-debugsource-1.9.0-3.el9_8.x86_64.rpm SHA-256: ebc28a61454a618274256d9f674255c435add842de4ed836ea908a69051f12c3

Red Hat Enterprise Linux for IBM z Systems 9

SRPM
containernetworking-plugins-1.9.0-3.el9_8.src.rpm SHA-256: 4b94cf1db3a057828e0bf2e3fbcc44049452b2a4ca2f4a9c5d9a44bb8667dab7
s390x
containernetworking-plugins-1.9.0-3.el9_8.s390x.rpm SHA-256: 556fe920ce6a3006bb3258f200e803a5651947ea395e9679457d7ad29a2d3b39
containernetworking-plugins-debuginfo-1.9.0-3.el9_8.s390x.rpm SHA-256: a7c0ddd155046fd5e8a696dcae2804b0d77046d7a3c642f542effeabbae985f9
containernetworking-plugins-debugsource-1.9.0-3.el9_8.s390x.rpm SHA-256: 35b00fbe9e5968866370eaec6c2bb6ab0cebe17c154ee0e551305a40a8421f8a

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.8

SRPM
containernetworking-plugins-1.9.0-3.el9_8.src.rpm SHA-256: 4b94cf1db3a057828e0bf2e3fbcc44049452b2a4ca2f4a9c5d9a44bb8667dab7
s390x
containernetworking-plugins-1.9.0-3.el9_8.s390x.rpm SHA-256: 556fe920ce6a3006bb3258f200e803a5651947ea395e9679457d7ad29a2d3b39
containernetworking-plugins-debuginfo-1.9.0-3.el9_8.s390x.rpm SHA-256: a7c0ddd155046fd5e8a696dcae2804b0d77046d7a3c642f542effeabbae985f9
containernetworking-plugins-debugsource-1.9.0-3.el9_8.s390x.rpm SHA-256: 35b00fbe9e5968866370eaec6c2bb6ab0cebe17c154ee0e551305a40a8421f8a

Red Hat Enterprise Linux for Power, little endian 9

SRPM
containernetworking-plugins-1.9.0-3.el9_8.src.rpm SHA-256: 4b94cf1db3a057828e0bf2e3fbcc44049452b2a4ca2f4a9c5d9a44bb8667dab7
ppc64le
containernetworking-plugins-1.9.0-3.el9_8.ppc64le.rpm SHA-256: 33b29f04b29a2b12471127c24a4f73131bfb7baeed9229e29187f1944bb424a4
containernetworking-plugins-debuginfo-1.9.0-3.el9_8.ppc64le.rpm SHA-256: b9057cdae7055f0c0edf6677a1a86fee91a04ac2c99a3fed744c078bdde108de
containernetworking-plugins-debugsource-1.9.0-3.el9_8.ppc64le.rpm SHA-256: c03279f36a21cc7b2eaf124f2ecfb871745fd18cc0aa12108032f498ee10135f

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.8

SRPM
containernetworking-plugins-1.9.0-3.el9_8.src.rpm SHA-256: 4b94cf1db3a057828e0bf2e3fbcc44049452b2a4ca2f4a9c5d9a44bb8667dab7
ppc64le
containernetworking-plugins-1.9.0-3.el9_8.ppc64le.rpm SHA-256: 33b29f04b29a2b12471127c24a4f73131bfb7baeed9229e29187f1944bb424a4
containernetworking-plugins-debuginfo-1.9.0-3.el9_8.ppc64le.rpm SHA-256: b9057cdae7055f0c0edf6677a1a86fee91a04ac2c99a3fed744c078bdde108de
containernetworking-plugins-debugsource-1.9.0-3.el9_8.ppc64le.rpm SHA-256: c03279f36a21cc7b2eaf124f2ecfb871745fd18cc0aa12108032f498ee10135f

Red Hat Enterprise Linux for ARM 64 9

SRPM
containernetworking-plugins-1.9.0-3.el9_8.src.rpm SHA-256: 4b94cf1db3a057828e0bf2e3fbcc44049452b2a4ca2f4a9c5d9a44bb8667dab7
aarch64
containernetworking-plugins-1.9.0-3.el9_8.aarch64.rpm SHA-256: 85525c74a38b9275cbdec41c6dec8f6b86390e1a2951829d66c004e89352f0ee
containernetworking-plugins-debuginfo-1.9.0-3.el9_8.aarch64.rpm SHA-256: 020c2bee9da0c9fb8b25ea0f03cb356642eafb2a773fbba2ada0df50fc34a4d5
containernetworking-plugins-debugsource-1.9.0-3.el9_8.aarch64.rpm SHA-256: ad7c8d55480f0448ed0f4f5e6069fa10e58e16439b2dc57f9943a1c38e270fa3

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.8

SRPM
containernetworking-plugins-1.9.0-3.el9_8.src.rpm SHA-256: 4b94cf1db3a057828e0bf2e3fbcc44049452b2a4ca2f4a9c5d9a44bb8667dab7
aarch64
containernetworking-plugins-1.9.0-3.el9_8.aarch64.rpm SHA-256: 85525c74a38b9275cbdec41c6dec8f6b86390e1a2951829d66c004e89352f0ee
containernetworking-plugins-debuginfo-1.9.0-3.el9_8.aarch64.rpm SHA-256: 020c2bee9da0c9fb8b25ea0f03cb356642eafb2a773fbba2ada0df50fc34a4d5
containernetworking-plugins-debugsource-1.9.0-3.el9_8.aarch64.rpm SHA-256: ad7c8d55480f0448ed0f4f5e6069fa10e58e16439b2dc57f9943a1c38e270fa3

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.8

SRPM
containernetworking-plugins-1.9.0-3.el9_8.src.rpm SHA-256: 4b94cf1db3a057828e0bf2e3fbcc44049452b2a4ca2f4a9c5d9a44bb8667dab7
ppc64le
containernetworking-plugins-1.9.0-3.el9_8.ppc64le.rpm SHA-256: 33b29f04b29a2b12471127c24a4f73131bfb7baeed9229e29187f1944bb424a4
containernetworking-plugins-debuginfo-1.9.0-3.el9_8.ppc64le.rpm SHA-256: b9057cdae7055f0c0edf6677a1a86fee91a04ac2c99a3fed744c078bdde108de
containernetworking-plugins-debugsource-1.9.0-3.el9_8.ppc64le.rpm SHA-256: c03279f36a21cc7b2eaf124f2ecfb871745fd18cc0aa12108032f498ee10135f

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.8

SRPM
containernetworking-plugins-1.9.0-3.el9_8.src.rpm SHA-256: 4b94cf1db3a057828e0bf2e3fbcc44049452b2a4ca2f4a9c5d9a44bb8667dab7
x86_64
containernetworking-plugins-1.9.0-3.el9_8.x86_64.rpm SHA-256: 6d114a082c8cb9152a4f3353b8eb2fd501c62118b991c31cbe6ec3ca93a6f9ea
containernetworking-plugins-debuginfo-1.9.0-3.el9_8.x86_64.rpm SHA-256: 72367463525d5ef7654b98c90b6c11def7a86b5f19ca1092dde26078a9977856
containernetworking-plugins-debugsource-1.9.0-3.el9_8.x86_64.rpm SHA-256: ebc28a61454a618274256d9f674255c435add842de4ed836ea908a69051f12c3

Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.8

SRPM
containernetworking-plugins-1.9.0-3.el9_8.src.rpm SHA-256: 4b94cf1db3a057828e0bf2e3fbcc44049452b2a4ca2f4a9c5d9a44bb8667dab7
aarch64
containernetworking-plugins-1.9.0-3.el9_8.aarch64.rpm SHA-256: 85525c74a38b9275cbdec41c6dec8f6b86390e1a2951829d66c004e89352f0ee
containernetworking-plugins-debuginfo-1.9.0-3.el9_8.aarch64.rpm SHA-256: 020c2bee9da0c9fb8b25ea0f03cb356642eafb2a773fbba2ada0df50fc34a4d5
containernetworking-plugins-debugsource-1.9.0-3.el9_8.aarch64.rpm SHA-256: ad7c8d55480f0448ed0f4f5e6069fa10e58e16439b2dc57f9943a1c38e270fa3

Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.8

SRPM
containernetworking-plugins-1.9.0-3.el9_8.src.rpm SHA-256: 4b94cf1db3a057828e0bf2e3fbcc44049452b2a4ca2f4a9c5d9a44bb8667dab7
s390x
containernetworking-plugins-1.9.0-3.el9_8.s390x.rpm SHA-256: 556fe920ce6a3006bb3258f200e803a5651947ea395e9679457d7ad29a2d3b39
containernetworking-plugins-debuginfo-1.9.0-3.el9_8.s390x.rpm SHA-256: a7c0ddd155046fd5e8a696dcae2804b0d77046d7a3c642f542effeabbae985f9
containernetworking-plugins-debugsource-1.9.0-3.el9_8.s390x.rpm SHA-256: 35b00fbe9e5968866370eaec6c2bb6ab0cebe17c154ee0e551305a40a8421f8a

Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.8

SRPM
containernetworking-plugins-1.9.0-3.el9_8.src.rpm SHA-256: 4b94cf1db3a057828e0bf2e3fbcc44049452b2a4ca2f4a9c5d9a44bb8667dab7
x86_64
containernetworking-plugins-1.9.0-3.el9_8.x86_64.rpm SHA-256: 6d114a082c8cb9152a4f3353b8eb2fd501c62118b991c31cbe6ec3ca93a6f9ea
containernetworking-plugins-debuginfo-1.9.0-3.el9_8.x86_64.rpm SHA-256: 72367463525d5ef7654b98c90b6c11def7a86b5f19ca1092dde26078a9977856
containernetworking-plugins-debugsource-1.9.0-3.el9_8.x86_64.rpm SHA-256: ebc28a61454a618274256d9f674255c435add842de4ed836ea908a69051f12c3

Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.8

SRPM
containernetworking-plugins-1.9.0-3.el9_8.src.rpm SHA-256: 4b94cf1db3a057828e0bf2e3fbcc44049452b2a4ca2f4a9c5d9a44bb8667dab7
aarch64
containernetworking-plugins-1.9.0-3.el9_8.aarch64.rpm SHA-256: 85525c74a38b9275cbdec41c6dec8f6b86390e1a2951829d66c004e89352f0ee
containernetworking-plugins-debuginfo-1.9.0-3.el9_8.aarch64.rpm SHA-256: 020c2bee9da0c9fb8b25ea0f03cb356642eafb2a773fbba2ada0df50fc34a4d5
containernetworking-plugins-debugsource-1.9.0-3.el9_8.aarch64.rpm SHA-256: ad7c8d55480f0448ed0f4f5e6069fa10e58e16439b2dc57f9943a1c38e270fa3

Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.8

SRPM
containernetworking-plugins-1.9.0-3.el9_8.src.rpm SHA-256: 4b94cf1db3a057828e0bf2e3fbcc44049452b2a4ca2f4a9c5d9a44bb8667dab7
ppc64le
containernetworking-plugins-1.9.0-3.el9_8.ppc64le.rpm SHA-256: 33b29f04b29a2b12471127c24a4f73131bfb7baeed9229e29187f1944bb424a4
containernetworking-plugins-debuginfo-1.9.0-3.el9_8.ppc64le.rpm SHA-256: b9057cdae7055f0c0edf6677a1a86fee91a04ac2c99a3fed744c078bdde108de
containernetworking-plugins-debugsource-1.9.0-3.el9_8.ppc64le.rpm SHA-256: c03279f36a21cc7b2eaf124f2ecfb871745fd18cc0aa12108032f498ee10135f

Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.8

SRPM
containernetworking-plugins-1.9.0-3.el9_8.src.rpm SHA-256: 4b94cf1db3a057828e0bf2e3fbcc44049452b2a4ca2f4a9c5d9a44bb8667dab7
s390x
containernetworking-plugins-1.9.0-3.el9_8.s390x.rpm SHA-256: 556fe920ce6a3006bb3258f200e803a5651947ea395e9679457d7ad29a2d3b39
containernetworking-plugins-debuginfo-1.9.0-3.el9_8.s390x.rpm SHA-256: a7c0ddd155046fd5e8a696dcae2804b0d77046d7a3c642f542effeabbae985f9
containernetworking-plugins-debugsource-1.9.0-3.el9_8.s390x.rpm SHA-256: 35b00fbe9e5968866370eaec6c2bb6ab0cebe17c154ee0e551305a40a8421f8a

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat LinkedIn YouTube Facebook X, formerly Twitter

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

Red Hat legal and privacy links

  • About Red Hat
  • Jobs
  • Events
  • Locations
  • Contact Red Hat
  • Red Hat Blog
  • Inclusion at Red Hat
  • Cool Stuff Store
  • Red Hat Summit
© 2026 Red Hat

Red Hat legal and privacy links

  • Privacy statement
  • Terms of use
  • All policies and guidelines
  • Digital accessibility