Red Hat Security Advisory: Red Hat Ceph Storage
🔗 CVE IDs covered (12)
📋 Description
CVE-2022-29458 — ncurses: segfaulting OOB read CVE-2024-56433 — shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise CVE-2025-6395 — gnutls: NULL pointer dereference in _gnutls_figure_common_ciphersuite() CVE-2025-6965 — sqlite: Integer Truncation in SQLite CVE-2025-8058 — glibc: Double free in glibc CVE-2025-9230 — openssl: Out-of-bounds read & write in RFC 3211 KEK Unwrap CVE-2025-11561 — sssd: SSSD default Kerberos configuration allows privilege escalation on AD-joined Linux systems CVE-2025-32414 — libxml2: Out-of-Bounds Read in libxml2 CVE-2025-32415 — libxml2: Out-of-bounds Read in xmlSchemaIDCFillNodeTables CVE-2025-32988 — gnutls: Vulnerability in GnuTLS otherName SAN export CVE-2025-32989 — gnutls: Vulnerability in GnuTLS SCT extension parsing CVE-2025-32990 — gnutls: Vulnerability in GnuTLS certtool template parsing
🔗 References (16)
- selfhttps://access.redhat.com/errata/RHSA-2025:22529
- externalhttps://access.redhat.com/security/cve/CVE-2022-29458
- externalhttps://access.redhat.com/security/cve/CVE-2024-56433
- externalhttps://access.redhat.com/security/cve/CVE-2025-11561
- externalhttps://access.redhat.com/security/cve/CVE-2025-32414
- externalhttps://access.redhat.com/security/cve/CVE-2025-32415
- externalhttps://access.redhat.com/security/cve/CVE-2025-32988
- externalhttps://access.redhat.com/security/cve/CVE-2025-32989
- externalhttps://access.redhat.com/security/cve/CVE-2025-32990
- externalhttps://access.redhat.com/security/cve/CVE-2025-6395
- externalhttps://access.redhat.com/security/cve/CVE-2025-6965
- externalhttps://access.redhat.com/security/cve/CVE-2025-8058
- externalhttps://access.redhat.com/security/cve/CVE-2025-9230
- externalhttps://access.redhat.com/security/updates/classification/
- externalhttps://docs.redhat.com/en/documentation/red_hat_ceph_storage/
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_22529.json