Multiple vulnerabilities in Red Hat OpenShift Container Platform 4.12
| Risk | Critical |
| Patch available | YES |
| Number of vulnerabilities | 10 |
| CVE-ID | CVE-2024-11187 CVE-2024-11218 CVE-2024-21626 CVE-2024-45338 CVE-2024-50302 CVE-2020-11023 CVE-2023-52922 CVE-2024-53197 CVE-2025-1094 CVE-2025-1244 |
| CWE-ID | CWE-400 CWE-264 CWE-254 CWE-401 CWE-79 CWE-416 CWE-787 CWE-20 CWE-78 |
| Exploitation vector | Network |
| Public exploit |
Public exploit code for vulnerability #3 is available. Vulnerability #5 is being exploited in the wild. Vulnerability #6 is being exploited in the wild. Vulnerability #8 is being exploited in the wild. Vulnerability #9 is being exploited in the wild. |
| Vulnerable software |
Red Hat OpenShift Container Platform Client/Desktop applications / Software for system administration |
| Vendor | Red Hat Inc. |
Security Bulletin
This security bulletin contains information about 10 vulnerabilities.
1) Resource exhaustion
EUVDB-ID: #VU103436
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-11187
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control consumption of internal resources when handling DNS zones with numerous records in the Additional section. A remote attacker can trigger resource exhaustion by sending multiple queries to he affected server and perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
Red Hat OpenShift Container Platform: before
CPE2.3 External linkshttps://access.redhat.com/errata/RHSA-2025:2441
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU103500
Risk: Medium
CVSSv4.0: 2.4 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-11218
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote user to escalate privileges on the system.
The vulnerability exists due to improperly imposed security restrictions during the build process. A remote user can leverage usage of a --mount flag in RUN instructions in Containerfiles along with multi-stage builds with use of concurrently-executing build stages or multiple separate but concurrently-executing builds to expose content from the build host and perform read/write operations on the system with privileges of the podman system service.
MitigationInstall updates from vendor's website.
Red Hat OpenShift Container Platform: before
CPE2.3 External linkshttps://access.redhat.com/errata/RHSA-2025:2441
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Security features bypass
EUVDB-ID: #VU85991
Risk: High
CVSSv4.0: 7.5 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Amber]
CVE-ID: CVE-2024-21626
CWE-ID:
CWE-254 - Security Features
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to an internal file descriptor leak that can cause a newly-spawned container process (from runc exec) to have a working directory in the host filesystem namespace or a malicious image to allow a container process to gain access to the host filesystem through runc run. A remote attacker can trick the victim into loading a malicious image to bypass sandbox restrictions and execute arbitrary code on the host OS.
Install updates from vendor's website.
Red Hat OpenShift Container Platform: before
CPE2.3 External linkshttps://access.redhat.com/errata/RHSA-2025:2441
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, a fully functional exploit for this vulnerability is available.
4) Resource exhaustion
EUVDB-ID: #VU101868
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-45338
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control consumption of internal resources in several Parse functions. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
Red Hat OpenShift Container Platform: before
CPE2.3 External linkshttps://access.redhat.com/errata/RHSA-2025:2441
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Memory leak
EUVDB-ID: #VU100611
Risk: Medium
CVSSv4.0: 6.8 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:A/U:Green]
CVE-ID: CVE-2024-50302
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the hid_alloc_report_buf() function in drivers/hid/hid-core.c. A local user can perform a denial of service (DoS) attack.
Note, the vulnerability is being actively exploited in the wild against Android devices.
MitigationInstall updates from vendor's website.
Red Hat OpenShift Container Platform: before
CPE2.3 External linkshttps://access.redhat.com/errata/RHSA-2025:2441
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
Yes. This vulnerability is being exploited in the wild.
6) Cross-site scripting
EUVDB-ID: #VU27519
Risk: Low
CVSSv4.0: 2.1 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:A/U:Clear]
CVE-ID: CVE-2020-11023
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: Yes
DescriptionThe disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data when passing <option> elements to jQuery’s DOM manipulation methods. A remote attacker can execute arbitrary JavaScript code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
MitigationInstall updates from vendor's website.
Red Hat OpenShift Container Platform: before
CPE2.3 External linkshttps://access.redhat.com/errata/RHSA-2025:2441
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
Yes. This vulnerability is being exploited in the wild.
7) Use-after-free
EUVDB-ID: #VU101033
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52922
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the bcm_release() function in net/can/bcm.c. A local user can escalate privileges on the system.
MitigationInstall updates from vendor's website.
Red Hat OpenShift Container Platform: before
CPE2.3 External linkshttps://access.redhat.com/errata/RHSA-2025:2441
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Out-of-bounds write
EUVDB-ID: #VU102090
Risk: High
CVSSv4.0: 8.5 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Amber]
CVE-ID: CVE-2024-53197
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a local user to compromise the affected system.
The vulnerability exists due to an out-of-bounds write error within the snd_usb_create_quirk(), snd_usb_extigy_boot_quirk(), mbox2_setup_48_24_magic() and snd_usb_mbox2_boot_quirk() functions in sound/usb/quirks.c. A local user can trigger an out-of-bounds write and execute arbitrary code on the system.
Note, the vulnerability is being actively exploited against Android devices.
MitigationInstall updates from vendor's website.
Red Hat OpenShift Container Platform: before
CPE2.3 External linkshttps://access.redhat.com/errata/RHSA-2025:2441
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
Yes. This vulnerability is being exploited in the wild.
9) Input validation error
EUVDB-ID: #VU103970
Risk: Critical
CVSSv4.0: 9.2 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Red]
CVE-ID: CVE-2025-1094
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to execute arbitrary SQL queries in the database.
The vulnerability exists due to insufficient validation of quoting syntax in PostgreSQL libpq functions PQescapeLiteral(), PQescapeIdentifier(), PQescapeString(), and PQescapeStringConn() and within the command line utility programs when client_encoding is BIG5 and server_encoding is one of EUC_TW or MULE_INTERNAL. A remote attacker can pass specially crafted input to the application and execute arbitrary SQL queries in the database.
Note, the vulnerability is being actively exploited in the wild.
MitigationInstall updates from vendor's website.
Red Hat OpenShift Container Platform: before
CPE2.3 External linkshttps://access.redhat.com/errata/RHSA-2025:2441
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
Yes. This vulnerability is being exploited in the wild.
10) OS Command Injection
EUVDB-ID: #VU104117
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2025-1244
CWE-ID:
CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary shell commands on the target system.
The vulnerability exists due to improper input validation when handling custom "man" URI schemes. A remote attacker can trick the victim into clicking on a specially crafted URL and execute arbitrary OS commands on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Red Hat OpenShift Container Platform: before
CPE2.3 External linkshttps://access.redhat.com/errata/RHSA-2025:2441
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
