Red Hat Security Advisory: buildah security update
Multiple security vulnerabilities have been identified and fixed in the buildah package used in Red Hat Enterprise Linux 9. 6 Extended Update Support. These include issues in golang components such as SSH client panic (CVE-2025-47913), denial of service via crafted certificates (CVE-2025-61729), memory exhaustion in URL parsing (CVE-2025-61726), incorrect TLS session resumption validation (CVE-2025-68121), and incorrect parsing of IPv6 host literals (CVE-2026-25679). The update addresses these vulnerabilities to improve the security of container image building processes. Red Hat has released updated packages to remediate these issues.
AI Analysis
Technical Summary
The buildah package facilitates building OCI and Docker container images and has multiple security vulnerabilities stemming from underlying golang libraries. These include an SSH client panic caused by unexpected SSH_AGENT_SUCCESS messages, denial of service through excessive resource consumption from crafted certificates, memory exhaustion during URL query parameter parsing, improper TLS session resumption validation, and incorrect parsing of IPv6 host literals. These vulnerabilities affect Red Hat Enterprise Linux 9.6 Extended Update Support and related variants. Red Hat Product Security has issued an advisory (RHSA-2026:11749) with updated buildah packages that fix these issues. The advisory rates the update as Important and provides detailed references for patching.
Potential Impact
The vulnerabilities collectively could lead to denial of service conditions, memory exhaustion, unexpected client crashes, and incorrect TLS session handling when using buildah for container image building. These issues may disrupt container build operations or compromise the integrity of TLS sessions. No known exploits in the wild have been reported. The impact is rated as high by the source, indicating significant security concerns if unpatched.
Mitigation Recommendations
Red Hat has released updated buildah packages for Red Hat Enterprise Linux 9.6 Extended Update Support and related variants that address these vulnerabilities. Users should apply the official Red Hat update as described in advisory RHSA-2026:11749 to remediate these issues. Detailed instructions and updated packages are available at https://access.redhat.com/articles/11258. No additional mitigation steps are indicated beyond applying the provided patches.
Red Hat Security Advisory: buildah security update
Description
Multiple security vulnerabilities have been identified and fixed in the buildah package used in Red Hat Enterprise Linux 9. 6 Extended Update Support. These include issues in golang components such as SSH client panic (CVE-2025-47913), denial of service via crafted certificates (CVE-2025-61729), memory exhaustion in URL parsing (CVE-2025-61726), incorrect TLS session resumption validation (CVE-2025-68121), and incorrect parsing of IPv6 host literals (CVE-2026-25679). The update addresses these vulnerabilities to improve the security of container image building processes. Red Hat has released updated packages to remediate these issues.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The buildah package facilitates building OCI and Docker container images and has multiple security vulnerabilities stemming from underlying golang libraries. These include an SSH client panic caused by unexpected SSH_AGENT_SUCCESS messages, denial of service through excessive resource consumption from crafted certificates, memory exhaustion during URL query parameter parsing, improper TLS session resumption validation, and incorrect parsing of IPv6 host literals. These vulnerabilities affect Red Hat Enterprise Linux 9.6 Extended Update Support and related variants. Red Hat Product Security has issued an advisory (RHSA-2026:11749) with updated buildah packages that fix these issues. The advisory rates the update as Important and provides detailed references for patching.
Potential Impact
The vulnerabilities collectively could lead to denial of service conditions, memory exhaustion, unexpected client crashes, and incorrect TLS session handling when using buildah for container image building. These issues may disrupt container build operations or compromise the integrity of TLS sessions. No known exploits in the wild have been reported. The impact is rated as high by the source, indicating significant security concerns if unpatched.
Mitigation Recommendations
Red Hat has released updated buildah packages for Red Hat Enterprise Linux 9.6 Extended Update Support and related variants that address these vulnerabilities. Users should apply the official Red Hat update as described in advisory RHSA-2026:11749 to remediate these issues. Detailed instructions and updated packages are available at https://access.redhat.com/articles/11258. No additional mitigation steps are indicated beyond applying the provided patches.
Technical Details
- Gcve Source
- db.gcve.eu
- Csaf Category
- csaf_security_advisory
- Csaf Version
- 2.0
- Publisher
- Red Hat Product Security
- Advisory Id
- RHSA-2026:11749
- Cve Count
- 5
- Additional Cves
- ["CVE-2025-61726","CVE-2025-61729","CVE-2025-68121","CVE-2026-25679"]
- Cvss Version
- null
Threat ID: 6a160965e29bf47b5062a4d3
Added to database: 5/26/2026, 8:58:13 PM
Last enriched: 5/27/2026, 1:49:51 AM
Last updated: 5/27/2026, 4:49:14 AM
Views: 2
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.