Overview

File _patchinfo of Package patchinfo.41273

<patchinfo incident="41273">
  <issue tracker="cve" id="2025-52565"/>
  <issue tracker="cve" id="2025-52881"/>
  <issue tracker="cve" id="2025-31133"/>
  <issue tracker="bnc" id="1252543">podman &amp; buildah with runc 1.3.2 fail with lots of warnings as rootless</issue>
  <issue tracker="bnc" id="1252376">VUL-0: CVE-2025-31133,CVE-2025-52565,CVE-2025-52881: podman: Container breakouts by bypassing runc's restrictions for writing to arbitrary /proc files</issue>
  <issue tracker="bnc" id="1248988">catatonit missing in /usr/libexec/podman/</issue>
  <packager>danishprakash</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for podman</summary>
  <description>This update for podman fixes the following issues:

- CVE-2025-31133: Fixed container escape via 'masked path' abuse due to mount race conditions (bsc#1252376)
- CVE-2025-52565: Fixed container escape with malicious config due to /dev/console mount and related races (bsc#1252376)
- CVE-2025-52881: Fixed container escape and denial of service due to arbitrary write gadgets and procfs write redirects (bsc#1252376)
    
Other fixes:
    
- Fix: podman and buildah with runc 1.3.2 fail with lots of warnings as rootless (bsc#1252543)
- Add symlink to catatonit in /usr/libexec/podman (bsc#1248988)

</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places