SUSE-SU-2026:20103-1
- Source
- https://www.suse.com/support/update/announcement/2026/suse-su-202620103-1/
- Import Source
- https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2026:20103-1.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/SUSE-SU-2026:20103-1
- Upstream
- Related
- Published
- 2026-01-21T11:08:51Z
- Modified
- 2026-03-11T07:31:43.468070Z
- Summary
- Security update for podman
- Details
-
This update for podman fixes the following issues:
- CVE-2025-31133,CVE-2025-52565,CVE-2025-52881: container breakouts by bypassing runc's restrictions for writing to arbitrary /proc files (bsc#1252376).
- CVE-2025-9566: kube play command may overwrite host files (bsc#1249154).
- References
-
- https://www.suse.com/support/update/announcement/2026/suse-su-202620103-1/
- https://bugzilla.suse.com/1249154
- https://bugzilla.suse.com/1252376
- https://www.suse.com/security/cve/CVE-2025-31133
- https://www.suse.com/security/cve/CVE-2025-52565
- https://www.suse.com/security/cve/CVE-2025-52881
- https://www.suse.com/security/cve/CVE-2025-9566
Affected packages
SUSE:Linux Enterprise Server 16.0 / podman
Package
- Name
- podman
- Purl
- pkg:rpm/suse/podman&distro=SUSE%20Linux%20Enterprise%20Server%2016.0
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed5.4.2-160000.3.1
SUSE:Linux Enterprise Server for SAP applications 16.0 / podman
Package
- Name
- podman
- Purl
- pkg:rpm/suse/podman&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed5.4.2-160000.3.1