关键漏洞信息 漏洞概述 RHSA-2025:3301: OpenShift Container Platform 4.16.38 bug fix and security update 影响范围 重要性: Important 产品: Red Hat OpenShift Container Platform 4.16 主要修复的漏洞 CVE-2024-9675: Buildah allows arbitrary directory mount CVE-2024-9676: Podman: CRI-O: symbolic traversal vulnerability in the containers/storage library can cause Denial of Service (DoS) CVE-2024-36620: kernel: NULL Pointer Dereference in Moby Moby CVE-2024-50302: kernel: HID core: zero-initialize the report buffer CVE-2025-0624: libnss2: net: Out-of-bounds write in grub_net_search_config_file() CVE-2025-24928: libnss2: Stack-based buffer overflow in xmlSprintfElements of libxml2 CVE-2025-27444: go-jose: Go JOSE's Parsing Vulnerable to Denial of Service 解决方案 用户应升级到OpenShift Container Platform 4.16的最新版本,并应用此安全更新。 参考文档和升级指南可从Red Hat官方文档获取。 受影响的产品 Red Hat OpenShift Container Platform 4.16 for RHEL 9 s390x, aarch64 Red Hat OpenShift Container Platform 4.16 for RHEL 9 ppc64le Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.16 for RHEL 9 s390x Red Hat OpenShift Container Platform for ARM 64 4.16 for RHEL 9 aarch64 其他信息 完整的漏洞列表和详细信息可在参考链接中找到。