SB2025021332 - Multiple vulnerabilities in Red Hat OpenShift Container Platform 4.12

Description

This security bulletin contains information about 5 secuirty vulnerabilities.

1) Use of Uninitialized Variable (CVE-ID: CVE-2024-12085)

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due to information leak when comparing file checksums. A remote attacker can pass specially crafted data to the daemon and read 1 byte of uninitialized memory from stack.

2) Out-of-bounds write (CVE-ID: CVE-2024-53104)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to an out-of-bounds read error within the uvc_parse_format() function in drivers/media/usb/uvc/uvc_driver.c. A local user can trigger an out-of-bounds write and execute arbitrary code on the system.

Note, the vulnerability is being actively exploited in the wild.

3) Code Injection (CVE-ID: CVE-2024-52336)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to improper input validation within the instance_create() D-Bus function. A local user can execute arbitrary script with root privileges.

4) Improper Output Neutralization for Logs (CVE-ID: CVE-2024-52337)

The vulnerability allows a local user to spoof contents of log files.

The vulnerability exists due to improper input validation when handling log API method parameters from the D-Bus interface. A local user can pass specially crafted input into the log file and spoof its content.

5) Security features bypass (CVE-ID: CVE-2024-56326)

The vulnerability allows a local user to bypass sandbox restrictions.

The vulnerability exists in the way the Jinja sandboxed environment detects calls to str.format.  A local user with the ability to control the contents of a template can bypass sandbox restrictions.

Remediation

Install update from vendor's website.

References

• https://access.redhat.com/errata/RHSA-2025:1242