SB2025121101 - Multiple vulnerabilities in Red Hat OpenShift Container Platform 4.16
Published: December 11, 2025
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 2 vulnerabilities.
1) Improper privilege management (CVE-ID: CVE-2025-11561)
CWE-ID: CWE-269 - Improper Privilege Management
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H/E:U/U:Green
The vulnerability allows a remote user to bypass authorization checks.
The vulnerability exists due to improper privilege management within the Active Directory integration feature. In default configurations, the Kerberos local authentication plugin (sssd_krb5_localauth_plugin) is enabled, but a fallback to the an2ln plugin is possible. This fallback allows an attacker with permission to modify certain AD attributes (such as userPrincipalName or samAccountName) to impersonate privileged users, potentially resulting in unauthorized access or privilege escalation on domain-joined Linux hosts.
2) Creation of Temporary File With Insecure Permissions (CVE-ID: CVE-2025-4953)
CWE-ID: CWE-378 - Creation of Temporary File With Insecure Permissions
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to data written to RUN --mount=type=bind mounts during the podman build is not discarded. A local user can gain access to temporary files.
Remediation
Install update from vendor's website.