Issued:
2026-05-19
Updated:
2026-05-19

RHSA-2026:18913 - Important: containernetworking-plugins security update


Synopsis

Important: containernetworking-plugins security update

Type/Severity

Security Advisory Important

Topic

An update for containernetworking-plugins is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The Container Network Interface (CNI) project consists of a specification and libraries for writing plug-ins for configuring network interfaces in Linux containers, along with a number of supported plug-ins. CNI concerns itself only with network connectivity of containers and removing allocated resources when the container is deleted.

Security Fix(es):

  • crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate (CVE-2025-61729)

  • golang: net/url: Memory exhaustion in query parameter parsing in net/url (CVE-2025-61726)

  • crypto/tls: Unexpected session resumption in crypto/tls (CVE-2025-68121)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise Linux 9 Release Notes linked from the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

ProductVersionArch
Red Hat Enterprise Linux for x86_649x86_64
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions9.8x86_64
Red Hat Enterprise Linux for x86_64 - Extended Update Support9.8x86_64
Red Hat Enterprise Linux for x86_64 - Extended Life Cycle9.8x86_64
Red Hat Enterprise Linux for Power, little endian9ppc64le
Red Hat Enterprise Linux for Power, little endian - Extended Update Support9.8ppc64le
Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle9.8ppc64le
Red Hat Enterprise Linux for IBM z Systems9s390x
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support9.8s390x
Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle9.8s390x
Red Hat Enterprise Linux for IBM z Systems - 4 years of updates9.8s390x
Red Hat Enterprise Linux for ARM 649aarch64
Red Hat Enterprise Linux for ARM 64 - Extended Update Support9.8aarch64
Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle9.8aarch64
Red Hat Enterprise Linux for ARM 64 - 4 years of updates9.8aarch64
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions9.8ppc64le

Updated Packages

  • containernetworking-plugins-1.9.0-2.el9.ppc64le.rpm
  • containernetworking-plugins-1.9.0-2.el9.s390x.rpm
  • containernetworking-plugins-1.9.0-2.el9.aarch64.rpm
  • containernetworking-plugins-debuginfo-1.9.0-2.el9.aarch64.rpm
  • containernetworking-plugins-debuginfo-1.9.0-2.el9.ppc64le.rpm
  • containernetworking-plugins-debuginfo-1.9.0-2.el9.x86_64.rpm
  • containernetworking-plugins-debugsource-1.9.0-2.el9.aarch64.rpm
  • containernetworking-plugins-debugsource-1.9.0-2.el9.s390x.rpm
  • containernetworking-plugins-debugsource-1.9.0-2.el9.x86_64.rpm
  • containernetworking-plugins-1.9.0-2.el9.x86_64.rpm
  • containernetworking-plugins-debuginfo-1.9.0-2.el9.s390x.rpm
  • containernetworking-plugins-1.9.0-2.el9.src.rpm
  • containernetworking-plugins-debugsource-1.9.0-2.el9.ppc64le.rpm

Fixes

CVEs

References


Additional information