Red Hat Product Errata RHSA-2026:20570 - Security Advisory Issued: 2026-05-26 Updated: 2026-05-26 RHSA-2026:20570 - Security Advisory Overview Updated Packages Synopsis Important: podman security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for podman is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fix(es): crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation (CVE-2026-32281) crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages (CVE-2026-32283) crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building (CVE-2026-32280) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 - Extended Update Support 10.0 x86_64 Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 10.0 s390x Red Hat Enterprise Linux for Power, little endian - Extended Update Support 10.0 ppc64le Red Hat Enterprise Linux for ARM 64 - Extended Update Support 10.0 aarch64 Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 10.0 x86_64 Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 10.0 ppc64le Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 10.0 s390x Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 10.0 aarch64 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 10.0 aarch64 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 10.0 s390x Red Hat Enterprise Linux for Power, little endian - 4 years of support 10.0 ppc64le Red Hat Enterprise Linux for x86_64 - 4 years of updates 10.0 x86_64 Fixes BZ - 2456333 - CVE-2026-32281 crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation BZ - 2456338 - CVE-2026-32283 crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages BZ - 2456339 - CVE-2026-32280 crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building CVEs CVE-2026-32280 CVE-2026-32281 CVE-2026-32283 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 - Extended Update Support 10.0 SRPM podman-5.4.0-15.el10_0.2.src.rpm SHA-256: 8587df29dd68341cd5a7a0f5f5e08489f1c15b5e75003ed99080a10a8595f2dc x86_64 podman-5.4.0-15.el10_0.2.x86_64.rpm SHA-256: 6d44f2b97ecd1ca94ec33ec27156fa31e6d36a1add6910ece16d8c2b85fbcfe4 podman-debuginfo-5.4.0-15.el10_0.2.x86_64.rpm SHA-256: 0f2ccd27efccd19d6f27e95e5854b8dabc3a650c8b063c22fae1659e551fe761 podman-debugsource-5.4.0-15.el10_0.2.x86_64.rpm SHA-256: 021b7af65ab42571225d27a2c7f3f816e31e8a2b961492aa2cbcdccddd7eaa0f podman-docker-5.4.0-15.el10_0.2.noarch.rpm SHA-256: bce2edde3d1fb96373db253689f1ee6bdbaa6719f61cbb2693465b49b520ea6b podman-remote-5.4.0-15.el10_0.2.x86_64.rpm SHA-256: a4793f993fa51bd68e81f49fe0df98dbfb8bad680b0306082efb27c5ec351a98 podman-remote-debuginfo-5.4.0-15.el10_0.2.x86_64.rpm SHA-256: df2921a5e54e42439f01d4106eb22bfb00ba1ae01ac5bc112260fba5cc395f59 podman-tests-debuginfo-5.4.0-15.el10_0.2.x86_64.rpm SHA-256: dd85f722357302063c2f9fcf6839c720e70034bb371ed0b348788eaa8d584c03 Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 10.0 SRPM podman-5.4.0-15.el10_0.2.src.rpm SHA-256: 8587df29dd68341cd5a7a0f5f5e08489f1c15b5e75003ed99080a10a8595f2dc s390x podman-5.4.0-15.el10_0.2.s390x.rpm SHA-256: df186b7600a74313839d74e9e59781cfadb567a83f16af8f84d6cbd8b6a89679 podman-debuginfo-5.4.0-15.el10_0.2.s390x.rpm SHA-256: 063406dc301c40c3a917459dde8ecde7fa86b226b3de6417106d5dfacd602efa podman-debugsource-5.4.0-15.el10_0.2.s390x.rpm SHA-256: de2fdee04a6b7b8e8a6496848743fbc0d46922dd578716c1374d5fa505d70557 podman-docker-5.4.0-15.el10_0.2.noarch.rpm SHA-256: bce2edde3d1fb96373db253689f1ee6bdbaa6719f61cbb2693465b49b520ea6b podman-remote-5.4.0-15.el10_0.2.s390x.rpm SHA-256: fda5cdbdc2420235cbbdc69c1f6e918764724c9d1d6a758f92b41b7af80ecbe3 podman-remote-debuginfo-5.4.0-15.el10_0.2.s390x.rpm SHA-256: eca2b40dd60a45ec9c011dd8a790772e377ebab76aa7d476d617103aabe9ea88 podman-tests-debuginfo-5.4.0-15.el10_0.2.s390x.rpm SHA-256: b9352458d547d8bd620b15f96e159cd7cae08c857abbde14f9892f3543bcaaca Red Hat Enterprise Linux for Power, little endian - Extended Update Support 10.0 SRPM podman-5.4.0-15.el10_0.2.src.rpm SHA-256: 8587df29dd68341cd5a7a0f5f5e08489f1c15b5e75003ed99080a10a8595f2dc ppc64le podman-5.4.0-15.el10_0.2.ppc64le.rpm SHA-256: 0fa50c04f5e9b1589e945bda3916d1d753b9e7900ea80d3b8c6bb01bdf2ddac7 podman-debuginfo-5.4.0-15.el10_0.2.ppc64le.rpm SHA-256: c0fd73e4bd176a260d6ed85869fdd92b57b67a9e6bfe9a488b9d3623d780df04 podman-debugsource-5.4.0-15.el10_0.2.ppc64le.rpm SHA-256: 397c923f63351c75a0806faccabb4bbc3111ee3bb4a7ae38f9e302c8f2230b7a podman-docker-5.4.0-15.el10_0.2.noarch.rpm SHA-256: bce2edde3d1fb96373db253689f1ee6bdbaa6719f61cbb2693465b49b520ea6b podman-remote-5.4.0-15.el10_0.2.ppc64le.rpm SHA-256: 5a4d7ebfae45fe09da096a5548e0cf8871daebebe83805cc93dc56a921a77514 podman-remote-debuginfo-5.4.0-15.el10_0.2.ppc64le.rpm SHA-256: cc1e13bf0f592860cf4af5a83d312b40693f34f22af949d54811cafe4e3e3e14 podman-tests-debuginfo-5.4.0-15.el10_0.2.ppc64le.rpm SHA-256: d631d1789631b475a5b742d01e57bf8d906ffc9b274d0f6a0d613a761f08a95d Red Hat Enterprise Linux for ARM 64 - Extended Update Support 10.0 SRPM podman-5.4.0-15.el10_0.2.src.rpm SHA-256: 8587df29dd68341cd5a7a0f5f5e08489f1c15b5e75003ed99080a10a8595f2dc aarch64 podman-5.4.0-15.el10_0.2.aarch64.rpm SHA-256: 086ff7f241137361b48e86e30cd76adc66a98e1b21925f33ab7c35c24f6b6613 podman-debuginfo-5.4.0-15.el10_0.2.aarch64.rpm SHA-256: 989023a7ef0a056bee25e2ef52276deb5b39800fef63687f355aeefa6a338d6a podman-debugsource-5.4.0-15.el10_0.2.aarch64.rpm SHA-256: 14e002dfd253a443e726935dbe430b26265659093290a5c3aacdf2c420d640c9 podman-docker-5.4.0-15.el10_0.2.noarch.rpm SHA-256: bce2edde3d1fb96373db253689f1ee6bdbaa6719f61cbb2693465b49b520ea6b podman-remote-5.4.0-15.el10_0.2.aarch64.rpm SHA-256: 6491e3d8739b316299fbcdd2bea41cc30937562793b94ecb9aa278b321afb873 podman-remote-debuginfo-5.4.0-15.el10_0.2.aarch64.rpm SHA-256: bc4451e3df7a6e796110f604b50fe1042d41beece18fcfcab81f66697427da8f podman-tests-debuginfo-5.4.0-15.el10_0.2.aarch64.rpm SHA-256: 14fc0caeae6fe881a2cdaa64d5da29d48c50e0fd6fc6a4221ebf1fd9eb3fcb4c Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 10.0 SRPM x86_64 podman-debuginfo-5.4.0-15.el10_0.2.x86_64.rpm SHA-256: 0f2ccd27efccd19d6f27e95e5854b8dabc3a650c8b063c22fae1659e551fe761 podman-debugsource-5.4.0-15.el10_0.2.x86_64.rpm SHA-256: 021b7af65ab42571225d27a2c7f3f816e31e8a2b961492aa2cbcdccddd7eaa0f podman-remote-debuginfo-5.4.0-15.el10_0.2.x86_64.rpm SHA-256: df2921a5e54e42439f01d4106eb22bfb00ba1ae01ac5bc112260fba5cc395f59 podman-tests-5.4.0-15.el10_0.2.x86_64.rpm SHA-256: bbb73f0efc42aaacb3245c17f3d502c88137ab618ac51c1ce00306b433b924c5 podman-tests-debuginfo-5.4.0-15.el10_0.2.x86_64.rpm SHA-256: dd85f722357302063c2f9fcf6839c720e70034bb371ed0b348788eaa8d584c03 Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 10.0 SRPM ppc64le podman-debuginfo-5.4.0-15.el10_0.2.ppc64le.rpm SHA-256: c0fd73e4bd176a260d6ed85869fdd92b57b67a9e6bfe9a488b9d3623d780df04 podman-debugsource-5.4.0-15.el10_0.2.ppc64le.rpm SHA-256: 397c923f63351c75a0806faccabb4bbc3111ee3bb4a7ae38f9e302c8f2230b7a podman-remote-debuginfo-5.4.0-15.el10_0.2.ppc64le.rpm SHA-256: cc1e13bf0f592860cf4af5a83d312b40693f34f22af949d54811cafe4e3e3e14 podman-tests-5.4.0-15.el10_0.2.ppc64le.rpm SHA-256: 66d5280d259e706c2e58f9f3e43c1ed30075613984482c05886d44f7dccadadf podman-tests-debuginfo-5.4.0-15.el10_0.2.ppc64le.rpm SHA-256: d631d1789631b475a5b742d01e57bf8d906ffc9b274d0f6a0d613a761f08a95d Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 10.0 SRPM s390x podman-debuginfo-5.4.0-15.el10_0.2.s390x.rpm SHA-256: 063406dc301c40c3a917459dde8ecde7fa86b226b3de6417106d5dfacd602efa podman-debugsource-5.4.0-15.el10_0.2.s390x.rpm SHA-256: de2fdee04a6b7b8e8a6496848743fbc0d46922dd578716c1374d5fa505d70557 podman-remote-debuginfo-5.4.0-15.el10_0.2.s390x.rpm SHA-256: eca2b40dd60a45ec9c011dd8a790772e377ebab76aa7d476d617103aabe9ea88 podman-tests-5.4.0-15.el10_0.2.s390x.rpm SHA-256: e8f5d918f916a8ef98a95f1fe266c7022e8d445a7281dae35511eba71a50fcde podman-tests-debuginfo-5.4.0-15.el10_0.2.s390x.rpm SHA-256: b9352458d547d8bd620b15f96e159cd7cae08c857abbde14f9892f3543bcaaca Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 10.0 SRPM aarch64 podman-debuginfo-5.4.0-15.el10_0.2.aarch64.rpm SHA-256: 989023a7ef0a056bee25e2ef52276deb5b39800fef63687f355aeefa6a338d6a podman-debugsource-5.4.0-15.el10_0.2.aarch64.rpm SHA-256: 14e002dfd253a443e726935dbe430b26265659093290a5c3aacdf2c420d640c9 podman-remote-debuginfo-5.4.0-15.el10_0.2.aarch64.rpm SHA-256: bc4451e3df7a6e796110f604b50fe1042d41beece18fcfcab81f66697427da8f podman-tests-5.4.0-15.el10_0.2.aarch64.rpm SHA-256: 67ef