RHSA-2025:2441HighCVSS 8.6
Red Hat Security Advisory: OpenShift Container Platform 4.12.74 bug fix and security update
🔗 CVE IDs covered (5)
📋 Description
CVE-2024-11187 — bind: bind9: Many records in the additional section cause CPU exhaustion CVE-2024-11218 — podman: buildah: Container breakout by using --jobs=2 and a race condition when building a malicious Containerfile CVE-2024-21626 — runc: file descriptor leak CVE-2024-45338 — golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html CVE-2024-50302 — kernel: HID: core: zero-initialize the report buffer
🔗 References (12)
- selfhttps://access.redhat.com/errata/RHSA-2025:2441
- externalhttps://access.redhat.com/security/updates/classification/#important
- externalhttps://access.redhat.com/security/vulnerabilities/RHSB-2024-001
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2258725
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2326231
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2327169
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2333122
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2342879
- externalhttps://issues.redhat.com/browse/OCPBUGS-48086
- externalhttps://issues.redhat.com/browse/OCPBUGS-49644
- externalhttps://issues.redhat.com/browse/OCPBUGS-50880
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_2441.json