Red Hat Product Errata RHSA-2026:18289 - Security Advisory Issued: 2026-05-19 Updated: 2026-05-19 RHSA-2026:18289 - Security Advisory Overview Updated Packages Synopsis Important: podman security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for podman is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fix(es): podman: Podman kube play command may overwrite host files (CVE-2025-9566) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 10 Release Notes linked from the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 10 x86_64 Red Hat Enterprise Linux for IBM z Systems 10 s390x Red Hat Enterprise Linux for Power, little endian 10 ppc64le Red Hat Enterprise Linux for ARM 64 10 aarch64 Red Hat CodeReady Linux Builder for x86_64 10 x86_64 Red Hat CodeReady Linux Builder for Power, little endian 10 ppc64le Red Hat CodeReady Linux Builder for ARM 64 10 aarch64 Red Hat CodeReady Linux Builder for IBM z Systems 10 s390x Fixes BZ - 2393152 - CVE-2025-9566 podman: Podman kube play command may overwrite host files RHEL-132823 - Bump to runc v1.2.9 or v1.3.4 to get CVE and regression fixes - Podman RHEL-145596 - [rhel-10.2] [ppc64le] podman - 075-exec - not ok 2 [075] podman exec - leak check - FAIL: exec_pid file found CVEs CVE-2025-9566 References https://access.redhat.com/security/updates/classification/#important https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/10/html/10.2_release_notes/index Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 10 SRPM podman-5.8.0-2.el10.src.rpm SHA-256: 17c41b5df0c7d605ddfa4e4b788172d191b6a28f65cdbe6e360782c87f3a47d8 x86_64 podman-5.8.0-2.el10.x86_64.rpm SHA-256: 56a895007cfa8c1404032e6be4f0973c2ccc4265c181c9e917253a01da5c9ea8 podman-debuginfo-5.8.0-2.el10.x86_64.rpm SHA-256: 68c72ebee1e6aff1ee9862fb73ca012156ff739645116e808bdbe35e3579d440 podman-debugsource-5.8.0-2.el10.x86_64.rpm SHA-256: ee3c126eb4628161495fcc45c30ec3ef9a5283f0b3012d7711f2ade62d13f736 podman-docker-5.8.0-2.el10.noarch.rpm SHA-256: 73592f9431dccd13640cc9a8a78f68f13c95aada9bb184e4870a9ec76f8f5571 podman-remote-5.8.0-2.el10.x86_64.rpm SHA-256: 59cab6084da58753b3312d166a5cff70aa059bd269e8ad5c0ca4fb77f0040c0a podman-remote-debuginfo-5.8.0-2.el10.x86_64.rpm SHA-256: 7e0126a57665515ed4f8cf4782eb171050da7da276b69a0d11c7540029e18423 podman-tests-debuginfo-5.8.0-2.el10.x86_64.rpm SHA-256: 30f945af64eaf328dfbae86aad014980df23787c62eee364e1f0edde7b914960 Red Hat Enterprise Linux for IBM z Systems 10 SRPM podman-5.8.0-2.el10.src.rpm SHA-256: 17c41b5df0c7d605ddfa4e4b788172d191b6a28f65cdbe6e360782c87f3a47d8 s390x podman-5.8.0-2.el10.s390x.rpm SHA-256: b9823b05d21945603455a5dfd38318f7c9ab7e1145fb17596de9a89f4b21d82f podman-debuginfo-5.8.0-2.el10.s390x.rpm SHA-256: f80806cd5a5a8352841621cca5861638464fce3334557d01b6953b8e44cdab86 podman-debugsource-5.8.0-2.el10.s390x.rpm SHA-256: db22f61f99ba93489026c42acf29fa15181a7f367de307e66273d428150bd4f0 podman-docker-5.8.0-2.el10.noarch.rpm SHA-256: 73592f9431dccd13640cc9a8a78f68f13c95aada9bb184e4870a9ec76f8f5571 podman-remote-5.8.0-2.el10.s390x.rpm SHA-256: 2913058dbf8648a932ec1eb8304342b3519a2cd01315254e30d5431f004395f6 podman-remote-debuginfo-5.8.0-2.el10.s390x.rpm SHA-256: d3b4857815beff98b8a56e6498c0114429e13d8e6d978ae0fdb3299799ae02ce podman-tests-debuginfo-5.8.0-2.el10.s390x.rpm SHA-256: 3c5391b199f6d8d75eab65dacafeb9933dcf9a48e1b38312b9030f4f69fbd5ef Red Hat Enterprise Linux for Power, little endian 10 SRPM podman-5.8.0-2.el10.src.rpm SHA-256: 17c41b5df0c7d605ddfa4e4b788172d191b6a28f65cdbe6e360782c87f3a47d8 ppc64le podman-5.8.0-2.el10.ppc64le.rpm SHA-256: dce64e67870af2cb03fb8370b87bb5f18a507e67ba681d3d1471efcb65f89945 podman-debuginfo-5.8.0-2.el10.ppc64le.rpm SHA-256: a4ccba9625fd69541021aecef9e356e30d12e1c7a2245041f9804912d2c1f341 podman-debugsource-5.8.0-2.el10.ppc64le.rpm SHA-256: 8cf48f75594fbd298913e45928ce59558893e435773842fa6a8d11f65772ad63 podman-docker-5.8.0-2.el10.noarch.rpm SHA-256: 73592f9431dccd13640cc9a8a78f68f13c95aada9bb184e4870a9ec76f8f5571 podman-remote-5.8.0-2.el10.ppc64le.rpm SHA-256: 30bf974fb847ccbd93d45c7fa5536052f225e988f7008d648813bf7fad47e5f6 podman-remote-debuginfo-5.8.0-2.el10.ppc64le.rpm SHA-256: dfa16eef4969ef1bb564a90d62635166ecf18f5c8bda3002d446400df98aefeb podman-tests-debuginfo-5.8.0-2.el10.ppc64le.rpm SHA-256: 242c5a427c7a9b60a9a37a96e155d252fceb7465958079d299ec9e1f0292914f Red Hat Enterprise Linux for ARM 64 10 SRPM podman-5.8.0-2.el10.src.rpm SHA-256: 17c41b5df0c7d605ddfa4e4b788172d191b6a28f65cdbe6e360782c87f3a47d8 aarch64 podman-5.8.0-2.el10.aarch64.rpm SHA-256: a5907723af8627ffc961068f9827e26ec200aac759ab5ac590eb12998888685e podman-debuginfo-5.8.0-2.el10.aarch64.rpm SHA-256: f98f428d819b96e4f07f255dddeddcd235bb1745589074252e5832fbe099db12 podman-debugsource-5.8.0-2.el10.aarch64.rpm SHA-256: 1f6b6275b160c1d45110e97e14a639a69a4f6cd1f595650d9e1c7ba03f0224bb podman-docker-5.8.0-2.el10.noarch.rpm SHA-256: 73592f9431dccd13640cc9a8a78f68f13c95aada9bb184e4870a9ec76f8f5571 podman-remote-5.8.0-2.el10.aarch64.rpm SHA-256: 8df6079a152af4616678be3275e3916511dee39b4f414a473ebcea6e3c98fa2f podman-remote-debuginfo-5.8.0-2.el10.aarch64.rpm SHA-256: 3fdbf658d5855eea9d3aea0953303f9947d51d73b649b1d4b95db30389856fe7 podman-tests-debuginfo-5.8.0-2.el10.aarch64.rpm SHA-256: c514ba29091969d9b836653dfb30d37508bff723b293da1ad6602691bf2d1438 Red Hat CodeReady Linux Builder for x86_64 10 SRPM x86_64 podman-debuginfo-5.8.0-2.el10.x86_64.rpm SHA-256: 68c72ebee1e6aff1ee9862fb73ca012156ff739645116e808bdbe35e3579d440 podman-debugsource-5.8.0-2.el10.x86_64.rpm SHA-256: ee3c126eb4628161495fcc45c30ec3ef9a5283f0b3012d7711f2ade62d13f736 podman-remote-debuginfo-5.8.0-2.el10.x86_64.rpm SHA-256: 7e0126a57665515ed4f8cf4782eb171050da7da276b69a0d11c7540029e18423 podman-tests-5.8.0-2.el10.x86_64.rpm SHA-256: edeffbd9e172769e0f7a414c2477d50417167ccd51ff2953e262eb4537818fe9 podman-tests-debuginfo-5.8.0-2.el10.x86_64.rpm SHA-256: 30f945af64eaf328dfbae86aad014980df23787c62eee364e1f0edde7b914960 Red Hat CodeReady Linux Builder for Power, little endian 10 SRPM ppc64le podman-debuginfo-5.8.0-2.el10.ppc64le.rpm SHA-256: a4ccba9625fd69541021aecef9e356e30d12e1c7a2245041f9804912d2c1f341 podman-debugsource-5.8.0-2.el10.ppc64le.rpm SHA-256: 8cf48f75594fbd298913e45928ce59558893e435773842fa6a8d11f65772ad63 podman-remote-debuginfo-5.8.0-2.el10.ppc64le.rpm SHA-256: dfa16eef4969ef1bb564a90d62635166ecf18f5c8bda3002d446400df98aefeb podman-tests-5.8.0-2.el10.ppc64le.rpm SHA-256: fdd135304219f359913069d505e854c9d49b03d7b371edfbe541163c2e5b6a78 podman-tests-debuginfo-5.8.0-2.el10.ppc64le.rpm SHA-256: 242c5a427c7a9b60a9a37a96e155d252fceb7465958079d299ec9e1f0292914f Red Hat CodeReady Linux Builder for ARM 64 10 SRPM aarch64 podman-debuginfo-5.8.0-2.el10.aarch64.rpm SHA-256: f98f428d819b96e4f07f255dddeddcd235bb1745589074252e5832fbe099db12 podman-debugsource-5.8.0-2.el10.aarch64.rpm SHA-256: 1f6b6275b160c1d45110e97e14a639a69a4f6cd1f595650d9e1c7ba03f0224bb podman-remote-debuginfo-5.8.0-2.el10.aarch64.rpm SHA-256: 3fdbf658d5855eea9d3aea0953303f9947d51d73b649b1d4b95db30389856fe7 podman-tests-5.8.0-2.el10.aarch64.rpm SHA-256: 6242f4ab8d998463926398d63a48b52398773f364cc5c659a73ad407b133bfec podman-tests-debuginfo-5.8.0-2.el10.aarch64.rpm SHA-256: c514ba29091969d9b836653dfb30d37508bff723b293da1ad6602691bf2d1438 Red Hat CodeReady Linux Builder for IBM z Systems 10 SRPM s390x podman-debuginfo-5.8.0-2.el10.s390x.rpm SHA-256: f80806cd5a5a8352841621cca5861638464fce3334557d01b6953b8e44cdab86 podman-debugsource-5.8.0-2.el10.s390x.rpm SHA-256: db22f61f99ba93489026c42acf29fa15181a7f367de307e66273d428150bd4f0 podman-remote-debuginfo-5.8.0-2.el10.s390x.rpm SHA-256: d3b4857815beff98b8a56e6498c0114429e13d8e6d978ae0fdb3299799ae02ce podman-tests-5.8.0-2.el10.s390x.rpm SHA-256: 2c41adaa7e4b6112758dc6ceac1bcfde610efbd2a61a36d3cfe751df590d7762 podman-tests-debuginfo-5.8.0-2.el10.s390x.rpm SHA-256: 3c5391b199f6d8d75eab65dacafeb9933dcf9a48e1b38312b9030f4f69fbd5ef The Red Hat security contact is secalert@redhat.com . More contact details at https://access.redhat.com/security/team/contact/ .