SB2025043009 - Multiple vulnerabilities in Red Hat OpenShift Container Platform 4.14

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2025043009

SB2025043009 - Multiple vulnerabilities in Red Hat OpenShift Container Platform 4.14

Published: April 30, 2025

Security Bulletin ID SB2025043009
Severity
High
Patch available
YES
Number of vulnerabilities 11
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 27% Medium 55% Low 18%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 11 secuirty vulnerabilities.


1) Resource exhaustion (CVE-ID: CVE-2025-30204)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to application does not properly control consumption of internal resources within the parse.ParseUnverified function when parsing authorization header. A remote attacker can send a specially crafted HTTP response to the application, trigger resource exhaustion and perform a denial of service (DoS) attack.


2) Use of uninitialized variable (CVE-ID: CVE-2024-26147)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to usage of an uninitialized variable when using the LoadIndexFile or DownloadIndexFile functions in the repo package or the LoadDir function in the plugin package. If index.yaml file or a plugins plugin.yaml file are missing in the repository, the application crashes.


3) Out-of-bounds read (CVE-ID: CVE-2024-53150)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the DESC_LENGTH_CHECK(), validate_clock_source() and validate_clock_selector() functions in sound/usb/clock.c. A local user can perform a denial of service (DoS) attack.


4) Information disclosure (CVE-ID: CVE-2025-29781)

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to the Bare Metal Operator (BMO) can expose any secret from other namespaces via BMCEventSubscription CRD. A local user can gain unauthorized access to sensitive information on the system.


5) Information Exposure Through Timing Discrepancy (CVE-ID: CVE-2024-2236)

The vulnerability allows a remote attacker to perform timing attack.

The vulnerability exists due to an error in libgcrypt's RSA implementation. A remote attacker can initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.


6) Stack-based buffer overflow (CVE-ID: CVE-2024-8176)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when handling XML content. A remote attacker can pass specially crafted XML content to the application, trigger a stack-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


7) Resource exhaustion (CVE-ID: CVE-2024-12133)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to application does not properly control consumption of internal resources processing a large number of SEQUENCE OF or SET OF elements in a certificate. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.


8) Resource exhaustion (CVE-ID: CVE-2024-12243)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to libtasn1 does not properly control consumption of internal resources when decoding certain DER-encoded certificate data. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.


9) Use-after-free (CVE-ID: CVE-2024-55549)

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error in xsltGetInheritedNsList. A remote attacker can pass specially crafted input to the application, trigger a use-after-free error and execute arbitrary code on the system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.


10) Buffer overflow (CVE-ID: CVE-2025-0395)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error when the assert() function fails. A remote attacker can trigger memory corruption and perform a denial of service (DoS) attack.


11) Security features bypass (CVE-ID: CVE-2025-0650)

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to improper handling of UDP packets. A remote attacker can send specially crafted UDP packets that bypass egress access control lists (ACLs) in OVN installations and gain unauthorized access to virtual machines and containers running on the OVN network.

Successful exploitation of the vulnerability requires that ACLs on OVN installations are configured with a logical switch with DNS records set on it and if the same switch has any egress ACLs configured.


Remediation

Install update from vendor's website.

References