Red Hat Security Advisory: buildah security update
Multiple security vulnerabilities have been identified and addressed in the buildah package used in Red Hat Enterprise Linux 9. 0 and related distributions. These issues include denial of service via crafted certificates and TLS key update messages, memory exhaustion during URL parsing, incorrect IPv6 host literal parsing, unexpected TLS session resumption, and an SSH client panic. The vulnerabilities affect components of the Go programming language libraries used by buildah. Red Hat has released an important security update that fixes these issues.
AI Analysis
Technical Summary
The buildah package, which facilitates building OCI container images on Red Hat Enterprise Linux 9.0, contains multiple vulnerabilities stemming from underlying Go libraries. These include CVE-2025-47913 (SSH client panic due to unexpected SSH_AGENT_SUCCESS), CVE-2025-61729 (denial of service via crafted certificates in crypto/x509), CVE-2025-61726 (memory exhaustion in net/url query parsing), CVE-2025-68121 (unexpected TLS session resumption), CVE-2026-25679 (incorrect IPv6 host literal parsing in net/url), and CVE-2026-32283 (denial of service via multiple TLS 1.3 key update messages). Red Hat has issued an important security advisory (RHSA-2026:16102) with updated packages addressing these vulnerabilities.
Potential Impact
These vulnerabilities can lead to denial of service conditions through resource exhaustion or unexpected behavior in SSH and TLS sessions, potentially disrupting container image building processes. Incorrect parsing of network addresses and TLS session resumption could also affect the security and stability of applications relying on buildah. No known exploits in the wild have been reported. The impact is rated as high by Red Hat Product Security.
Mitigation Recommendations
Red Hat has released updated buildah packages for Red Hat Enterprise Linux 9.0 and related variants that address these vulnerabilities. Users should apply the security update as detailed in Red Hat advisory RHSA-2026:16102 and the referenced article https://access.redhat.com/articles/11258. Since this is not a cloud service, remediation requires manual update of the affected packages. There are no indications that no action is required or that these issues are already mitigated without patching.
Red Hat Security Advisory: buildah security update
Description
Multiple security vulnerabilities have been identified and addressed in the buildah package used in Red Hat Enterprise Linux 9. 0 and related distributions. These issues include denial of service via crafted certificates and TLS key update messages, memory exhaustion during URL parsing, incorrect IPv6 host literal parsing, unexpected TLS session resumption, and an SSH client panic. The vulnerabilities affect components of the Go programming language libraries used by buildah. Red Hat has released an important security update that fixes these issues.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The buildah package, which facilitates building OCI container images on Red Hat Enterprise Linux 9.0, contains multiple vulnerabilities stemming from underlying Go libraries. These include CVE-2025-47913 (SSH client panic due to unexpected SSH_AGENT_SUCCESS), CVE-2025-61729 (denial of service via crafted certificates in crypto/x509), CVE-2025-61726 (memory exhaustion in net/url query parsing), CVE-2025-68121 (unexpected TLS session resumption), CVE-2026-25679 (incorrect IPv6 host literal parsing in net/url), and CVE-2026-32283 (denial of service via multiple TLS 1.3 key update messages). Red Hat has issued an important security advisory (RHSA-2026:16102) with updated packages addressing these vulnerabilities.
Potential Impact
These vulnerabilities can lead to denial of service conditions through resource exhaustion or unexpected behavior in SSH and TLS sessions, potentially disrupting container image building processes. Incorrect parsing of network addresses and TLS session resumption could also affect the security and stability of applications relying on buildah. No known exploits in the wild have been reported. The impact is rated as high by Red Hat Product Security.
Mitigation Recommendations
Red Hat has released updated buildah packages for Red Hat Enterprise Linux 9.0 and related variants that address these vulnerabilities. Users should apply the security update as detailed in Red Hat advisory RHSA-2026:16102 and the referenced article https://access.redhat.com/articles/11258. Since this is not a cloud service, remediation requires manual update of the affected packages. There are no indications that no action is required or that these issues are already mitigated without patching.
Technical Details
- Gcve Source
- db.gcve.eu
- Csaf Category
- csaf_security_advisory
- Csaf Version
- 2.0
- Publisher
- Red Hat Product Security
- Advisory Id
- RHSA-2026:16102
- Cve Count
- 6
- Additional Cves
- ["CVE-2025-61726","CVE-2025-61729","CVE-2025-68121","CVE-2026-25679","CVE-2026-32283"]
- Cvss Version
- null
Threat ID: 6a16096ce29bf47b50632ce4
Added to database: 5/26/2026, 8:58:20 PM
Last enriched: 5/26/2026, 9:48:10 PM
Last updated: 5/27/2026, 4:48:43 AM
Views: 2
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.