SB2025080545 - Multiple vulnerabilities in Red Hat OpenShift Container Platform 4.18

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2025080545

SB2025080545 - Multiple vulnerabilities in Red Hat OpenShift Container Platform 4.18

Published: August 5, 2025

Security Bulletin ID SB2025080545
Severity
High
Patch available
YES
Number of vulnerabilities 12
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 17% Low 83%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 12 secuirty vulnerabilities.


1) Link following (CVE-ID: CVE-2024-45339)

The vulnerability allows a local user to overwrite arbitrary files on the system.

The vulnerability exists due to insecure link following when writing log files. A local user can point a symbolic link to a critical file on the system and overwrite it with the log data.


2) Input validation error (CVE-ID: CVE-2023-52933)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the squashfs_xattr_lookup() function in fs/squashfs/xattr_id.c. A local user can perform a denial of service (DoS) attack.


3) Off-by-one (CVE-ID: CVE-2024-52533)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to an off-by-one error in gio/gsocks4aproxy.c when handling responses from SOCKS4 proxy. A remote attacker can trick the victim into connecting to a malicious SOCKS4 proxy server, trigger an off-by-one error and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


4) Integer overflow (CVE-ID: CVE-2025-4373)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to integer overflow within the g_string_insert_unichar() function in glib/gstring.c. A remote attacker can pass specially crafted data to the application, trigger an integer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


5) Use-after-free (CVE-ID: CVE-2025-21759)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the mld_send_cr() and igmp6_send() functions in net/ipv6/mcast.c. A local user can escalate privileges on the system.


6) Use-after-free (CVE-ID: CVE-2025-22004)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the lec_send() function in net/atm/lec.c. A local user can escalate privileges on the system.


7) Use-after-free (CVE-ID: CVE-2025-22121)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the __ext4_xattr_check_block(), __xattr_check_inode(), ext4_xattr_ibody_get(), ext4_xattr_ibody_list(), ext4_get_inode_usage(), ext4_xattr_ibody_find() and sizeof() functions in fs/ext4/xattr.c, within the ext4_iget_extra_inode() function in fs/ext4/inode.c. A local user can escalate privileges on the system.


8) Use-after-free (CVE-ID: CVE-2025-23150)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the do_split() function in fs/ext4/namei.c. A local user can escalate privileges on the system.


9) Use-after-free (CVE-ID: CVE-2025-37738)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the ext4_xattr_inode_dec_ref_all() function in fs/ext4/xattr.c. A local user can escalate privileges on the system.


10) Out-of-bounds write (CVE-ID: CVE-2025-38110)

The vulnerability allows a local user to execute arbitrary code.

The vulnerability exists due to an out-of-bounds write within the __mdiobus_c45_read() and __mdiobus_c45_write() functions in drivers/net/phy/mdio_bus.c. A local user can execute arbitrary code.


11) Race condition (CVE-ID: CVE-2025-40909)

The vulnerability allows a local user to tamper with application's behavior.

The vulnerability exists due to a race condition if a directory handle is open at thread creation. A local user can exploit the race and force the application to load code or access files from unexpected location.


12) Integer overflow (CVE-ID: CVE-2025-47268)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to an integer overflow within the ping command when handling ICMP Echo Reply packets. A remote attacker can trick the victim to ping a malicious server, trigger an integer overflow and crash the application. 


Remediation

Install update from vendor's website.

References