SB2026011563 - Multiple vulnerabilities in Red Hat OpenShift Container Platform 4.16

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2026011563

SB2026011563 - Multiple vulnerabilities in Red Hat OpenShift Container Platform 4.16

Published: January 15, 2026

Security Bulletin ID SB2026011563
Severity
High
Patch available
YES
Number of vulnerabilities 7
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 14% Medium 86%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 7 secuirty vulnerabilities.


1) Double free (CVE-ID: CVE-2025-5914)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error within the archive_read_format_rar_seek_data() function. A remote attacker can pass specially crafted data to the application, trigger a double free error and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


2) Resource exhaustion (CVE-ID: CVE-2025-8677)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to application does not properly control consumption of internal resources when querying for data within a specially crafted zone containing certain malformed DNSKEY records. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.


3) Insufficient verification of data authenticity (CVE-ID: CVE-2025-40778)

The vulnerability allows a remote attacker to poison DNS cache.

The vulnerability exists due to insufficient verification of data authenticity when accepting records from answers. A remote attacker can inject forged data into the cache leading to DNS cache poisoning. 


4) Predictable Seed in Pseudo-Random Number Generator (PRNG) (CVE-ID: CVE-2025-40780)

The vulnerability allows a remote attacker to poison DNS cache.

The vulnerability exists due to weakness in the Pseudo Random Number Generator (PRNG). A remote attacker can predict the source port and query ID that BIND will use and perform DNS cache poisoning attacks.


5) Resource exhaustion (CVE-ID: CVE-2025-59375)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to application does not properly control consumption of internal resources. A remote attacker can trigger large dynamic memory allocations via a small document and perform a denial of service (DoS) attack.


6) Out-of-bounds read (CVE-ID: CVE-2025-5318)

The vulnerability allows a remote user to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition within the sftp_handle() function. A remote user can trigger an out-of-bounds read error and read contents of memory on the system.


7) Use-after-free (CVE-ID: CVE-2025-11234)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a use-after-free error in websocket handshake code in /io/channel-websock.c. A remote attacker with network access to the VNC WebSocket port can perform a denial of service during the WebSocket handshake prior to the VNC client authentication.


Remediation

Install update from vendor's website.

References