Red Hat Product Errata RHSA-2026:4533 - Security Advisory
Issued:
2026-03-12
Updated:
2026-03-12

RHSA-2026:4533 - Security Advisory

Synopsis

Important: podman security update

Type/Severity

Security Advisory: Important

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for podman is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes.

Security Fix(es):

  • runc: container escape and denial of service due to arbitrary write gadgets and procfs write redirects (CVE-2025-52881)
  • golang: archive/tar: Unbounded allocation when parsing GNU sparse map (CVE-2025-58183)
  • github.com/sirupsen/logrus: github.com/sirupsen/logrus: Denial-of-Service due to large single-line payload (CVE-2025-65637)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux Server - AUS 9.2 x86_64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.2 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.2 x86_64
  • Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.2 aarch64
  • Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.2 s390x
  • Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.2 x86_64
  • Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.2 aarch64
  • Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.2 ppc64le
  • Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.2 s390x

Fixes

  • BZ - 2404715 - CVE-2025-52881 runc: opencontainers/selinux: container escape and denial of service due to arbitrary write gadgets and procfs write redirects
  • BZ - 2407258 - CVE-2025-58183 golang: archive/tar: Unbounded allocation when parsing GNU sparse map
  • BZ - 2418900 - CVE-2025-65637 github.com/sirupsen/logrus: github.com/sirupsen/logrus: Denial-of-Service due to large single-line payload

Red Hat Enterprise Linux Server - AUS 9.2

SRPM
podman-4.4.1-22.el9_2.5.src.rpm SHA-256: 67dd8e2844343645f69ed0285fc610e96c723ade9c075950014958acc1dc90e5
x86_64
podman-4.4.1-22.el9_2.5.x86_64.rpm SHA-256: 55155359eb17baebd875b7055fa78bc0b472b6d28fdd13686b2af0b786fe7567
podman-debuginfo-4.4.1-22.el9_2.5.x86_64.rpm SHA-256: 4cbcbb38adcc011a8f439d70b22de60532bb6c8a015cb868a52f3cff85e63145
podman-debugsource-4.4.1-22.el9_2.5.x86_64.rpm SHA-256: 99319568060084f3cfadae2f0cd28e4ffd6252300e01e2bc2681d462a1e20ec4
podman-docker-4.4.1-22.el9_2.5.noarch.rpm SHA-256: 9bb6b50222af8fef655a019a958a595e62df2bab18b7bff249561d00c1a35952
podman-gvproxy-4.4.1-22.el9_2.5.x86_64.rpm SHA-256: cbea2432d7e3897119cbe004411d2d48624e4682ae82397dfc2f6d4cadda6e0e
podman-gvproxy-debuginfo-4.4.1-22.el9_2.5.x86_64.rpm SHA-256: c087eee3d454200ac3f86b4b3deb36d6571cbf3989f4073c470829d892a5327e
podman-plugins-4.4.1-22.el9_2.5.x86_64.rpm SHA-256: 75a187259fb52c5b40eafa93d4db112f4a195900f96b2ee04d8bfbe54e45c176
podman-plugins-debuginfo-4.4.1-22.el9_2.5.x86_64.rpm SHA-256: 8d6a3e62d942b31d0d7e4a5bed71d989b83a86c49a2ee2570817bcab1efc258d
podman-remote-4.4.1-22.el9_2.5.x86_64.rpm SHA-256: d91a74f1c754732472c7ed8f065350ce10af63acfafb477a430ee94d25cdfb5a
podman-remote-debuginfo-4.4.1-22.el9_2.5.x86_64.rpm SHA-256: e76bc5e5f7aca46c6ba87e247c5962d150d8c79ff476b3faa3eeb1cb8a70cc07
podman-tests-4.4.1-22.el9_2.5.x86_64.rpm SHA-256: a34e3b2ada1171a3fb2f30a693b5ddf02f395896f3c0f166e07939b3228db771

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.2

SRPM
podman-4.4.1-22.el9_2.5.src.rpm SHA-256: 67dd8e2844343645f69ed0285fc610e96c723ade9c075950014958acc1dc90e5
ppc64le
podman-4.4.1-22.el9_2.5.ppc64le.rpm SHA-256: ea24f729ab8cc2b826b428dec23ac7d72fc564411b27c4d01508a8577a557ae4
podman-debuginfo-4.4.1-22.el9_2.5.ppc64le.rpm SHA-256: 6953bd6754ead68076f0f67db9dbb9230334975b96047046ad0c4500a7dc4c0d
podman-debugsource-4.4.1-22.el9_2.5.ppc64le.rpm SHA-256: 6c5db478e6ef734cfc6241fe916bc807e5026b211cf0f5073bfea2dd21168e77
podman-docker-4.4.1-22.el9_2.5.noarch.rpm SHA-256: 9bb6b50222af8fef655a019a958a595e62df2bab18b7bff249561d00c1a35952
podman-gvproxy-4.4.1-22.el9_2.5.ppc64le.rpm SHA-256: 236d029aaabb10716956639182093d6250f0fef3ef36c69e417f59743acc57a2
podman-gvproxy-debuginfo-4.4.1-22.el9_2.5.ppc64le.rpm SHA-256: 70a8fee289e6870c60f829a0e601e005d69369c86952f2335c884489aa738075
podman-plugins-4.4.1-22.el9_2.5.ppc64le.rpm SHA-256: 2f1690d5b64cfe4d049fc3e6b5bc48dfce8e9565f11823945ba1426ae7f4be38
podman-plugins-debuginfo-4.4.1-22.el9_2.5.ppc64le.rpm SHA-256: 52c27ee647b1da6b122744e75ec3f58c792fbfb4bcc9897f1f87375194a568a2
podman-remote-4.4.1-22.el9_2.5.ppc64le.rpm SHA-256: a474d2850ae5d8bd5b659f98ff6f0bb208954a610e49c84f7073639fd84df6dd
podman-remote-debuginfo-4.4.1-22.el9_2.5.ppc64le.rpm SHA-256: 8cf2093f8ee4209e29b2004660720ba4e6fd7e0ef4ace24def12a96bc1afca6f
podman-tests-4.4.1-22.el9_2.5.ppc64le.rpm SHA-256: 9a69570f89f1249e6c96e1abdfdd9615229c967521d6ad68965be6edae5661f7

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.2

SRPM
podman-4.4.1-22.el9_2.5.src.rpm SHA-256: 67dd8e2844343645f69ed0285fc610e96c723ade9c075950014958acc1dc90e5
x86_64
podman-4.4.1-22.el9_2.5.x86_64.rpm SHA-256: 55155359eb17baebd875b7055fa78bc0b472b6d28fdd13686b2af0b786fe7567
podman-debuginfo-4.4.1-22.el9_2.5.x86_64.rpm SHA-256: 4cbcbb38adcc011a8f439d70b22de60532bb6c8a015cb868a52f3cff85e63145
podman-debugsource-4.4.1-22.el9_2.5.x86_64.rpm SHA-256: 99319568060084f3cfadae2f0cd28e4ffd6252300e01e2bc2681d462a1e20ec4
podman-docker-4.4.1-22.el9_2.5.noarch.rpm SHA-256: 9bb6b50222af8fef655a019a958a595e62df2bab18b7bff249561d00c1a35952
podman-gvproxy-4.4.1-22.el9_2.5.x86_64.rpm SHA-256: cbea2432d7e3897119cbe004411d2d48624e4682ae82397dfc2f6d4cadda6e0e
podman-gvproxy-debuginfo-4.4.1-22.el9_2.5.x86_64.rpm SHA-256: c087eee3d454200ac3f86b4b3deb36d6571cbf3989f4073c470829d892a5327e
podman-plugins-4.4.1-22.el9_2.5.x86_64.rpm SHA-256: 75a187259fb52c5b40eafa93d4db112f4a195900f96b2ee04d8bfbe54e45c176
podman-plugins-debuginfo-4.4.1-22.el9_2.5.x86_64.rpm SHA-256: 8d6a3e62d942b31d0d7e4a5bed71d989b83a86c49a2ee2570817bcab1efc258d
podman-remote-4.4.1-22.el9_2.5.x86_64.rpm SHA-256: d91a74f1c754732472c7ed8f065350ce10af63acfafb477a430ee94d25cdfb5a
podman-remote-debuginfo-4.4.1-22.el9_2.5.x86_64.rpm SHA-256: e76bc5e5f7aca46c6ba87e247c5962d150d8c79ff476b3faa3eeb1cb8a70cc07
podman-tests-4.4.1-22.el9_2.5.x86_64.rpm SHA-256: a34e3b2ada1171a3fb2f30a693b5ddf02f395896f3c0f166e07939b3228db771

Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.2

SRPM
podman-4.4.1-22.el9_2.5.src.rpm SHA-256: 67dd8e2844343645f69ed0285fc610e96c723ade9c075950014958acc1dc90e5
aarch64
podman-4.4.1-22.el9_2.5.aarch64.rpm SHA-256: 943cfd62d9dc49bb05b4f996f9581132367844910ffa74d02d18ec0ffc661531
podman-debuginfo-4.4.1-22.el9_2.5.aarch64.rpm SHA-256: ef6b519cda5c20724f460e1591979fd2ae1b6514221fb7ecaf02bf9e9d951f10
podman-debugsource-4.4.1-22.el9_2.5.aarch64.rpm SHA-256: 57daaae302f6933cf0cfd8656a23bf574749fea9e0b551df7937c56fafc048b0
podman-docker-4.4.1-22.el9_2.5.noarch.rpm SHA-256: 9bb6b50222af8fef655a019a958a595e62df2bab18b7bff249561d00c1a35952
podman-gvproxy-4.4.1-22.el9_2.5.aarch64.rpm SHA-256: 206ce8c11f1cf970220bb7c15a94457691ff9c0ef03fd6b9c1bcea2827425751
podman-gvproxy-debuginfo-4.4.1-22.el9_2.5.aarch64.rpm SHA-256: ffb9be6850d17d9220536aeb0bdc8eeb525dbae148a0836d7ea3c8db57ae3baf
podman-plugins-4.4.1-22.el9_2.5.aarch64.rpm SHA-256: 40fb97f459993f45a1ae09c1268918ee2c64c7e44a4f6561e37086e734d0c972
podman-plugins-debuginfo-4.4.1-22.el9_2.5.aarch64.rpm SHA-256: 2e0aaa6767b0be4a0fce39ed081e19b0d2f5f25a2a4b75049586ca7b21eb77a6
podman-remote-4.4.1-22.el9_2.5.aarch64.rpm SHA-256: 0f71b56e50a8bd8ddb892ce5da321ff0eba3da287ffa108f724cf802e20647e2
podman-remote-debuginfo-4.4.1-22.el9_2.5.aarch64.rpm SHA-256: 3f0ec500d7d254440d7eaa90cbd01b472fc46c0d063a5bd176e95cabd30cb4e7
podman-tests-4.4.1-22.el9_2.5.aarch64.rpm SHA-256: 905e1df61f097413eb8519e52344a033eb5eba10e09c6821162d72c034b05162

Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.2

SRPM
podman-4.4.1-22.el9_2.5.src.rpm SHA-256: 67dd8e2844343645f69ed0285fc610e96c723ade9c075950014958acc1dc90e5
s390x
podman-4.4.1-22.el9_2.5.s390x.rpm SHA-256: 192fc610444d79ffa5ab9a5210a5b6d21cd1641babbb9b906391a733e634f727
podman-debuginfo-4.4.1-22.el9_2.5.s390x.rpm SHA-256: 393b3f8af5165882a84a08629899f9a916f7571d3068640cd7f5821b66ce1e54
podman-debugsource-4.4.1-22.el9_2.5.s390x.rpm SHA-256: b28a83389e5d798d397cdd9e15df9aa0b218aaef0dd4e8a1b5208c9398da03e1
podman-docker-4.4.1-22.el9_2.5.noarch.rpm SHA-256: 9bb6b50222af8fef655a019a958a595e62df2bab18b7bff249561d00c1a35952
podman-gvproxy-4.4.1-22.el9_2.5.s390x.rpm SHA-256: cbed0daf153b6df874c904d66ed3e20aaa7c1711dda34ee24881d3fa6b1dbc14
podman-gvproxy-debuginfo-4.4.1-22.el9_2.5.s390x.rpm SHA-256: 91db0308bfd6fab5324565cea04576056bef61ed7f6b15aa96fb315c2a5124f0
podman-plugins-4.4.1-22.el9_2.5.s390x.rpm SHA-256: 34386cb86ad79ebab643ee71fa2ac27bde53936270824833d78773bf5b07487c
podman-plugins-debuginfo-4.4.1-22.el9_2.5.s390x.rpm SHA-256: 3c5e902d8a8f655fad0dd5faa61cefa7b116bac6880fb03db15d27972a5bafac
podman-remote-4.4.1-22.el9_2.5.s390x.rpm SHA-256: aa224282dd268bf5e6a5b90ce91c0f584961b931318fefb4347caab5eec6fa57
podman-remote-debuginfo-4.4.1-22.el9_2.5.s390x.rpm SHA-256: 70c699d59c1d388ef5c6a57104b26e285a91ebec9baef30633ab458b0b846eb3
podman-tests-4.4.1-22.el9_2.5.s390x.rpm SHA-256: e3a5569745c619c4314a9258a6a6b44a5fa76279702eaf470f6da691a481721b

Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.2

SRPM
podman-4.4.1-22.el9_2.5.src.rpm SHA-256: 67dd8e2844343645f69ed0285fc610e96c723ade9c075950014958acc1dc90e5
x86_64
podman-4.4.1-22.el9_2.5.x86_64.rpm SHA-256: 55155359eb17baebd875b7055fa78bc0b472b6d28fdd13686b2af0b786fe7567
podman-debuginfo-4.4.1-22.el9_2.5.x86_64.rpm SHA-256: 4cbcbb38adcc011a8f439d70b22de60532bb6c8a015cb868a52f3cff85e63145
podman-debugsource-4.4.1-22.el9_2.5.x86_64.rpm SHA-256: 99319568060084f3cfadae2f0cd28e4ffd6252300e01e2bc2681d462a1e20ec4
podman-docker-4.4.1-22.el9_2.5.noarch.rpm SHA-256: 9bb6b50222af8fef655a019a958a595e62df2bab18b7bff249561d00c1a35952
podman-gvproxy-4.4.1-22.el9_2.5.x86_64.rpm SHA-256: cbea2432d7e3897119cbe004411d2d48624e4682ae82397dfc2f6d4cadda6e0e
podman-gvproxy-debuginfo-4.4.1-22.el9_2.5.x86_64.rpm SHA-256: c087eee3d454200ac3f86b4b3deb36d6571cbf3989f4073c470829d892a5327e
podman-plugins-4.4.1-22.el9_2.5.x86_64.rpm SHA-256: 75a187259fb52c5b40eafa93d4db112f4a195900f96b2ee04d8bfbe54e45c176
podman-plugins-debuginfo-4.4.1-22.el9_2.5.x86_64.rpm SHA-256: 8d6a3e62d942b31d0d7e4a5bed71d989b83a86c49a2ee2570817bcab1efc258d
podman-remote-4.4.1-22.el9_2.5.x86_64.rpm SHA-256: d91a74f1c754732472c7ed8f065350ce10af63acfafb477a430ee94d25cdfb5a
podman-remote-debuginfo-4.4.1-22.el9_2.5.x86_64.rpm SHA-256: e76bc5e5f7aca46c6ba87e247c5962d150d8c79ff476b3faa3eeb1cb8a70cc07
podman-tests-4.4.1-22.el9_2.5.x86_64.rpm SHA-256: a34e3b2ada1171a3fb2f30a693b5ddf02f395896f3c0f166e07939b3228db771

Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.2

SRPM
podman-4.4.1-22.el9_2.5.src.rpm SHA-256: 67dd8e2844343645f69ed0285fc610e96c723ade9c075950014958acc1dc90e5
aarch64
podman-4.4.1-22.el9_2.5.aarch64.rpm SHA-256: 943cfd62d9dc49bb05b4f996f9581132367844910ffa74d02d18ec0ffc661531
podman-debuginfo-4.4.1-22.el9_2.5.aarch64.rpm SHA-256: ef6b519cda5c20724f460e1591979fd2ae1b6514221fb7ecaf02bf9e9d951f10
podman-debugsource-4.4.1-22.el9_2.5.aarch64.rpm SHA-256: 57daaae302f6933cf0cfd8656a23bf574749fea9e0b551df7937c56fafc048b0
podman-docker-4.4.1-22.el9_2.5.noarch.rpm SHA-256: 9bb6b50222af8fef655a019a958a595e62df2bab18b7bff249561d00c1a35952
podman-gvproxy-4.4.1-22.el9_2.5.aarch64.rpm SHA-256: 206ce8c11f1cf970220bb7c15a94457691ff9c0ef03fd6b9c1bcea2827425751
podman-gvproxy-debuginfo-4.4.1-22.el9_2.5.aarch64.rpm SHA-256: ffb9be6850d17d9220536aeb0bdc8eeb525dbae148a0836d7ea3c8db57ae3baf
podman-plugins-4.4.1-22.el9_2.5.aarch64.rpm SHA-256: 40fb97f459993f45a1ae09c1268918ee2c64c7e44a4f6561e37086e734d0c972
podman-plugins-debuginfo-4.4.1-22.el9_2.5.aarch64.rpm SHA-256: 2e0aaa6767b0be4a0fce39ed081e19b0d2f5f25a2a4b75049586ca7b21eb77a6
podman-remote-4.4.1-22.el9_2.5.aarch64.rpm SHA-256: 0f71b56e50a8bd8ddb892ce5da321ff0eba3da287ffa108f724cf802e20647e2
podman-remote-debuginfo-4.4.1-22.el9_2.5.aarch64.rpm SHA-256: 3f0ec500d7d254440d7eaa90cbd01b472fc46c0d063a5bd176e95cabd30cb4e7
podman-tests-4.4.1-22.el9_2.5.aarch64.rpm SHA-256: 905e1df61f097413eb8519e52344a033eb5eba10e09c6821162d72c034b05162

Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.2

SRPM
podman-4.4.1-22.el9_2.5.src.rpm SHA-256: 67dd8e2844343645f69ed0285fc610e96c723ade9c075950014958acc1dc90e5
ppc64le
podman-4.4.1-22.el9_2.5.ppc64le.rpm SHA-256: ea24f729ab8cc2b826b428dec23ac7d72fc564411b27c4d01508a8577a557ae4
podman-debuginfo-4.4.1-22.el9_2.5.ppc64le.rpm SHA-256: 6953bd6754ead68076f0f67db9dbb9230334975b96047046ad0c4500a7dc4c0d
podman-debugsource-4.4.1-22.el9_2.5.ppc64le.rpm SHA-256: 6c5db478e6ef734cfc6241fe916bc807e5026b211cf0f5073bfea2dd21168e77
podman-docker-4.4.1-22.el9_2.5.noarch.rpm SHA-256: 9bb6b50222af8fef655a019a958a595e62df2bab18b7bff249561d00c1a35952
podman-gvproxy-4.4.1-22.el9_2.5.ppc64le.rpm SHA-256: 236d029aaabb10716956639182093d6250f0fef3ef36c69e417f59743acc57a2
podman-gvproxy-debuginfo-4.4.1-22.el9_2.5.ppc64le.rpm SHA-256: 70a8fee289e6870c60f829a0e601e005d69369c86952f2335c884489aa738075
podman-plugins-4.4.1-22.el9_2.5.ppc64le.rpm SHA-256: 2f1690d5b64cfe4d049fc3e6b5bc48dfce8e9565f11823945ba1426ae7f4be38
podman-plugins-debuginfo-4.4.1-22.el9_2.5.ppc64le.rpm SHA-256: 52c27ee647b1da6b122744e75ec3f58c792fbfb4bcc9897f1f87375194a568a2
podman-remote-4.4.1-22.el9_2.5.ppc64le.rpm SHA-256: a474d2850ae5d8bd5b659f98ff6f0bb208954a610e49c84f7073639fd84df6dd
podman-remote-debuginfo-4.4.1-22.el9_2.5.ppc64le.rpm SHA-256: 8cf2093f8ee4209e29b2004660720ba4e6fd7e0ef4ace24def12a96bc1afca6f
podman-tests-4.4.1-22.el9_2.5.ppc64le.rpm SHA-256: 9a69570f89f1249e6c96e1abdfdd9615229c967521d6ad68965be6edae5661f7

Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.2

SRPM
podman-4.4.1-22.el9_2.5.src.rpm SHA-256: 67dd8e2844343645f69ed0285fc610e96c723ade9c075950014958acc1dc90e5
s390x
podman-4.4.1-22.el9_2.5.s390x.rpm SHA-256: 192fc610444d79ffa5ab9a5210a5b6d21cd1641babbb9b906391a733e634f727
podman-debuginfo-4.4.1-22.el9_2.5.s390x.rpm SHA-256: 393b3f8af5165882a84a08629899f9a916f7571d3068640cd7f5821b66ce1e54
podman-debugsource-4.4.1-22.el9_2.5.s390x.rpm SHA-256: b28a83389e5d798d397cdd9e15df9aa0b218aaef0dd4e8a1b5208c9398da03e1
podman-docker-4.4.1-22.el9_2.5.noarch.rpm SHA-256: 9bb6b50222af8fef655a019a958a595e62df2bab18b7bff249561d00c1a35952
podman-gvproxy-4.4.1-22.el9_2.5.s390x.rpm SHA-256: cbed0daf153b6df874c904d66ed3e20aaa7c1711dda34ee24881d3fa6b1dbc14
podman-gvproxy-debuginfo-4.4.1-22.el9_2.5.s390x.rpm SHA-256: 91db0308bfd6fab5324565cea04576056bef61ed7f6b15aa96fb315c2a5124f0
podman-plugins-4.4.1-22.el9_2.5.s390x.rpm SHA-256: 34386cb86ad79ebab643ee71fa2ac27bde53936270824833d78773bf5b07487c
podman-plugins-debuginfo-4.4.1-22.el9_2.5.s390x.rpm SHA-256: 3c5e902d8a8f655fad0dd5faa61cefa7b116bac6880fb03db15d27972a5bafac
podman-remote-4.4.1-22.el9_2.5.s390x.rpm SHA-256: aa224282dd268bf5e6a5b90ce91c0f584961b931318fefb4347caab5eec6fa57
podman-remote-debuginfo-4.4.1-22.el9_2.5.s390x.rpm SHA-256: 70c699d59c1d388ef5c6a57104b26e285a91ebec9baef30633ab458b0b846eb3
podman-tests-4.4.1-22.el9_2.5.s390x.rpm SHA-256: e3a5569745c619c4314a9258a6a6b44a5fa76279702eaf470f6da691a481721b

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.