Red Hat Security Advisory: Red Hat AI Inference Server 3.2.5 (CUDA)

CVE-2025-9230 — openssl: Out-of-bounds read & write in RFC 3211 KEK Unwrap CVE-2025-9714 — libxslt: libxml2: Inifinite recursion at exsltDynMapFunction function in libexslt/dynamic.c CVE-2025-22868 — golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws CVE-2025-22869 — golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh CVE-2025-52565 — runc: container escape with malicious config due to /dev/console mount and related races CVE-2025-59375 — firefox: thunderbird: expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing CVE-2025-62164 — vllm: VLLM deserialization vulnerability leading to DoS and potential RCE CVE-2025-62372 — vllm: vLLM vulnerable to DoS with incorrect shape of multimodal embedding inputs CVE-2025-62593 — ray: Ray is vulnerable to RCE via Safari & Firefox Browsers through DNS Rebinding Attack CVE-2025-66448 — vllm: vLLM: Remote Code Execution via malicious model configuration CVE-2025-66506 — github.com/sigstore/fulcio: Fulcio: Denial of Service via crafted OpenID Connect (OIDC) token