This site requires JavaScript to be enabled to function correctly, please enable it.
Summary:
CVE-2026-39828 podman: golang.org/x/crypto/ssh: Unauthorized command execution via discarded SSH permissions [fedora-all]
Product:
[Fedora] Fedora
Reporter:
Isaiah Johnson <isjohnso>
Component:
podman Assignee:
Lokesh Mandvekar <lsm5>
Status:
CLOSED
NOTABUG
QA Contact:
Fedora Extras Quality Assurance <extras-qa>
Severity:
high
Docs Contact:
Priority:
high
Version:
rawhide CC:
bbaude, debarshir, dwalsh, go-sig, jnovy, lsm5, mboddu, mheon, nsella, patrick, pholzing, suraj.ghimire7
Target Milestone:
--- Keywords:
Security, SecurityTracking
Target Release:
---
Hardware:
Unspecified
OS:
Unspecified
Whiteboard:
{"flaws": ["02803e63-7960-44ab-924d-a494ff5d30d3"]}
Fixed In Version:
Doc Type:
---
Doc Text:
Story Points:
---
Clone Of:
Environment:
Last Closed:
2026-06-17 17:27:50 UTC
Type:
---
Regression:
---
Mount Type:
---
Documentation:
---
CRM:
Verified Versions:
Category:
---
oVirt Team:
---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:
---
Target Upstream Version:
Embargoed:
Bug Depends On:
Bug Blocks:
2480687