### Key Information - **CVE ID**: CVE-2025-59088 (Bug 2393955) - **Vulnerability Type**: Unauthenticated SSRF via Realm-Controlled DNS SRV - **Priority**: High - **Severity**: High - **Reported Date**: 2025-09-08 21:33 UTC - **Last Modified**: 2025-11-12 17:45 UTC - **Description**: - Unauthenticated clients can control the host and port of proxy connections by selecting a realm that publishes DNS SRV records, leading to unbounded SRV auto-discovery being exploited for server-side connections within trusted boundaries (including localhost/RFC1918). This occurs without port/address policies or upstream response validation, ultimately resulting in SSRF, data leakage, and source spoofing of outbound connections. - **Affected Products**: - Red Hat Enterprise Linux 10 - Red Hat Enterprise Linux 9 - Red Hat Enterprise Linux 8 - **Fixes (RHSA)**: - RHSA-2025:21141 - RHSA-2025:21142 - RHSA-2025:21139 - RHSA-2025:21138 - RHSA-2025:21140 ### Related RHSA Links - [RHSA-2025:21141](https://access.redhat.com/errata/RHSA-2025:21141) - [RHSA-2025:21142](https://access.redhat.com/errata/RHSA-2025:21142) - [RHSA-2025:21139](https://access.redhat.com/errata/RHSA-2025:21139) - [RHSA-2025:21138](https://access.redhat.com/errata/RHSA-2025:21138) - [RHSA-2025:21140](https://access.redhat.com/errata/RHSA-2025:21140)