Red Hat Security Advisory: podman security update
This advisory addresses security vulnerabilities in the podman container management tool used in Red Hat Enterprise Linux 9. 4 Extended Update Support. The update fixes two vulnerabilities: CVE-2025-52881, a container escape and denial of service issue in runc caused by arbitrary write gadgets and procfs write redirects; and CVE-2025-58183, an unbounded memory allocation vulnerability in the Go archive/tar package when parsing GNU sparse maps. These issues could allow an attacker to escape container isolation or cause denial of service. Red Hat has released updated packages to remediate these vulnerabilities.
AI Analysis
Technical Summary
The podman tool, part of the libpod library for managing container pods, is affected by two security flaws. CVE-2025-52881 involves runc, where arbitrary write gadgets and procfs write redirects can lead to container escape and denial of service. CVE-2025-58183 is a vulnerability in the Go archive/tar package causing unbounded memory allocation when parsing GNU sparse maps, potentially leading to denial of service. These vulnerabilities affect multiple Red Hat Enterprise Linux 9.4 variants and related podman packages. Red Hat has issued an important security update (RHSA-2026:0424) that includes fixes for these issues.
Potential Impact
Successful exploitation of CVE-2025-52881 could allow an attacker to escape container isolation and cause denial of service, compromising container security boundaries. CVE-2025-58183 could result in denial of service due to unbounded memory allocation during tar archive processing. Both vulnerabilities pose significant risks to containerized environments managed by podman on affected Red Hat Enterprise Linux versions.
Mitigation Recommendations
Red Hat has released updated podman packages that address these vulnerabilities. Users of affected Red Hat Enterprise Linux 9.4 Extended Update Support versions should apply the security update RHSA-2026:0424 promptly. Detailed update instructions are available at https://access.redhat.com/articles/11258. No additional mitigations are required beyond applying the official patch.
Red Hat Security Advisory: podman security update
Description
This advisory addresses security vulnerabilities in the podman container management tool used in Red Hat Enterprise Linux 9. 4 Extended Update Support. The update fixes two vulnerabilities: CVE-2025-52881, a container escape and denial of service issue in runc caused by arbitrary write gadgets and procfs write redirects; and CVE-2025-58183, an unbounded memory allocation vulnerability in the Go archive/tar package when parsing GNU sparse maps. These issues could allow an attacker to escape container isolation or cause denial of service. Red Hat has released updated packages to remediate these vulnerabilities.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The podman tool, part of the libpod library for managing container pods, is affected by two security flaws. CVE-2025-52881 involves runc, where arbitrary write gadgets and procfs write redirects can lead to container escape and denial of service. CVE-2025-58183 is a vulnerability in the Go archive/tar package causing unbounded memory allocation when parsing GNU sparse maps, potentially leading to denial of service. These vulnerabilities affect multiple Red Hat Enterprise Linux 9.4 variants and related podman packages. Red Hat has issued an important security update (RHSA-2026:0424) that includes fixes for these issues.
Potential Impact
Successful exploitation of CVE-2025-52881 could allow an attacker to escape container isolation and cause denial of service, compromising container security boundaries. CVE-2025-58183 could result in denial of service due to unbounded memory allocation during tar archive processing. Both vulnerabilities pose significant risks to containerized environments managed by podman on affected Red Hat Enterprise Linux versions.
Mitigation Recommendations
Red Hat has released updated podman packages that address these vulnerabilities. Users of affected Red Hat Enterprise Linux 9.4 Extended Update Support versions should apply the security update RHSA-2026:0424 promptly. Detailed update instructions are available at https://access.redhat.com/articles/11258. No additional mitigations are required beyond applying the official patch.
Technical Details
- Gcve Source
- db.gcve.eu
- Csaf Category
- csaf_security_advisory
- Csaf Version
- 2.0
- Publisher
- Red Hat Product Security
- Advisory Id
- RHSA-2026:0424
- Cve Count
- 2
- Additional Cves
- ["CVE-2025-58183"]
- Cvss Version
- null
Threat ID: 6a160978e29bf47b50644658
Added to database: 5/26/2026, 8:58:32 PM
Last enriched: 5/26/2026, 10:18:06 PM
Last updated: 5/27/2026, 4:52:26 AM
Views: 2
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.