What is RHSA-2025:22548?

RHSA-2025:22548 is a security advisory published by Red Hat Product Security with High severity. Red Hat Security Advisory: Red Hat Ceph Storage

Which CVE IDs does RHSA-2025:22548 cover?

RHSA-2025:22548 covers the following CVE IDs: CVE-2025-11230, CVE-2025-11561, CVE-2024-56433, CVE-2025-6965, CVE-2025-9230. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of RHSA-2025:22548?

RHSA-2025:22548 has a CVSS v3 base score of 8.8, published by Red Hat Product Security.

RHSA-2025:22548HighCVSS 8.8

Red Hat Security Advisory: Red Hat Ceph Storage

Vendor

Red Hat Product Security

Published

December 2, 2025

Last Modified

June 3, 2026

🔗 CVE IDs covered (5)

CVE-2025-11230 →CVE-2025-11561 →CVE-2024-56433 →CVE-2025-6965 →CVE-2025-9230 →

📋 Description

CVE-2024-56433 — shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise CVE-2025-6965 — sqlite: Integer Truncation in SQLite CVE-2025-9230 — openssl: Out-of-bounds read & write in RFC 3211 KEK Unwrap CVE-2025-11230 — haproxy: denial of service vulnerability in HAProxy mjson library CVE-2025-11561 — sssd: SSSD default Kerberos configuration allows privilege escalation on AD-joined Linux systems

🔗 References (9)

selfhttps://access.redhat.com/errata/RHSA-2025:22548
externalhttps://access.redhat.com/security/cve/cve-2024-56433
externalhttps://access.redhat.com/security/cve/cve-2025-9230
externalhttps://access.redhat.com/security/cve/cve-2025-6965
externalhttps://access.redhat.com/security/cve/cve-2025-11561
externalhttps://access.redhat.com/security/cve/CVE-2025-11230
externalhttps://access.redhat.com/security/updates/classification/
externalhttps://docs.redhat.com/en/documentation/red_hat_ceph_storage/
selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_22548.json