SB2025050947 - Multiple vulnerabilities in Red Hat Satellite

Description

This security bulletin contains information about 4 secuirty vulnerabilities.

1) Input validation error (CVE-ID: CVE-2024-56374)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due lack of upper-bound limit enforcement in strings passed when performing IPv6 validation in clean_ipv6_address() and is_valid_ipv6_address() functions. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.

2) Security features bypass (CVE-ID: CVE-2024-56326)

The vulnerability allows a local user to bypass sandbox restrictions.

The vulnerability exists in the way the Jinja sandboxed environment detects calls to str.format.  A local user with the ability to control the contents of a template can bypass sandbox restrictions.

3) Path traversal (CVE-ID: CVE-2025-27610)

The vulnerability allows a remote attacker to perform directory traversal attacks.

The vulnerability exists due to input validation error when processing directory traversal sequences in Rack::Static. A remote attacker can read arbitrary files on the system.

4) Code Injection (CVE-ID: CVE-2025-27407)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to improper input validation when loading a malicious schema definition in "GraphQL::Schema.from_introspection". A remote attacker can execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Remediation

Install update from vendor's website.

References

• https://access.redhat.com/errata/RHSA-2025:4576