Red Hat Security Advisory: Red Hat AI Inference Server Model Optimization Tools 3.2.2 (CUDA)
🔗 CVE IDs covered (9)
📋 Description
CVE-2020-23922 — giflib: out-of-bounds read in DumpScreen2RGB() in gif2rgb.c in gif2rgb tool CVE-2022-32189 — golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service CVE-2022-32296 — kernel: insufficient TCP source port randomness leads to client identification CVE-2023-6349 — libvpx: Heap buffer overflow related to VP9 encoding CVE-2023-39327 — openjpeg: Malicious files can cause the program to enter a large loop CVE-2023-39329 — openjpeg: Resource exhaustion will occur in the opj_t1_decode_cblks function in the tcd.c CVE-2024-45341 — golang: crypto/x509: crypto/x509: usage of IPv6 zone IDs can bypass URI name constraints CVE-2024-50613 — libsndfile: Reachable assertion in mpeg_l3_encoder_close CVE-2026-25990 — pillow: Pillow: Out-of-bounds Write via Specially Crafted PSD Image
🔗 References (13)
- selfhttps://access.redhat.com/errata/RHSA-2026:4128
- externalhttps://access.redhat.com/security/cve/CVE-2020-23922
- externalhttps://access.redhat.com/security/cve/CVE-2022-32189
- externalhttps://access.redhat.com/security/cve/CVE-2022-32296
- externalhttps://access.redhat.com/security/cve/CVE-2023-39327
- externalhttps://access.redhat.com/security/cve/CVE-2023-39329
- externalhttps://access.redhat.com/security/cve/CVE-2023-6349
- externalhttps://access.redhat.com/security/cve/CVE-2024-45341
- externalhttps://access.redhat.com/security/cve/CVE-2024-50613
- externalhttps://access.redhat.com/security/cve/CVE-2026-25990
- externalhttps://access.redhat.com/security/updates/classification/
- externalhttps://www.redhat.com/en/products/ai/inference-server
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_4128.json