RHSA-2025:3798HighCVSS 8.6
Red Hat Security Advisory: OpenShift Container Platform 4.17.25 bug fix and security update
🔗 CVE IDs covered (4)
📋 Description
CVE-2022-49043 — libxml: use-after-free in xmlXIncludeAddNode CVE-2024-11218 — podman: buildah: Container breakout by using --jobs=2 and a race condition when building a malicious Containerfile CVE-2025-29781 — baremetal-operator/apis: Bare Metal Operator (BMO) can expose any secret from other namespaces via BMCEventSubscription CRD CVE-2025-30204 — golang-jwt/jwt: jwt-go allows excessive memory allocation during header parsing
🔗 References (16)
- selfhttps://access.redhat.com/errata/RHSA-2025:3798
- externalhttps://access.redhat.com/security/updates/classification/#important
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2326231
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2342118
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2353041
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2354195
- externalhttps://issues.redhat.com/browse/OCPBUGS-47471
- externalhttps://issues.redhat.com/browse/OCPBUGS-52188
- externalhttps://issues.redhat.com/browse/OCPBUGS-53415
- externalhttps://issues.redhat.com/browse/OCPBUGS-54211
- externalhttps://issues.redhat.com/browse/OCPBUGS-54325
- externalhttps://issues.redhat.com/browse/OCPBUGS-54343
- externalhttps://issues.redhat.com/browse/OCPBUGS-54542
- externalhttps://issues.redhat.com/browse/OCPBUGS-54631
- externalhttps://issues.redhat.com/browse/OCPBUGS-54693
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_3798.json