Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-48379 (GCVE-0-2025-48379)
Vulnerability from cvelistv5 – Published: 2025-07-01 18:33 – Updated: 2025-07-01 19:42
VLAI?
EPSS
Title
Pillow Vulnerable to Write Buffer Overflow on BCn encoding
Summary
Pillow is a Python imaging library. In versions 11.2.0 to before 11.3.0, there is a heap buffer overflow when writing a sufficiently large (>64k encoded with default settings) image in the DDS format due to writing into a buffer without checking for available space. This only affects users who save untrusted data as a compressed DDS image. This issue has been patched in version 11.3.0.
Severity ?
7.1 (High)
CWE
- CWE-122 - Heap-based Buffer Overflow
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| python-pillow | Pillow |
Affected:
>= 11.2.0, < 11.3.0
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-48379",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-01T19:42:09.269034Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-01T19:42:22.348Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Pillow",
"vendor": "python-pillow",
"versions": [
{
"status": "affected",
"version": "\u003e= 11.2.0, \u003c 11.3.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Pillow is a Python imaging library. In versions 11.2.0 to before 11.3.0, there is a heap buffer overflow when writing a sufficiently large (\u003e64k encoded with default settings) image in the DDS format due to writing into a buffer without checking for available space. This only affects users who save untrusted data as a compressed DDS image. This issue has been patched in version 11.3.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122: Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-01T18:33:30.687Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/python-pillow/Pillow/security/advisories/GHSA-xg8h-j46f-w952",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/python-pillow/Pillow/security/advisories/GHSA-xg8h-j46f-w952"
},
{
"name": "https://github.com/python-pillow/Pillow/pull/9041",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/python-pillow/Pillow/pull/9041"
},
{
"name": "https://github.com/python-pillow/Pillow/commit/ef98b3510e3e4f14b547762764813d7e5ca3c5a4",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/python-pillow/Pillow/commit/ef98b3510e3e4f14b547762764813d7e5ca3c5a4"
},
{
"name": "https://github.com/python-pillow/Pillow/releases/tag/11.3.0",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/python-pillow/Pillow/releases/tag/11.3.0"
}
],
"source": {
"advisory": "GHSA-xg8h-j46f-w952",
"discovery": "UNKNOWN"
},
"title": "Pillow Vulnerable to Write Buffer Overflow on BCn encoding"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-48379",
"datePublished": "2025-07-01T18:33:30.687Z",
"dateReserved": "2025-05-19T15:46:00.396Z",
"dateUpdated": "2025-07-01T19:42:22.348Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2025-48379\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2025-07-01T19:15:27.353\",\"lastModified\":\"2025-10-15T20:03:42.337\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Pillow is a Python imaging library. In versions 11.2.0 to before 11.3.0, there is a heap buffer overflow when writing a sufficiently large (\u003e64k encoded with default settings) image in the DDS format due to writing into a buffer without checking for available space. This only affects users who save untrusted data as a compressed DDS image. This issue has been patched in version 11.3.0.\"},{\"lang\":\"es\",\"value\":\"Pillow es una librer\u00eda de im\u00e1genes de Python. En las versiones 11.2.0 y anteriores a la 11.3.0, se produce un desbordamiento del b\u00fafer de mont\u00f3n al escribir una imagen suficientemente grande (m\u00e1s de 64k codificada con la configuraci\u00f3n predeterminada) en formato DDS, debido a que se escribe en un b\u00fafer sin comprobar el espacio disponible. Esto solo afecta a los usuarios que guardan datos no confiables como una imagen DDS comprimida. Este problema se ha corregido en la versi\u00f3n 11.3.0. \"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H\",\"baseScore\":7.1,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.2},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-122\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:python:pillow:11.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"15F219D5-60A5-47BB-B062-F6B310B53376\"}]}]}],\"references\":[{\"url\":\"https://github.com/python-pillow/Pillow/commit/ef98b3510e3e4f14b547762764813d7e5ca3c5a4\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/python-pillow/Pillow/pull/9041\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Exploit\",\"Issue Tracking\"]},{\"url\":\"https://github.com/python-pillow/Pillow/releases/tag/11.3.0\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/python-pillow/Pillow/security/advisories/GHSA-xg8h-j46f-w952\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-48379\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-07-01T19:42:09.269034Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-07-01T19:42:11.950Z\"}}], \"cna\": {\"title\": \"Pillow Vulnerable to Write Buffer Overflow on BCn encoding\", \"source\": {\"advisory\": \"GHSA-xg8h-j46f-w952\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.1, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"vendor\": \"python-pillow\", \"product\": \"Pillow\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003e= 11.2.0, \u003c 11.3.0\"}]}], \"references\": [{\"url\": \"https://github.com/python-pillow/Pillow/security/advisories/GHSA-xg8h-j46f-w952\", \"name\": \"https://github.com/python-pillow/Pillow/security/advisories/GHSA-xg8h-j46f-w952\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/python-pillow/Pillow/pull/9041\", \"name\": \"https://github.com/python-pillow/Pillow/pull/9041\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/python-pillow/Pillow/commit/ef98b3510e3e4f14b547762764813d7e5ca3c5a4\", \"name\": \"https://github.com/python-pillow/Pillow/commit/ef98b3510e3e4f14b547762764813d7e5ca3c5a4\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/python-pillow/Pillow/releases/tag/11.3.0\", \"name\": \"https://github.com/python-pillow/Pillow/releases/tag/11.3.0\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Pillow is a Python imaging library. In versions 11.2.0 to before 11.3.0, there is a heap buffer overflow when writing a sufficiently large (\u003e64k encoded with default settings) image in the DDS format due to writing into a buffer without checking for available space. This only affects users who save untrusted data as a compressed DDS image. This issue has been patched in version 11.3.0.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-122\", \"description\": \"CWE-122: Heap-based Buffer Overflow\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2025-07-01T18:33:30.687Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-48379\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-07-01T19:42:22.348Z\", \"dateReserved\": \"2025-05-19T15:46:00.396Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2025-07-01T18:33:30.687Z\", \"assignerShortName\": \"GitHub_M\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
PYSEC-2025-61
Vulnerability from pysec - Published: 2025-07-01 19:15 - Updated: 2025-07-07 14:12
VLAI?
Details
Pillow is a Python imaging library. In versions 11.2.0 to before 11.3.0, there is a heap buffer overflow when writing a sufficiently large (>64k encoded with default settings) image in the DDS format due to writing into a buffer without checking for available space. This only affects users who save untrusted data as a compressed DDS image. This issue has been patched in version 11.3.0.
Impacted products
| Name | purl | pillow | pkg:pypi/pillow |
|---|
Aliases
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "pillow",
"purl": "pkg:pypi/pillow"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "89f1f4626a2aaf5f3d5ca6437f41def2998fbe09"
},
{
"fixed": "ef98b3510e3e4f14b547762764813d7e5ca3c5a4"
}
],
"repo": "https://github.com/python-pillow/pillow",
"type": "GIT"
},
{
"events": [
{
"introduced": "11.2.0"
},
{
"fixed": "11.3.0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"11.2.0",
"11.2.1"
]
}
],
"aliases": [
"CVE-2025-48379",
"GHSA-xg8h-j46f-w952"
],
"details": "Pillow is a Python imaging library. In versions 11.2.0 to before 11.3.0, there is a heap buffer overflow when writing a sufficiently large (\u003e64k encoded with default settings) image in the DDS format due to writing into a buffer without checking for available space. This only affects users who save untrusted data as a compressed DDS image. This issue has been patched in version 11.3.0.",
"id": "PYSEC-2025-61",
"modified": "2025-07-07T14:12:46.226030Z",
"published": "2025-07-01T19:15:27Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/python-pillow/Pillow/security/advisories/GHSA-xg8h-j46f-w952"
},
{
"type": "FIX",
"url": "https://github.com/python-pillow/Pillow/commit/ef98b3510e3e4f14b547762764813d7e5ca3c5a4"
},
{
"type": "WEB",
"url": "https://github.com/python-pillow/Pillow/pull/9041"
},
{
"type": "WEB",
"url": "https://github.com/python-pillow/Pillow/releases/tag/11.3.0"
}
]
}
RHSA-2025:15843
Vulnerability from csaf_redhat - Published: 2025-09-15 16:14 - Updated: 2025-12-18 23:32Summary
Red Hat Security Advisory: Red Hat Enterprise Linux AI 1.5 (AMD)
Notes
Topic
Red Hat Enterprise Linux AI 1.5 (AMD) is now available.
Details
Red Hat® Enterprise Linux® AI is a foundation model platform to seamlessly develop, test, and run Granite family large language models (LLMs) for enterprise applications. This container provides NVIDIA hardware enablement and the InstructLab application stack.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat Enterprise Linux AI 1.5 (AMD) is now available.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat\u00ae Enterprise Linux\u00ae AI is a foundation model platform to seamlessly develop, test, and run Granite family large language models (LLMs) for enterprise applications. This container provides NVIDIA hardware enablement and the InstructLab application stack.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:15843",
"url": "https://access.redhat.com/errata/RHSA-2025:15843"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-48379",
"url": "https://access.redhat.com/security/cve/CVE-2025-48379"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/cve-2025-47277",
"url": "https://access.redhat.com/security/cve/cve-2025-47277"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://www.redhat.com/en/technologies/linux-platforms/enterprise-linux/ai",
"url": "https://www.redhat.com/en/technologies/linux-platforms/enterprise-linux/ai"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_15843.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Enterprise Linux AI 1.5 (AMD)",
"tracking": {
"current_release_date": "2025-12-18T23:32:33+00:00",
"generator": {
"date": "2025-12-18T23:32:33+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.14"
}
},
"id": "RHSA-2025:15843",
"initial_release_date": "2025-09-15T16:14:09+00:00",
"revision_history": [
{
"date": "2025-09-15T16:14:09+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-11-17T22:18:45+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-12-18T23:32:33+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AI 1.5",
"product": {
"name": "Red Hat Enterprise Linux AI 1.5",
"product_id": "Red Hat Enterprise Linux AI 1.5",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux_ai:1.5::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux AI"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhelai1/instructlab-amd-rhel9@sha256:f34417c39c2f3b78f306d4249e892a9edf61f2a88bb18a3484c1df9716bdd324_amd64",
"product": {
"name": "registry.redhat.io/rhelai1/instructlab-amd-rhel9@sha256:f34417c39c2f3b78f306d4249e892a9edf61f2a88bb18a3484c1df9716bdd324_amd64",
"product_id": "registry.redhat.io/rhelai1/instructlab-amd-rhel9@sha256:f34417c39c2f3b78f306d4249e892a9edf61f2a88bb18a3484c1df9716bdd324_amd64",
"product_identification_helper": {
"purl": "pkg:oci/instructlab-amd-rhel9@sha256%3Af34417c39c2f3b78f306d4249e892a9edf61f2a88bb18a3484c1df9716bdd324?arch=amd64\u0026repository_url=registry.redhat.io/rhelai1\u0026tag=1.5.3-1756791391"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhelai1/instructlab-amd-rhel9@sha256:f34417c39c2f3b78f306d4249e892a9edf61f2a88bb18a3484c1df9716bdd324_amd64 as a component of Red Hat Enterprise Linux AI 1.5",
"product_id": "Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/instructlab-amd-rhel9@sha256:f34417c39c2f3b78f306d4249e892a9edf61f2a88bb18a3484c1df9716bdd324_amd64"
},
"product_reference": "registry.redhat.io/rhelai1/instructlab-amd-rhel9@sha256:f34417c39c2f3b78f306d4249e892a9edf61f2a88bb18a3484c1df9716bdd324_amd64",
"relates_to_product_reference": "Red Hat Enterprise Linux AI 1.5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-47277",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2025-05-20T18:00:58.703636+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2367605"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in vLLM. This vulnerability allows unauthorized access to key-value caches via network exposure of the `TCPStore` interface when using the `PyNcclPipe` KV cache transfer integration with the V0 engine.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vllm: vLLM Allows Remote Code Execution via PyNcclPipe Communication Service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "By default, Red Hat products are configured to restrict vLLM nodes to an isolated network. However, this vulnerability could become relevant if customers change the specific configurations, and therefore, Red Hat products are affected.\n\nThis vulnerability is classified as Moderate rather than Critical because its exploitability and impact are constrained by specific deployment contexts and assumptions about network trust boundaries. While the use of pickle.loads on untrusted input typically leads to remote code execution (RCE), the vulnerable PyNcclPipe interface is not intended to be exposed to the internet or untrusted networks, it is designed for use within a secured, internal cluster environment as explicitly documented by vLLM. Successful exploitation requires an attacker to have direct network access to a misconfigured or poorly segmented system where the KV cache transfer service is bound to a public interface. Additionally, the vulnerable code path exists only in a niche configuration (V0 engine with PyNcclPipe), further reducing its exposure. Therefore, while the flaw does introduce RCE risk in misconfigured setups, the combination of non-default exposure, clear documentation, and limited applicability justifies a reduced impact.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/instructlab-amd-rhel9@sha256:f34417c39c2f3b78f306d4249e892a9edf61f2a88bb18a3484c1df9716bdd324_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-47277"
},
{
"category": "external",
"summary": "RHBZ#2367605",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2367605"
},
{
"category": "external",
"summary": "RHSB-2025-001",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2025-001"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-47277",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47277"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-47277",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47277"
},
{
"category": "external",
"summary": "https://docs.vllm.ai/en/latest/deployment/security.html",
"url": "https://docs.vllm.ai/en/latest/deployment/security.html"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/commit/0d6e187e88874c39cda7409cf673f9e6546893e7",
"url": "https://github.com/vllm-project/vllm/commit/0d6e187e88874c39cda7409cf673f9e6546893e7"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/pull/15988",
"url": "https://github.com/vllm-project/vllm/pull/15988"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/security/advisories/GHSA-hjq4-87xh-g4fv",
"url": "https://github.com/vllm-project/vllm/security/advisories/GHSA-hjq4-87xh-g4fv"
}
],
"release_date": "2025-05-20T17:32:27.034000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-09-15T16:14:09+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:15843",
"product_ids": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/instructlab-amd-rhel9@sha256:f34417c39c2f3b78f306d4249e892a9edf61f2a88bb18a3484c1df9716bdd324_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:15843"
},
{
"category": "workaround",
"details": "No mitigation is currently available that meets Red Hat Product Security\u2019s standards for usability, deployment, applicability, or stability.",
"product_ids": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/instructlab-amd-rhel9@sha256:f34417c39c2f3b78f306d4249e892a9edf61f2a88bb18a3484c1df9716bdd324_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/instructlab-amd-rhel9@sha256:f34417c39c2f3b78f306d4249e892a9edf61f2a88bb18a3484c1df9716bdd324_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "vllm: vLLM Allows Remote Code Execution via PyNcclPipe Communication Service"
},
{
"cve": "CVE-2025-48379",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"discovery_date": "2025-07-01T19:00:57.380377+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2375795"
}
],
"notes": [
{
"category": "description",
"text": "A critical vulnerability was identified in the Pillow image processing library. This flaw could allow a local attacker to execute arbitrary code or cause the application to crash, resulting in a denial of service. An attacker can exploit this vulnerability by tricking an application into processing a specially crafted image file. The issue occurs because the library writes more data than an allocated memory buffer can hold, leading to memory corruption.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-pillow: pillow: Pillow DDS Heap Buffer Overflow",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability was rated as Important by the Red Hat Product Security Engineer. An attacker may leverage that by crafting a malicious DDS image bigger than 64k (when encoded). This happens because of the lack of size checking when writing the image data into an internal buffer. When successfully exploited, this vulnerability may lead to a local arbitrary code execution within the user privileges similar to the ones for the user running the application or a denial of service for the application consuming the Pillow library.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/instructlab-amd-rhel9@sha256:f34417c39c2f3b78f306d4249e892a9edf61f2a88bb18a3484c1df9716bdd324_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-48379"
},
{
"category": "external",
"summary": "RHBZ#2375795",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2375795"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-48379",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48379"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-48379",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-48379"
},
{
"category": "external",
"summary": "https://github.com/python-pillow/Pillow/commit/ef98b3510e3e4f14b547762764813d7e5ca3c5a4",
"url": "https://github.com/python-pillow/Pillow/commit/ef98b3510e3e4f14b547762764813d7e5ca3c5a4"
},
{
"category": "external",
"summary": "https://github.com/python-pillow/Pillow/pull/9041",
"url": "https://github.com/python-pillow/Pillow/pull/9041"
},
{
"category": "external",
"summary": "https://github.com/python-pillow/Pillow/releases/tag/11.3.0",
"url": "https://github.com/python-pillow/Pillow/releases/tag/11.3.0"
},
{
"category": "external",
"summary": "https://github.com/python-pillow/Pillow/security/advisories/GHSA-xg8h-j46f-w952",
"url": "https://github.com/python-pillow/Pillow/security/advisories/GHSA-xg8h-j46f-w952"
}
],
"release_date": "2025-07-01T18:33:30.687000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-09-15T16:14:09+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:15843",
"product_ids": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/instructlab-amd-rhel9@sha256:f34417c39c2f3b78f306d4249e892a9edf61f2a88bb18a3484c1df9716bdd324_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:15843"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/instructlab-amd-rhel9@sha256:f34417c39c2f3b78f306d4249e892a9edf61f2a88bb18a3484c1df9716bdd324_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/instructlab-amd-rhel9@sha256:f34417c39c2f3b78f306d4249e892a9edf61f2a88bb18a3484c1df9716bdd324_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "python-pillow: pillow: Pillow DDS Heap Buffer Overflow"
}
]
}
RHSA-2025:15841
Vulnerability from csaf_redhat - Published: 2025-09-15 16:11 - Updated: 2025-12-18 23:32Summary
Red Hat Security Advisory: Red Hat Enterprise Linux AI 1.5 (NVIDIA)
Notes
Topic
Red Hat Enterprise Linux AI 1.5 (NVIDIA) is now available.
Details
Red Hat® Enterprise Linux® AI is a foundation model platform to seamlessly develop, test, and run Granite family large language models (LLMs) for enterprise applications.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat Enterprise Linux AI 1.5 (NVIDIA) is now available.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat\u00ae Enterprise Linux\u00ae AI is a foundation model platform to seamlessly develop, test, and run Granite family large language models (LLMs) for enterprise applications.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:15841",
"url": "https://access.redhat.com/errata/RHSA-2025:15841"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-48379",
"url": "https://access.redhat.com/security/cve/CVE-2025-48379"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/cve-2025-47277",
"url": "https://access.redhat.com/security/cve/cve-2025-47277"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://www.redhat.com/en/technologies/linux-platforms/enterprise-linux/ai",
"url": "https://www.redhat.com/en/technologies/linux-platforms/enterprise-linux/ai"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_15841.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Enterprise Linux AI 1.5 (NVIDIA)",
"tracking": {
"current_release_date": "2025-12-18T23:32:26+00:00",
"generator": {
"date": "2025-12-18T23:32:26+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.14"
}
},
"id": "RHSA-2025:15841",
"initial_release_date": "2025-09-15T16:11:26+00:00",
"revision_history": [
{
"date": "2025-09-15T16:11:26+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-11-17T22:18:45+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-12-18T23:32:26+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AI 1.5",
"product": {
"name": "Red Hat Enterprise Linux AI 1.5",
"product_id": "Red Hat Enterprise Linux AI 1.5",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux_ai:1.5::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux AI"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhelai1/bootc-nvidia-rhel9@sha256:539b3bb9fc9330fe7237b7292ce8b112a38dd22bfff9f090e82a518f9b2f2376_amd64",
"product": {
"name": "registry.redhat.io/rhelai1/bootc-nvidia-rhel9@sha256:539b3bb9fc9330fe7237b7292ce8b112a38dd22bfff9f090e82a518f9b2f2376_amd64",
"product_id": "registry.redhat.io/rhelai1/bootc-nvidia-rhel9@sha256:539b3bb9fc9330fe7237b7292ce8b112a38dd22bfff9f090e82a518f9b2f2376_amd64",
"product_identification_helper": {
"purl": "pkg:oci/bootc-nvidia-rhel9@sha256%3A539b3bb9fc9330fe7237b7292ce8b112a38dd22bfff9f090e82a518f9b2f2376?arch=amd64\u0026repository_url=registry.redhat.io/rhelai1\u0026tag=1.5.3-1756799326"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhelai1/bootc-nvidia-rhel9@sha256:4a40fcdfb64b4cec6dfb0d0ee5c475fc89124ce80d911dd85f5951238b6c980c_arm64",
"product": {
"name": "registry.redhat.io/rhelai1/bootc-nvidia-rhel9@sha256:4a40fcdfb64b4cec6dfb0d0ee5c475fc89124ce80d911dd85f5951238b6c980c_arm64",
"product_id": "registry.redhat.io/rhelai1/bootc-nvidia-rhel9@sha256:4a40fcdfb64b4cec6dfb0d0ee5c475fc89124ce80d911dd85f5951238b6c980c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/bootc-nvidia-rhel9@sha256%3A4a40fcdfb64b4cec6dfb0d0ee5c475fc89124ce80d911dd85f5951238b6c980c?arch=arm64\u0026repository_url=registry.redhat.io/rhelai1\u0026tag=1.5.3-1756799326"
}
}
}
],
"category": "architecture",
"name": "arm64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhelai1/bootc-nvidia-rhel9@sha256:4a40fcdfb64b4cec6dfb0d0ee5c475fc89124ce80d911dd85f5951238b6c980c_arm64 as a component of Red Hat Enterprise Linux AI 1.5",
"product_id": "Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/bootc-nvidia-rhel9@sha256:4a40fcdfb64b4cec6dfb0d0ee5c475fc89124ce80d911dd85f5951238b6c980c_arm64"
},
"product_reference": "registry.redhat.io/rhelai1/bootc-nvidia-rhel9@sha256:4a40fcdfb64b4cec6dfb0d0ee5c475fc89124ce80d911dd85f5951238b6c980c_arm64",
"relates_to_product_reference": "Red Hat Enterprise Linux AI 1.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhelai1/bootc-nvidia-rhel9@sha256:539b3bb9fc9330fe7237b7292ce8b112a38dd22bfff9f090e82a518f9b2f2376_amd64 as a component of Red Hat Enterprise Linux AI 1.5",
"product_id": "Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/bootc-nvidia-rhel9@sha256:539b3bb9fc9330fe7237b7292ce8b112a38dd22bfff9f090e82a518f9b2f2376_amd64"
},
"product_reference": "registry.redhat.io/rhelai1/bootc-nvidia-rhel9@sha256:539b3bb9fc9330fe7237b7292ce8b112a38dd22bfff9f090e82a518f9b2f2376_amd64",
"relates_to_product_reference": "Red Hat Enterprise Linux AI 1.5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-47277",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2025-05-20T18:00:58.703636+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2367605"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in vLLM. This vulnerability allows unauthorized access to key-value caches via network exposure of the `TCPStore` interface when using the `PyNcclPipe` KV cache transfer integration with the V0 engine.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vllm: vLLM Allows Remote Code Execution via PyNcclPipe Communication Service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "By default, Red Hat products are configured to restrict vLLM nodes to an isolated network. However, this vulnerability could become relevant if customers change the specific configurations, and therefore, Red Hat products are affected.\n\nThis vulnerability is classified as Moderate rather than Critical because its exploitability and impact are constrained by specific deployment contexts and assumptions about network trust boundaries. While the use of pickle.loads on untrusted input typically leads to remote code execution (RCE), the vulnerable PyNcclPipe interface is not intended to be exposed to the internet or untrusted networks, it is designed for use within a secured, internal cluster environment as explicitly documented by vLLM. Successful exploitation requires an attacker to have direct network access to a misconfigured or poorly segmented system where the KV cache transfer service is bound to a public interface. Additionally, the vulnerable code path exists only in a niche configuration (V0 engine with PyNcclPipe), further reducing its exposure. Therefore, while the flaw does introduce RCE risk in misconfigured setups, the combination of non-default exposure, clear documentation, and limited applicability justifies a reduced impact.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/bootc-nvidia-rhel9@sha256:4a40fcdfb64b4cec6dfb0d0ee5c475fc89124ce80d911dd85f5951238b6c980c_arm64",
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/bootc-nvidia-rhel9@sha256:539b3bb9fc9330fe7237b7292ce8b112a38dd22bfff9f090e82a518f9b2f2376_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-47277"
},
{
"category": "external",
"summary": "RHBZ#2367605",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2367605"
},
{
"category": "external",
"summary": "RHSB-2025-001",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2025-001"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-47277",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47277"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-47277",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47277"
},
{
"category": "external",
"summary": "https://docs.vllm.ai/en/latest/deployment/security.html",
"url": "https://docs.vllm.ai/en/latest/deployment/security.html"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/commit/0d6e187e88874c39cda7409cf673f9e6546893e7",
"url": "https://github.com/vllm-project/vllm/commit/0d6e187e88874c39cda7409cf673f9e6546893e7"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/pull/15988",
"url": "https://github.com/vllm-project/vllm/pull/15988"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/security/advisories/GHSA-hjq4-87xh-g4fv",
"url": "https://github.com/vllm-project/vllm/security/advisories/GHSA-hjq4-87xh-g4fv"
}
],
"release_date": "2025-05-20T17:32:27.034000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-09-15T16:11:26+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:15841",
"product_ids": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/bootc-nvidia-rhel9@sha256:4a40fcdfb64b4cec6dfb0d0ee5c475fc89124ce80d911dd85f5951238b6c980c_arm64",
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/bootc-nvidia-rhel9@sha256:539b3bb9fc9330fe7237b7292ce8b112a38dd22bfff9f090e82a518f9b2f2376_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:15841"
},
{
"category": "workaround",
"details": "No mitigation is currently available that meets Red Hat Product Security\u2019s standards for usability, deployment, applicability, or stability.",
"product_ids": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/bootc-nvidia-rhel9@sha256:4a40fcdfb64b4cec6dfb0d0ee5c475fc89124ce80d911dd85f5951238b6c980c_arm64",
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/bootc-nvidia-rhel9@sha256:539b3bb9fc9330fe7237b7292ce8b112a38dd22bfff9f090e82a518f9b2f2376_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/bootc-nvidia-rhel9@sha256:4a40fcdfb64b4cec6dfb0d0ee5c475fc89124ce80d911dd85f5951238b6c980c_arm64",
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/bootc-nvidia-rhel9@sha256:539b3bb9fc9330fe7237b7292ce8b112a38dd22bfff9f090e82a518f9b2f2376_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "vllm: vLLM Allows Remote Code Execution via PyNcclPipe Communication Service"
},
{
"cve": "CVE-2025-48379",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"discovery_date": "2025-07-01T19:00:57.380377+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2375795"
}
],
"notes": [
{
"category": "description",
"text": "A critical vulnerability was identified in the Pillow image processing library. This flaw could allow a local attacker to execute arbitrary code or cause the application to crash, resulting in a denial of service. An attacker can exploit this vulnerability by tricking an application into processing a specially crafted image file. The issue occurs because the library writes more data than an allocated memory buffer can hold, leading to memory corruption.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-pillow: pillow: Pillow DDS Heap Buffer Overflow",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability was rated as Important by the Red Hat Product Security Engineer. An attacker may leverage that by crafting a malicious DDS image bigger than 64k (when encoded). This happens because of the lack of size checking when writing the image data into an internal buffer. When successfully exploited, this vulnerability may lead to a local arbitrary code execution within the user privileges similar to the ones for the user running the application or a denial of service for the application consuming the Pillow library.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/bootc-nvidia-rhel9@sha256:4a40fcdfb64b4cec6dfb0d0ee5c475fc89124ce80d911dd85f5951238b6c980c_arm64",
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/bootc-nvidia-rhel9@sha256:539b3bb9fc9330fe7237b7292ce8b112a38dd22bfff9f090e82a518f9b2f2376_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-48379"
},
{
"category": "external",
"summary": "RHBZ#2375795",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2375795"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-48379",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48379"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-48379",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-48379"
},
{
"category": "external",
"summary": "https://github.com/python-pillow/Pillow/commit/ef98b3510e3e4f14b547762764813d7e5ca3c5a4",
"url": "https://github.com/python-pillow/Pillow/commit/ef98b3510e3e4f14b547762764813d7e5ca3c5a4"
},
{
"category": "external",
"summary": "https://github.com/python-pillow/Pillow/pull/9041",
"url": "https://github.com/python-pillow/Pillow/pull/9041"
},
{
"category": "external",
"summary": "https://github.com/python-pillow/Pillow/releases/tag/11.3.0",
"url": "https://github.com/python-pillow/Pillow/releases/tag/11.3.0"
},
{
"category": "external",
"summary": "https://github.com/python-pillow/Pillow/security/advisories/GHSA-xg8h-j46f-w952",
"url": "https://github.com/python-pillow/Pillow/security/advisories/GHSA-xg8h-j46f-w952"
}
],
"release_date": "2025-07-01T18:33:30.687000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-09-15T16:11:26+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:15841",
"product_ids": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/bootc-nvidia-rhel9@sha256:4a40fcdfb64b4cec6dfb0d0ee5c475fc89124ce80d911dd85f5951238b6c980c_arm64",
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/bootc-nvidia-rhel9@sha256:539b3bb9fc9330fe7237b7292ce8b112a38dd22bfff9f090e82a518f9b2f2376_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:15841"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/bootc-nvidia-rhel9@sha256:4a40fcdfb64b4cec6dfb0d0ee5c475fc89124ce80d911dd85f5951238b6c980c_arm64",
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/bootc-nvidia-rhel9@sha256:539b3bb9fc9330fe7237b7292ce8b112a38dd22bfff9f090e82a518f9b2f2376_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/bootc-nvidia-rhel9@sha256:4a40fcdfb64b4cec6dfb0d0ee5c475fc89124ce80d911dd85f5951238b6c980c_arm64",
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/bootc-nvidia-rhel9@sha256:539b3bb9fc9330fe7237b7292ce8b112a38dd22bfff9f090e82a518f9b2f2376_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "python-pillow: pillow: Pillow DDS Heap Buffer Overflow"
}
]
}
RHSA-2025:15842
Vulnerability from csaf_redhat - Published: 2025-09-15 16:11 - Updated: 2025-12-18 23:32Summary
Red Hat Security Advisory: Red Hat Enterprise Linux AI 1.5 (NVIDIA)
Notes
Topic
Red Hat Enterprise Linux AI 1.5 (NVIDIA) is now available.
Details
Red Hat® Enterprise Linux® AI is a foundation model platform to seamlessly develop, test, and run Granite family large language models (LLMs) for enterprise applications.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat Enterprise Linux AI 1.5 (NVIDIA) is now available.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat\u00ae Enterprise Linux\u00ae AI is a foundation model platform to seamlessly develop, test, and run Granite family large language models (LLMs) for enterprise applications.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:15842",
"url": "https://access.redhat.com/errata/RHSA-2025:15842"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-48379",
"url": "https://access.redhat.com/security/cve/CVE-2025-48379"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/cve-2025-47277",
"url": "https://access.redhat.com/security/cve/cve-2025-47277"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://www.redhat.com/en/technologies/linux-platforms/enterprise-linux/ai",
"url": "https://www.redhat.com/en/technologies/linux-platforms/enterprise-linux/ai"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_15842.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Enterprise Linux AI 1.5 (NVIDIA)",
"tracking": {
"current_release_date": "2025-12-18T23:32:28+00:00",
"generator": {
"date": "2025-12-18T23:32:28+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.14"
}
},
"id": "RHSA-2025:15842",
"initial_release_date": "2025-09-15T16:11:25+00:00",
"revision_history": [
{
"date": "2025-09-15T16:11:25+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-11-17T22:18:45+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-12-18T23:32:28+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AI 1.5",
"product": {
"name": "Red Hat Enterprise Linux AI 1.5",
"product_id": "Red Hat Enterprise Linux AI 1.5",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux_ai:1.5::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux AI"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhelai1/bootc-azure-nvidia-rhel9@sha256:0981388b134c612dde4275c1f9570d5cb684117ede06e12edbc021eb8e1529d2_amd64",
"product": {
"name": "registry.redhat.io/rhelai1/bootc-azure-nvidia-rhel9@sha256:0981388b134c612dde4275c1f9570d5cb684117ede06e12edbc021eb8e1529d2_amd64",
"product_id": "registry.redhat.io/rhelai1/bootc-azure-nvidia-rhel9@sha256:0981388b134c612dde4275c1f9570d5cb684117ede06e12edbc021eb8e1529d2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/bootc-azure-nvidia-rhel9@sha256%3A0981388b134c612dde4275c1f9570d5cb684117ede06e12edbc021eb8e1529d2?arch=amd64\u0026repository_url=registry.redhat.io/rhelai1\u0026tag=1.5.3-1756815370"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhelai1/bootc-azure-nvidia-rhel9@sha256:0981388b134c612dde4275c1f9570d5cb684117ede06e12edbc021eb8e1529d2_amd64 as a component of Red Hat Enterprise Linux AI 1.5",
"product_id": "Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/bootc-azure-nvidia-rhel9@sha256:0981388b134c612dde4275c1f9570d5cb684117ede06e12edbc021eb8e1529d2_amd64"
},
"product_reference": "registry.redhat.io/rhelai1/bootc-azure-nvidia-rhel9@sha256:0981388b134c612dde4275c1f9570d5cb684117ede06e12edbc021eb8e1529d2_amd64",
"relates_to_product_reference": "Red Hat Enterprise Linux AI 1.5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-47277",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2025-05-20T18:00:58.703636+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2367605"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in vLLM. This vulnerability allows unauthorized access to key-value caches via network exposure of the `TCPStore` interface when using the `PyNcclPipe` KV cache transfer integration with the V0 engine.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vllm: vLLM Allows Remote Code Execution via PyNcclPipe Communication Service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "By default, Red Hat products are configured to restrict vLLM nodes to an isolated network. However, this vulnerability could become relevant if customers change the specific configurations, and therefore, Red Hat products are affected.\n\nThis vulnerability is classified as Moderate rather than Critical because its exploitability and impact are constrained by specific deployment contexts and assumptions about network trust boundaries. While the use of pickle.loads on untrusted input typically leads to remote code execution (RCE), the vulnerable PyNcclPipe interface is not intended to be exposed to the internet or untrusted networks, it is designed for use within a secured, internal cluster environment as explicitly documented by vLLM. Successful exploitation requires an attacker to have direct network access to a misconfigured or poorly segmented system where the KV cache transfer service is bound to a public interface. Additionally, the vulnerable code path exists only in a niche configuration (V0 engine with PyNcclPipe), further reducing its exposure. Therefore, while the flaw does introduce RCE risk in misconfigured setups, the combination of non-default exposure, clear documentation, and limited applicability justifies a reduced impact.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/bootc-azure-nvidia-rhel9@sha256:0981388b134c612dde4275c1f9570d5cb684117ede06e12edbc021eb8e1529d2_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-47277"
},
{
"category": "external",
"summary": "RHBZ#2367605",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2367605"
},
{
"category": "external",
"summary": "RHSB-2025-001",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2025-001"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-47277",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47277"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-47277",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47277"
},
{
"category": "external",
"summary": "https://docs.vllm.ai/en/latest/deployment/security.html",
"url": "https://docs.vllm.ai/en/latest/deployment/security.html"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/commit/0d6e187e88874c39cda7409cf673f9e6546893e7",
"url": "https://github.com/vllm-project/vllm/commit/0d6e187e88874c39cda7409cf673f9e6546893e7"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/pull/15988",
"url": "https://github.com/vllm-project/vllm/pull/15988"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/security/advisories/GHSA-hjq4-87xh-g4fv",
"url": "https://github.com/vllm-project/vllm/security/advisories/GHSA-hjq4-87xh-g4fv"
}
],
"release_date": "2025-05-20T17:32:27.034000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-09-15T16:11:25+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:15842",
"product_ids": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/bootc-azure-nvidia-rhel9@sha256:0981388b134c612dde4275c1f9570d5cb684117ede06e12edbc021eb8e1529d2_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:15842"
},
{
"category": "workaround",
"details": "No mitigation is currently available that meets Red Hat Product Security\u2019s standards for usability, deployment, applicability, or stability.",
"product_ids": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/bootc-azure-nvidia-rhel9@sha256:0981388b134c612dde4275c1f9570d5cb684117ede06e12edbc021eb8e1529d2_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/bootc-azure-nvidia-rhel9@sha256:0981388b134c612dde4275c1f9570d5cb684117ede06e12edbc021eb8e1529d2_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "vllm: vLLM Allows Remote Code Execution via PyNcclPipe Communication Service"
},
{
"cve": "CVE-2025-48379",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"discovery_date": "2025-07-01T19:00:57.380377+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2375795"
}
],
"notes": [
{
"category": "description",
"text": "A critical vulnerability was identified in the Pillow image processing library. This flaw could allow a local attacker to execute arbitrary code or cause the application to crash, resulting in a denial of service. An attacker can exploit this vulnerability by tricking an application into processing a specially crafted image file. The issue occurs because the library writes more data than an allocated memory buffer can hold, leading to memory corruption.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-pillow: pillow: Pillow DDS Heap Buffer Overflow",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability was rated as Important by the Red Hat Product Security Engineer. An attacker may leverage that by crafting a malicious DDS image bigger than 64k (when encoded). This happens because of the lack of size checking when writing the image data into an internal buffer. When successfully exploited, this vulnerability may lead to a local arbitrary code execution within the user privileges similar to the ones for the user running the application or a denial of service for the application consuming the Pillow library.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/bootc-azure-nvidia-rhel9@sha256:0981388b134c612dde4275c1f9570d5cb684117ede06e12edbc021eb8e1529d2_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-48379"
},
{
"category": "external",
"summary": "RHBZ#2375795",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2375795"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-48379",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48379"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-48379",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-48379"
},
{
"category": "external",
"summary": "https://github.com/python-pillow/Pillow/commit/ef98b3510e3e4f14b547762764813d7e5ca3c5a4",
"url": "https://github.com/python-pillow/Pillow/commit/ef98b3510e3e4f14b547762764813d7e5ca3c5a4"
},
{
"category": "external",
"summary": "https://github.com/python-pillow/Pillow/pull/9041",
"url": "https://github.com/python-pillow/Pillow/pull/9041"
},
{
"category": "external",
"summary": "https://github.com/python-pillow/Pillow/releases/tag/11.3.0",
"url": "https://github.com/python-pillow/Pillow/releases/tag/11.3.0"
},
{
"category": "external",
"summary": "https://github.com/python-pillow/Pillow/security/advisories/GHSA-xg8h-j46f-w952",
"url": "https://github.com/python-pillow/Pillow/security/advisories/GHSA-xg8h-j46f-w952"
}
],
"release_date": "2025-07-01T18:33:30.687000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-09-15T16:11:25+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:15842",
"product_ids": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/bootc-azure-nvidia-rhel9@sha256:0981388b134c612dde4275c1f9570d5cb684117ede06e12edbc021eb8e1529d2_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:15842"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/bootc-azure-nvidia-rhel9@sha256:0981388b134c612dde4275c1f9570d5cb684117ede06e12edbc021eb8e1529d2_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/bootc-azure-nvidia-rhel9@sha256:0981388b134c612dde4275c1f9570d5cb684117ede06e12edbc021eb8e1529d2_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "python-pillow: pillow: Pillow DDS Heap Buffer Overflow"
}
]
}
RHSA-2025:15840
Vulnerability from csaf_redhat - Published: 2025-09-15 16:11 - Updated: 2025-12-18 23:32Summary
Red Hat Security Advisory: Red Hat Enterprise Linux AI 1.5 (AMD)
Notes
Topic
Red Hat Enterprise Linux AI 1.5 (AMD) is now available.
Details
Red Hat® Enterprise Linux® AI is a foundation model platform to seamlessly develop, test, and run Granite family large language models (LLMs) for enterprise applications.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat Enterprise Linux AI 1.5 (AMD) is now available.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat\u00ae Enterprise Linux\u00ae AI is a foundation model platform to seamlessly develop, test, and run Granite family large language models (LLMs) for enterprise applications.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:15840",
"url": "https://access.redhat.com/errata/RHSA-2025:15840"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-48379",
"url": "https://access.redhat.com/security/cve/CVE-2025-48379"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/cve-2025-47277",
"url": "https://access.redhat.com/security/cve/cve-2025-47277"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://www.redhat.com/en/technologies/linux-platforms/enterprise-linux/ai",
"url": "https://www.redhat.com/en/technologies/linux-platforms/enterprise-linux/ai"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_15840.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Enterprise Linux AI 1.5 (AMD)",
"tracking": {
"current_release_date": "2025-12-18T23:32:26+00:00",
"generator": {
"date": "2025-12-18T23:32:26+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.14"
}
},
"id": "RHSA-2025:15840",
"initial_release_date": "2025-09-15T16:11:16+00:00",
"revision_history": [
{
"date": "2025-09-15T16:11:16+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-11-18T18:18:11+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-12-18T23:32:26+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AI 1.5",
"product": {
"name": "Red Hat Enterprise Linux AI 1.5",
"product_id": "Red Hat Enterprise Linux AI 1.5",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux_ai:1.5::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux AI"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhelai1/bootc-azure-amd-rhel9@sha256:49cfb622a1dc03438e4683661257d8e178d32bf508cbf649ba4637b9a4b79180_amd64",
"product": {
"name": "registry.redhat.io/rhelai1/bootc-azure-amd-rhel9@sha256:49cfb622a1dc03438e4683661257d8e178d32bf508cbf649ba4637b9a4b79180_amd64",
"product_id": "registry.redhat.io/rhelai1/bootc-azure-amd-rhel9@sha256:49cfb622a1dc03438e4683661257d8e178d32bf508cbf649ba4637b9a4b79180_amd64",
"product_identification_helper": {
"purl": "pkg:oci/bootc-azure-amd-rhel9@sha256%3A49cfb622a1dc03438e4683661257d8e178d32bf508cbf649ba4637b9a4b79180?arch=amd64\u0026repository_url=registry.redhat.io/rhelai1\u0026tag=1.5.3-1756815221"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhelai1/bootc-azure-amd-rhel9@sha256:49cfb622a1dc03438e4683661257d8e178d32bf508cbf649ba4637b9a4b79180_amd64 as a component of Red Hat Enterprise Linux AI 1.5",
"product_id": "Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/bootc-azure-amd-rhel9@sha256:49cfb622a1dc03438e4683661257d8e178d32bf508cbf649ba4637b9a4b79180_amd64"
},
"product_reference": "registry.redhat.io/rhelai1/bootc-azure-amd-rhel9@sha256:49cfb622a1dc03438e4683661257d8e178d32bf508cbf649ba4637b9a4b79180_amd64",
"relates_to_product_reference": "Red Hat Enterprise Linux AI 1.5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-47277",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2025-05-20T18:00:58.703636+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2367605"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in vLLM. This vulnerability allows unauthorized access to key-value caches via network exposure of the `TCPStore` interface when using the `PyNcclPipe` KV cache transfer integration with the V0 engine.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vllm: vLLM Allows Remote Code Execution via PyNcclPipe Communication Service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "By default, Red Hat products are configured to restrict vLLM nodes to an isolated network. However, this vulnerability could become relevant if customers change the specific configurations, and therefore, Red Hat products are affected.\n\nThis vulnerability is classified as Moderate rather than Critical because its exploitability and impact are constrained by specific deployment contexts and assumptions about network trust boundaries. While the use of pickle.loads on untrusted input typically leads to remote code execution (RCE), the vulnerable PyNcclPipe interface is not intended to be exposed to the internet or untrusted networks, it is designed for use within a secured, internal cluster environment as explicitly documented by vLLM. Successful exploitation requires an attacker to have direct network access to a misconfigured or poorly segmented system where the KV cache transfer service is bound to a public interface. Additionally, the vulnerable code path exists only in a niche configuration (V0 engine with PyNcclPipe), further reducing its exposure. Therefore, while the flaw does introduce RCE risk in misconfigured setups, the combination of non-default exposure, clear documentation, and limited applicability justifies a reduced impact.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/bootc-azure-amd-rhel9@sha256:49cfb622a1dc03438e4683661257d8e178d32bf508cbf649ba4637b9a4b79180_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-47277"
},
{
"category": "external",
"summary": "RHBZ#2367605",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2367605"
},
{
"category": "external",
"summary": "RHSB-2025-001",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2025-001"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-47277",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47277"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-47277",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47277"
},
{
"category": "external",
"summary": "https://docs.vllm.ai/en/latest/deployment/security.html",
"url": "https://docs.vllm.ai/en/latest/deployment/security.html"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/commit/0d6e187e88874c39cda7409cf673f9e6546893e7",
"url": "https://github.com/vllm-project/vllm/commit/0d6e187e88874c39cda7409cf673f9e6546893e7"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/pull/15988",
"url": "https://github.com/vllm-project/vllm/pull/15988"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/security/advisories/GHSA-hjq4-87xh-g4fv",
"url": "https://github.com/vllm-project/vllm/security/advisories/GHSA-hjq4-87xh-g4fv"
}
],
"release_date": "2025-05-20T17:32:27.034000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-09-15T16:11:16+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:15840",
"product_ids": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/bootc-azure-amd-rhel9@sha256:49cfb622a1dc03438e4683661257d8e178d32bf508cbf649ba4637b9a4b79180_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:15840"
},
{
"category": "workaround",
"details": "No mitigation is currently available that meets Red Hat Product Security\u2019s standards for usability, deployment, applicability, or stability.",
"product_ids": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/bootc-azure-amd-rhel9@sha256:49cfb622a1dc03438e4683661257d8e178d32bf508cbf649ba4637b9a4b79180_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/bootc-azure-amd-rhel9@sha256:49cfb622a1dc03438e4683661257d8e178d32bf508cbf649ba4637b9a4b79180_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "vllm: vLLM Allows Remote Code Execution via PyNcclPipe Communication Service"
},
{
"cve": "CVE-2025-48379",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"discovery_date": "2025-07-01T19:00:57.380377+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2375795"
}
],
"notes": [
{
"category": "description",
"text": "A critical vulnerability was identified in the Pillow image processing library. This flaw could allow a local attacker to execute arbitrary code or cause the application to crash, resulting in a denial of service. An attacker can exploit this vulnerability by tricking an application into processing a specially crafted image file. The issue occurs because the library writes more data than an allocated memory buffer can hold, leading to memory corruption.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-pillow: pillow: Pillow DDS Heap Buffer Overflow",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability was rated as Important by the Red Hat Product Security Engineer. An attacker may leverage that by crafting a malicious DDS image bigger than 64k (when encoded). This happens because of the lack of size checking when writing the image data into an internal buffer. When successfully exploited, this vulnerability may lead to a local arbitrary code execution within the user privileges similar to the ones for the user running the application or a denial of service for the application consuming the Pillow library.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/bootc-azure-amd-rhel9@sha256:49cfb622a1dc03438e4683661257d8e178d32bf508cbf649ba4637b9a4b79180_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-48379"
},
{
"category": "external",
"summary": "RHBZ#2375795",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2375795"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-48379",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48379"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-48379",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-48379"
},
{
"category": "external",
"summary": "https://github.com/python-pillow/Pillow/commit/ef98b3510e3e4f14b547762764813d7e5ca3c5a4",
"url": "https://github.com/python-pillow/Pillow/commit/ef98b3510e3e4f14b547762764813d7e5ca3c5a4"
},
{
"category": "external",
"summary": "https://github.com/python-pillow/Pillow/pull/9041",
"url": "https://github.com/python-pillow/Pillow/pull/9041"
},
{
"category": "external",
"summary": "https://github.com/python-pillow/Pillow/releases/tag/11.3.0",
"url": "https://github.com/python-pillow/Pillow/releases/tag/11.3.0"
},
{
"category": "external",
"summary": "https://github.com/python-pillow/Pillow/security/advisories/GHSA-xg8h-j46f-w952",
"url": "https://github.com/python-pillow/Pillow/security/advisories/GHSA-xg8h-j46f-w952"
}
],
"release_date": "2025-07-01T18:33:30.687000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-09-15T16:11:16+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:15840",
"product_ids": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/bootc-azure-amd-rhel9@sha256:49cfb622a1dc03438e4683661257d8e178d32bf508cbf649ba4637b9a4b79180_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:15840"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/bootc-azure-amd-rhel9@sha256:49cfb622a1dc03438e4683661257d8e178d32bf508cbf649ba4637b9a4b79180_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/bootc-azure-amd-rhel9@sha256:49cfb622a1dc03438e4683661257d8e178d32bf508cbf649ba4637b9a4b79180_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "python-pillow: pillow: Pillow DDS Heap Buffer Overflow"
}
]
}
RHSA-2025:15867
Vulnerability from csaf_redhat - Published: 2025-09-15 17:51 - Updated: 2025-12-18 23:32Summary
Red Hat Security Advisory: Red Hat Enterprise Linux AI 1.5 (Intel Gaudi)
Notes
Topic
Red Hat Enterprise Linux AI 1.5 (Intel Gaudi) is now available.
Details
Red Hat® Enterprise Linux® AI is a foundation model platform to seamlessly develop, test, and run Granite family large language models (LLMs) for enterprise applications. This container provides NVIDIA hardware enablement and the InstructLab application stack.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat Enterprise Linux AI 1.5 (Intel Gaudi) is now available.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat\u00ae Enterprise Linux\u00ae AI is a foundation model platform to seamlessly develop, test, and run Granite family large language models (LLMs) for enterprise applications. This container provides NVIDIA hardware enablement and the InstructLab application stack.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:15867",
"url": "https://access.redhat.com/errata/RHSA-2025:15867"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-48379",
"url": "https://access.redhat.com/security/cve/CVE-2025-48379"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/cve-2025-47277",
"url": "https://access.redhat.com/security/cve/cve-2025-47277"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://www.redhat.com/en/technologies/linux-platforms/enterprise-linux/ai",
"url": "https://www.redhat.com/en/technologies/linux-platforms/enterprise-linux/ai"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_15867.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Enterprise Linux AI 1.5 (Intel Gaudi)",
"tracking": {
"current_release_date": "2025-12-18T23:32:30+00:00",
"generator": {
"date": "2025-12-18T23:32:30+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.14"
}
},
"id": "RHSA-2025:15867",
"initial_release_date": "2025-09-15T17:51:02+00:00",
"revision_history": [
{
"date": "2025-09-15T17:51:02+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-11-17T22:18:45+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-12-18T23:32:30+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AI 1.5",
"product": {
"name": "Red Hat Enterprise Linux AI 1.5",
"product_id": "Red Hat Enterprise Linux AI 1.5",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux_ai:1.5::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux AI"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhelai1/instructlab-intel-rhel9@sha256:2ec7df6d207c24989660f42e656340581fa488fed399ec343cda5b288f3f1f7c_amd64",
"product": {
"name": "registry.redhat.io/rhelai1/instructlab-intel-rhel9@sha256:2ec7df6d207c24989660f42e656340581fa488fed399ec343cda5b288f3f1f7c_amd64",
"product_id": "registry.redhat.io/rhelai1/instructlab-intel-rhel9@sha256:2ec7df6d207c24989660f42e656340581fa488fed399ec343cda5b288f3f1f7c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/instructlab-intel-rhel9@sha256%3A2ec7df6d207c24989660f42e656340581fa488fed399ec343cda5b288f3f1f7c?arch=amd64\u0026repository_url=registry.redhat.io/rhelai1\u0026tag=1.5.3-1757955810"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhelai1/instructlab-intel-rhel9@sha256:2ec7df6d207c24989660f42e656340581fa488fed399ec343cda5b288f3f1f7c_amd64 as a component of Red Hat Enterprise Linux AI 1.5",
"product_id": "Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/instructlab-intel-rhel9@sha256:2ec7df6d207c24989660f42e656340581fa488fed399ec343cda5b288f3f1f7c_amd64"
},
"product_reference": "registry.redhat.io/rhelai1/instructlab-intel-rhel9@sha256:2ec7df6d207c24989660f42e656340581fa488fed399ec343cda5b288f3f1f7c_amd64",
"relates_to_product_reference": "Red Hat Enterprise Linux AI 1.5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-47277",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2025-05-20T18:00:58.703636+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2367605"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in vLLM. This vulnerability allows unauthorized access to key-value caches via network exposure of the `TCPStore` interface when using the `PyNcclPipe` KV cache transfer integration with the V0 engine.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vllm: vLLM Allows Remote Code Execution via PyNcclPipe Communication Service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "By default, Red Hat products are configured to restrict vLLM nodes to an isolated network. However, this vulnerability could become relevant if customers change the specific configurations, and therefore, Red Hat products are affected.\n\nThis vulnerability is classified as Moderate rather than Critical because its exploitability and impact are constrained by specific deployment contexts and assumptions about network trust boundaries. While the use of pickle.loads on untrusted input typically leads to remote code execution (RCE), the vulnerable PyNcclPipe interface is not intended to be exposed to the internet or untrusted networks, it is designed for use within a secured, internal cluster environment as explicitly documented by vLLM. Successful exploitation requires an attacker to have direct network access to a misconfigured or poorly segmented system where the KV cache transfer service is bound to a public interface. Additionally, the vulnerable code path exists only in a niche configuration (V0 engine with PyNcclPipe), further reducing its exposure. Therefore, while the flaw does introduce RCE risk in misconfigured setups, the combination of non-default exposure, clear documentation, and limited applicability justifies a reduced impact.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/instructlab-intel-rhel9@sha256:2ec7df6d207c24989660f42e656340581fa488fed399ec343cda5b288f3f1f7c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-47277"
},
{
"category": "external",
"summary": "RHBZ#2367605",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2367605"
},
{
"category": "external",
"summary": "RHSB-2025-001",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2025-001"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-47277",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47277"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-47277",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47277"
},
{
"category": "external",
"summary": "https://docs.vllm.ai/en/latest/deployment/security.html",
"url": "https://docs.vllm.ai/en/latest/deployment/security.html"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/commit/0d6e187e88874c39cda7409cf673f9e6546893e7",
"url": "https://github.com/vllm-project/vllm/commit/0d6e187e88874c39cda7409cf673f9e6546893e7"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/pull/15988",
"url": "https://github.com/vllm-project/vllm/pull/15988"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/security/advisories/GHSA-hjq4-87xh-g4fv",
"url": "https://github.com/vllm-project/vllm/security/advisories/GHSA-hjq4-87xh-g4fv"
}
],
"release_date": "2025-05-20T17:32:27.034000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-09-15T17:51:02+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:15867",
"product_ids": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/instructlab-intel-rhel9@sha256:2ec7df6d207c24989660f42e656340581fa488fed399ec343cda5b288f3f1f7c_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:15867"
},
{
"category": "workaround",
"details": "No mitigation is currently available that meets Red Hat Product Security\u2019s standards for usability, deployment, applicability, or stability.",
"product_ids": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/instructlab-intel-rhel9@sha256:2ec7df6d207c24989660f42e656340581fa488fed399ec343cda5b288f3f1f7c_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/instructlab-intel-rhel9@sha256:2ec7df6d207c24989660f42e656340581fa488fed399ec343cda5b288f3f1f7c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "vllm: vLLM Allows Remote Code Execution via PyNcclPipe Communication Service"
},
{
"cve": "CVE-2025-48379",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"discovery_date": "2025-07-01T19:00:57.380377+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2375795"
}
],
"notes": [
{
"category": "description",
"text": "A critical vulnerability was identified in the Pillow image processing library. This flaw could allow a local attacker to execute arbitrary code or cause the application to crash, resulting in a denial of service. An attacker can exploit this vulnerability by tricking an application into processing a specially crafted image file. The issue occurs because the library writes more data than an allocated memory buffer can hold, leading to memory corruption.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-pillow: pillow: Pillow DDS Heap Buffer Overflow",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability was rated as Important by the Red Hat Product Security Engineer. An attacker may leverage that by crafting a malicious DDS image bigger than 64k (when encoded). This happens because of the lack of size checking when writing the image data into an internal buffer. When successfully exploited, this vulnerability may lead to a local arbitrary code execution within the user privileges similar to the ones for the user running the application or a denial of service for the application consuming the Pillow library.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/instructlab-intel-rhel9@sha256:2ec7df6d207c24989660f42e656340581fa488fed399ec343cda5b288f3f1f7c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-48379"
},
{
"category": "external",
"summary": "RHBZ#2375795",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2375795"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-48379",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48379"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-48379",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-48379"
},
{
"category": "external",
"summary": "https://github.com/python-pillow/Pillow/commit/ef98b3510e3e4f14b547762764813d7e5ca3c5a4",
"url": "https://github.com/python-pillow/Pillow/commit/ef98b3510e3e4f14b547762764813d7e5ca3c5a4"
},
{
"category": "external",
"summary": "https://github.com/python-pillow/Pillow/pull/9041",
"url": "https://github.com/python-pillow/Pillow/pull/9041"
},
{
"category": "external",
"summary": "https://github.com/python-pillow/Pillow/releases/tag/11.3.0",
"url": "https://github.com/python-pillow/Pillow/releases/tag/11.3.0"
},
{
"category": "external",
"summary": "https://github.com/python-pillow/Pillow/security/advisories/GHSA-xg8h-j46f-w952",
"url": "https://github.com/python-pillow/Pillow/security/advisories/GHSA-xg8h-j46f-w952"
}
],
"release_date": "2025-07-01T18:33:30.687000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-09-15T17:51:02+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:15867",
"product_ids": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/instructlab-intel-rhel9@sha256:2ec7df6d207c24989660f42e656340581fa488fed399ec343cda5b288f3f1f7c_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:15867"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/instructlab-intel-rhel9@sha256:2ec7df6d207c24989660f42e656340581fa488fed399ec343cda5b288f3f1f7c_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/instructlab-intel-rhel9@sha256:2ec7df6d207c24989660f42e656340581fa488fed399ec343cda5b288f3f1f7c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "python-pillow: pillow: Pillow DDS Heap Buffer Overflow"
}
]
}
RHSA-2025:15832
Vulnerability from csaf_redhat - Published: 2025-09-15 15:40 - Updated: 2025-12-18 23:32Summary
Red Hat Security Advisory: Red Hat Enterprise Linux AI 1.5 (NVIDIA)
Notes
Topic
Red Hat Enterprise Linux AI 1.5 (NVIDIA) is now available.
Details
Red Hat® Enterprise Linux® AI is a foundation model platform to seamlessly develop, test, and run Granite family large language models (LLMs) for enterprise applications. This container provides NVIDIA hardware enablement and the InstructLab application stack.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat Enterprise Linux AI 1.5 (NVIDIA) is now available.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat\u00ae Enterprise Linux\u00ae AI is a foundation model platform to seamlessly develop, test, and run Granite family large language models (LLMs) for enterprise applications. This container provides NVIDIA hardware enablement and the InstructLab application stack.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:15832",
"url": "https://access.redhat.com/errata/RHSA-2025:15832"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-48379",
"url": "https://access.redhat.com/security/cve/CVE-2025-48379"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/cve-2025-47277",
"url": "https://access.redhat.com/security/cve/cve-2025-47277"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://www.redhat.com/en/technologies/linux-platforms/enterprise-linux/ai",
"url": "https://www.redhat.com/en/technologies/linux-platforms/enterprise-linux/ai"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_15832.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Enterprise Linux AI 1.5 (NVIDIA)",
"tracking": {
"current_release_date": "2025-12-18T23:32:20+00:00",
"generator": {
"date": "2025-12-18T23:32:20+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.14"
}
},
"id": "RHSA-2025:15832",
"initial_release_date": "2025-09-15T15:40:27+00:00",
"revision_history": [
{
"date": "2025-09-15T15:40:27+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-11-17T22:18:45+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-12-18T23:32:20+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AI 1.5",
"product": {
"name": "Red Hat Enterprise Linux AI 1.5",
"product_id": "Red Hat Enterprise Linux AI 1.5",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux_ai:1.5::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux AI"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhelai1/instructlab-nvidia-rhel9@sha256:89114d614ccbbbbd8a78d143fac90570ab81650ced7d4a9f39f7ba416113ae3b_amd64",
"product": {
"name": "registry.redhat.io/rhelai1/instructlab-nvidia-rhel9@sha256:89114d614ccbbbbd8a78d143fac90570ab81650ced7d4a9f39f7ba416113ae3b_amd64",
"product_id": "registry.redhat.io/rhelai1/instructlab-nvidia-rhel9@sha256:89114d614ccbbbbd8a78d143fac90570ab81650ced7d4a9f39f7ba416113ae3b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/instructlab-nvidia-rhel9@sha256%3A89114d614ccbbbbd8a78d143fac90570ab81650ced7d4a9f39f7ba416113ae3b?arch=amd64\u0026repository_url=registry.redhat.io/rhelai1\u0026tag=1.5.3-1756791365"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhelai1/instructlab-nvidia-rhel9@sha256:f4e7a03db9b24711381b5e1279e19eadf6b7dd20510711a17212261fb67f3e11_arm64",
"product": {
"name": "registry.redhat.io/rhelai1/instructlab-nvidia-rhel9@sha256:f4e7a03db9b24711381b5e1279e19eadf6b7dd20510711a17212261fb67f3e11_arm64",
"product_id": "registry.redhat.io/rhelai1/instructlab-nvidia-rhel9@sha256:f4e7a03db9b24711381b5e1279e19eadf6b7dd20510711a17212261fb67f3e11_arm64",
"product_identification_helper": {
"purl": "pkg:oci/instructlab-nvidia-rhel9@sha256%3Af4e7a03db9b24711381b5e1279e19eadf6b7dd20510711a17212261fb67f3e11?arch=arm64\u0026repository_url=registry.redhat.io/rhelai1\u0026tag=1.5.3-1756791365"
}
}
}
],
"category": "architecture",
"name": "arm64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhelai1/instructlab-nvidia-rhel9@sha256:89114d614ccbbbbd8a78d143fac90570ab81650ced7d4a9f39f7ba416113ae3b_amd64 as a component of Red Hat Enterprise Linux AI 1.5",
"product_id": "Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/instructlab-nvidia-rhel9@sha256:89114d614ccbbbbd8a78d143fac90570ab81650ced7d4a9f39f7ba416113ae3b_amd64"
},
"product_reference": "registry.redhat.io/rhelai1/instructlab-nvidia-rhel9@sha256:89114d614ccbbbbd8a78d143fac90570ab81650ced7d4a9f39f7ba416113ae3b_amd64",
"relates_to_product_reference": "Red Hat Enterprise Linux AI 1.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhelai1/instructlab-nvidia-rhel9@sha256:f4e7a03db9b24711381b5e1279e19eadf6b7dd20510711a17212261fb67f3e11_arm64 as a component of Red Hat Enterprise Linux AI 1.5",
"product_id": "Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/instructlab-nvidia-rhel9@sha256:f4e7a03db9b24711381b5e1279e19eadf6b7dd20510711a17212261fb67f3e11_arm64"
},
"product_reference": "registry.redhat.io/rhelai1/instructlab-nvidia-rhel9@sha256:f4e7a03db9b24711381b5e1279e19eadf6b7dd20510711a17212261fb67f3e11_arm64",
"relates_to_product_reference": "Red Hat Enterprise Linux AI 1.5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-47277",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2025-05-20T18:00:58.703636+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2367605"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in vLLM. This vulnerability allows unauthorized access to key-value caches via network exposure of the `TCPStore` interface when using the `PyNcclPipe` KV cache transfer integration with the V0 engine.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vllm: vLLM Allows Remote Code Execution via PyNcclPipe Communication Service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "By default, Red Hat products are configured to restrict vLLM nodes to an isolated network. However, this vulnerability could become relevant if customers change the specific configurations, and therefore, Red Hat products are affected.\n\nThis vulnerability is classified as Moderate rather than Critical because its exploitability and impact are constrained by specific deployment contexts and assumptions about network trust boundaries. While the use of pickle.loads on untrusted input typically leads to remote code execution (RCE), the vulnerable PyNcclPipe interface is not intended to be exposed to the internet or untrusted networks, it is designed for use within a secured, internal cluster environment as explicitly documented by vLLM. Successful exploitation requires an attacker to have direct network access to a misconfigured or poorly segmented system where the KV cache transfer service is bound to a public interface. Additionally, the vulnerable code path exists only in a niche configuration (V0 engine with PyNcclPipe), further reducing its exposure. Therefore, while the flaw does introduce RCE risk in misconfigured setups, the combination of non-default exposure, clear documentation, and limited applicability justifies a reduced impact.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/instructlab-nvidia-rhel9@sha256:89114d614ccbbbbd8a78d143fac90570ab81650ced7d4a9f39f7ba416113ae3b_amd64",
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/instructlab-nvidia-rhel9@sha256:f4e7a03db9b24711381b5e1279e19eadf6b7dd20510711a17212261fb67f3e11_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-47277"
},
{
"category": "external",
"summary": "RHBZ#2367605",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2367605"
},
{
"category": "external",
"summary": "RHSB-2025-001",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2025-001"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-47277",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47277"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-47277",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47277"
},
{
"category": "external",
"summary": "https://docs.vllm.ai/en/latest/deployment/security.html",
"url": "https://docs.vllm.ai/en/latest/deployment/security.html"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/commit/0d6e187e88874c39cda7409cf673f9e6546893e7",
"url": "https://github.com/vllm-project/vllm/commit/0d6e187e88874c39cda7409cf673f9e6546893e7"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/pull/15988",
"url": "https://github.com/vllm-project/vllm/pull/15988"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/security/advisories/GHSA-hjq4-87xh-g4fv",
"url": "https://github.com/vllm-project/vllm/security/advisories/GHSA-hjq4-87xh-g4fv"
}
],
"release_date": "2025-05-20T17:32:27.034000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-09-15T15:40:27+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:15832",
"product_ids": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/instructlab-nvidia-rhel9@sha256:89114d614ccbbbbd8a78d143fac90570ab81650ced7d4a9f39f7ba416113ae3b_amd64",
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/instructlab-nvidia-rhel9@sha256:f4e7a03db9b24711381b5e1279e19eadf6b7dd20510711a17212261fb67f3e11_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:15832"
},
{
"category": "workaround",
"details": "No mitigation is currently available that meets Red Hat Product Security\u2019s standards for usability, deployment, applicability, or stability.",
"product_ids": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/instructlab-nvidia-rhel9@sha256:89114d614ccbbbbd8a78d143fac90570ab81650ced7d4a9f39f7ba416113ae3b_amd64",
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/instructlab-nvidia-rhel9@sha256:f4e7a03db9b24711381b5e1279e19eadf6b7dd20510711a17212261fb67f3e11_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/instructlab-nvidia-rhel9@sha256:89114d614ccbbbbd8a78d143fac90570ab81650ced7d4a9f39f7ba416113ae3b_amd64",
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/instructlab-nvidia-rhel9@sha256:f4e7a03db9b24711381b5e1279e19eadf6b7dd20510711a17212261fb67f3e11_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "vllm: vLLM Allows Remote Code Execution via PyNcclPipe Communication Service"
},
{
"cve": "CVE-2025-48379",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"discovery_date": "2025-07-01T19:00:57.380377+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2375795"
}
],
"notes": [
{
"category": "description",
"text": "A critical vulnerability was identified in the Pillow image processing library. This flaw could allow a local attacker to execute arbitrary code or cause the application to crash, resulting in a denial of service. An attacker can exploit this vulnerability by tricking an application into processing a specially crafted image file. The issue occurs because the library writes more data than an allocated memory buffer can hold, leading to memory corruption.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-pillow: pillow: Pillow DDS Heap Buffer Overflow",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability was rated as Important by the Red Hat Product Security Engineer. An attacker may leverage that by crafting a malicious DDS image bigger than 64k (when encoded). This happens because of the lack of size checking when writing the image data into an internal buffer. When successfully exploited, this vulnerability may lead to a local arbitrary code execution within the user privileges similar to the ones for the user running the application or a denial of service for the application consuming the Pillow library.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/instructlab-nvidia-rhel9@sha256:89114d614ccbbbbd8a78d143fac90570ab81650ced7d4a9f39f7ba416113ae3b_amd64",
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/instructlab-nvidia-rhel9@sha256:f4e7a03db9b24711381b5e1279e19eadf6b7dd20510711a17212261fb67f3e11_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-48379"
},
{
"category": "external",
"summary": "RHBZ#2375795",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2375795"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-48379",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48379"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-48379",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-48379"
},
{
"category": "external",
"summary": "https://github.com/python-pillow/Pillow/commit/ef98b3510e3e4f14b547762764813d7e5ca3c5a4",
"url": "https://github.com/python-pillow/Pillow/commit/ef98b3510e3e4f14b547762764813d7e5ca3c5a4"
},
{
"category": "external",
"summary": "https://github.com/python-pillow/Pillow/pull/9041",
"url": "https://github.com/python-pillow/Pillow/pull/9041"
},
{
"category": "external",
"summary": "https://github.com/python-pillow/Pillow/releases/tag/11.3.0",
"url": "https://github.com/python-pillow/Pillow/releases/tag/11.3.0"
},
{
"category": "external",
"summary": "https://github.com/python-pillow/Pillow/security/advisories/GHSA-xg8h-j46f-w952",
"url": "https://github.com/python-pillow/Pillow/security/advisories/GHSA-xg8h-j46f-w952"
}
],
"release_date": "2025-07-01T18:33:30.687000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-09-15T15:40:27+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:15832",
"product_ids": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/instructlab-nvidia-rhel9@sha256:89114d614ccbbbbd8a78d143fac90570ab81650ced7d4a9f39f7ba416113ae3b_amd64",
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/instructlab-nvidia-rhel9@sha256:f4e7a03db9b24711381b5e1279e19eadf6b7dd20510711a17212261fb67f3e11_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:15832"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/instructlab-nvidia-rhel9@sha256:89114d614ccbbbbd8a78d143fac90570ab81650ced7d4a9f39f7ba416113ae3b_amd64",
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/instructlab-nvidia-rhel9@sha256:f4e7a03db9b24711381b5e1279e19eadf6b7dd20510711a17212261fb67f3e11_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/instructlab-nvidia-rhel9@sha256:89114d614ccbbbbd8a78d143fac90570ab81650ced7d4a9f39f7ba416113ae3b_amd64",
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/instructlab-nvidia-rhel9@sha256:f4e7a03db9b24711381b5e1279e19eadf6b7dd20510711a17212261fb67f3e11_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "python-pillow: pillow: Pillow DDS Heap Buffer Overflow"
}
]
}
RHSA-2025:15838
Vulnerability from csaf_redhat - Published: 2025-09-15 16:11 - Updated: 2025-12-18 23:32Summary
Red Hat Security Advisory: Red Hat Enterprise Linux AI 1.5 (NVIDIA)
Notes
Topic
Red Hat Enterprise Linux AI 1.5 (NVIDIA) is now available.
Details
Red Hat® Enterprise Linux® AI is a foundation model platform to seamlessly develop, test, and run Granite family large language models (LLMs) for enterprise applications.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat Enterprise Linux AI 1.5 (NVIDIA) is now available.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat\u00ae Enterprise Linux\u00ae AI is a foundation model platform to seamlessly develop, test, and run Granite family large language models (LLMs) for enterprise applications.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:15838",
"url": "https://access.redhat.com/errata/RHSA-2025:15838"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-48379",
"url": "https://access.redhat.com/security/cve/CVE-2025-48379"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/cve-2025-47277",
"url": "https://access.redhat.com/security/cve/cve-2025-47277"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://www.redhat.com/en/technologies/linux-platforms/enterprise-linux/ai",
"url": "https://www.redhat.com/en/technologies/linux-platforms/enterprise-linux/ai"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_15838.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Enterprise Linux AI 1.5 (NVIDIA)",
"tracking": {
"current_release_date": "2025-12-18T23:32:24+00:00",
"generator": {
"date": "2025-12-18T23:32:24+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.14"
}
},
"id": "RHSA-2025:15838",
"initial_release_date": "2025-09-15T16:11:18+00:00",
"revision_history": [
{
"date": "2025-09-15T16:11:18+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-11-17T22:18:45+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-12-18T23:32:24+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AI 1.5",
"product": {
"name": "Red Hat Enterprise Linux AI 1.5",
"product_id": "Red Hat Enterprise Linux AI 1.5",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux_ai:1.5::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux AI"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhelai1/bootc-aws-nvidia-rhel9@sha256:a169a0d43b63280b9f43b99e6f9910cf0f404c7a9089d30dc06a0aa7fe747b8b_amd64",
"product": {
"name": "registry.redhat.io/rhelai1/bootc-aws-nvidia-rhel9@sha256:a169a0d43b63280b9f43b99e6f9910cf0f404c7a9089d30dc06a0aa7fe747b8b_amd64",
"product_id": "registry.redhat.io/rhelai1/bootc-aws-nvidia-rhel9@sha256:a169a0d43b63280b9f43b99e6f9910cf0f404c7a9089d30dc06a0aa7fe747b8b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/bootc-aws-nvidia-rhel9@sha256%3Aa169a0d43b63280b9f43b99e6f9910cf0f404c7a9089d30dc06a0aa7fe747b8b?arch=amd64\u0026repository_url=registry.redhat.io/rhelai1\u0026tag=1.5.3-1756815228"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhelai1/bootc-aws-nvidia-rhel9@sha256:a169a0d43b63280b9f43b99e6f9910cf0f404c7a9089d30dc06a0aa7fe747b8b_amd64 as a component of Red Hat Enterprise Linux AI 1.5",
"product_id": "Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/bootc-aws-nvidia-rhel9@sha256:a169a0d43b63280b9f43b99e6f9910cf0f404c7a9089d30dc06a0aa7fe747b8b_amd64"
},
"product_reference": "registry.redhat.io/rhelai1/bootc-aws-nvidia-rhel9@sha256:a169a0d43b63280b9f43b99e6f9910cf0f404c7a9089d30dc06a0aa7fe747b8b_amd64",
"relates_to_product_reference": "Red Hat Enterprise Linux AI 1.5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-47277",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2025-05-20T18:00:58.703636+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2367605"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in vLLM. This vulnerability allows unauthorized access to key-value caches via network exposure of the `TCPStore` interface when using the `PyNcclPipe` KV cache transfer integration with the V0 engine.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vllm: vLLM Allows Remote Code Execution via PyNcclPipe Communication Service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "By default, Red Hat products are configured to restrict vLLM nodes to an isolated network. However, this vulnerability could become relevant if customers change the specific configurations, and therefore, Red Hat products are affected.\n\nThis vulnerability is classified as Moderate rather than Critical because its exploitability and impact are constrained by specific deployment contexts and assumptions about network trust boundaries. While the use of pickle.loads on untrusted input typically leads to remote code execution (RCE), the vulnerable PyNcclPipe interface is not intended to be exposed to the internet or untrusted networks, it is designed for use within a secured, internal cluster environment as explicitly documented by vLLM. Successful exploitation requires an attacker to have direct network access to a misconfigured or poorly segmented system where the KV cache transfer service is bound to a public interface. Additionally, the vulnerable code path exists only in a niche configuration (V0 engine with PyNcclPipe), further reducing its exposure. Therefore, while the flaw does introduce RCE risk in misconfigured setups, the combination of non-default exposure, clear documentation, and limited applicability justifies a reduced impact.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/bootc-aws-nvidia-rhel9@sha256:a169a0d43b63280b9f43b99e6f9910cf0f404c7a9089d30dc06a0aa7fe747b8b_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-47277"
},
{
"category": "external",
"summary": "RHBZ#2367605",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2367605"
},
{
"category": "external",
"summary": "RHSB-2025-001",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2025-001"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-47277",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47277"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-47277",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47277"
},
{
"category": "external",
"summary": "https://docs.vllm.ai/en/latest/deployment/security.html",
"url": "https://docs.vllm.ai/en/latest/deployment/security.html"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/commit/0d6e187e88874c39cda7409cf673f9e6546893e7",
"url": "https://github.com/vllm-project/vllm/commit/0d6e187e88874c39cda7409cf673f9e6546893e7"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/pull/15988",
"url": "https://github.com/vllm-project/vllm/pull/15988"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/security/advisories/GHSA-hjq4-87xh-g4fv",
"url": "https://github.com/vllm-project/vllm/security/advisories/GHSA-hjq4-87xh-g4fv"
}
],
"release_date": "2025-05-20T17:32:27.034000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-09-15T16:11:18+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:15838",
"product_ids": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/bootc-aws-nvidia-rhel9@sha256:a169a0d43b63280b9f43b99e6f9910cf0f404c7a9089d30dc06a0aa7fe747b8b_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:15838"
},
{
"category": "workaround",
"details": "No mitigation is currently available that meets Red Hat Product Security\u2019s standards for usability, deployment, applicability, or stability.",
"product_ids": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/bootc-aws-nvidia-rhel9@sha256:a169a0d43b63280b9f43b99e6f9910cf0f404c7a9089d30dc06a0aa7fe747b8b_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/bootc-aws-nvidia-rhel9@sha256:a169a0d43b63280b9f43b99e6f9910cf0f404c7a9089d30dc06a0aa7fe747b8b_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "vllm: vLLM Allows Remote Code Execution via PyNcclPipe Communication Service"
},
{
"cve": "CVE-2025-48379",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"discovery_date": "2025-07-01T19:00:57.380377+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2375795"
}
],
"notes": [
{
"category": "description",
"text": "A critical vulnerability was identified in the Pillow image processing library. This flaw could allow a local attacker to execute arbitrary code or cause the application to crash, resulting in a denial of service. An attacker can exploit this vulnerability by tricking an application into processing a specially crafted image file. The issue occurs because the library writes more data than an allocated memory buffer can hold, leading to memory corruption.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-pillow: pillow: Pillow DDS Heap Buffer Overflow",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability was rated as Important by the Red Hat Product Security Engineer. An attacker may leverage that by crafting a malicious DDS image bigger than 64k (when encoded). This happens because of the lack of size checking when writing the image data into an internal buffer. When successfully exploited, this vulnerability may lead to a local arbitrary code execution within the user privileges similar to the ones for the user running the application or a denial of service for the application consuming the Pillow library.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/bootc-aws-nvidia-rhel9@sha256:a169a0d43b63280b9f43b99e6f9910cf0f404c7a9089d30dc06a0aa7fe747b8b_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-48379"
},
{
"category": "external",
"summary": "RHBZ#2375795",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2375795"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-48379",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48379"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-48379",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-48379"
},
{
"category": "external",
"summary": "https://github.com/python-pillow/Pillow/commit/ef98b3510e3e4f14b547762764813d7e5ca3c5a4",
"url": "https://github.com/python-pillow/Pillow/commit/ef98b3510e3e4f14b547762764813d7e5ca3c5a4"
},
{
"category": "external",
"summary": "https://github.com/python-pillow/Pillow/pull/9041",
"url": "https://github.com/python-pillow/Pillow/pull/9041"
},
{
"category": "external",
"summary": "https://github.com/python-pillow/Pillow/releases/tag/11.3.0",
"url": "https://github.com/python-pillow/Pillow/releases/tag/11.3.0"
},
{
"category": "external",
"summary": "https://github.com/python-pillow/Pillow/security/advisories/GHSA-xg8h-j46f-w952",
"url": "https://github.com/python-pillow/Pillow/security/advisories/GHSA-xg8h-j46f-w952"
}
],
"release_date": "2025-07-01T18:33:30.687000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-09-15T16:11:18+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:15838",
"product_ids": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/bootc-aws-nvidia-rhel9@sha256:a169a0d43b63280b9f43b99e6f9910cf0f404c7a9089d30dc06a0aa7fe747b8b_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:15838"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/bootc-aws-nvidia-rhel9@sha256:a169a0d43b63280b9f43b99e6f9910cf0f404c7a9089d30dc06a0aa7fe747b8b_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/bootc-aws-nvidia-rhel9@sha256:a169a0d43b63280b9f43b99e6f9910cf0f404c7a9089d30dc06a0aa7fe747b8b_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "python-pillow: pillow: Pillow DDS Heap Buffer Overflow"
}
]
}
RHSA-2025:15839
Vulnerability from csaf_redhat - Published: 2025-09-15 16:11 - Updated: 2025-12-18 23:32Summary
Red Hat Security Advisory: Red Hat Enterprise Linux AI 1.5 (AMD)
Notes
Topic
Red Hat Enterprise Linux AI 1.5 (AMD) is now available.
Details
Red Hat® Enterprise Linux® AI is a foundation model platform to seamlessly develop, test, and run Granite family large language models (LLMs) for enterprise applications.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat Enterprise Linux AI 1.5 (AMD) is now available.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat\u00ae Enterprise Linux\u00ae AI is a foundation model platform to seamlessly develop, test, and run Granite family large language models (LLMs) for enterprise applications.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:15839",
"url": "https://access.redhat.com/errata/RHSA-2025:15839"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-48379",
"url": "https://access.redhat.com/security/cve/CVE-2025-48379"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/cve-2025-47277",
"url": "https://access.redhat.com/security/cve/cve-2025-47277"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://www.redhat.com/en/technologies/linux-platforms/enterprise-linux/ai",
"url": "https://www.redhat.com/en/technologies/linux-platforms/enterprise-linux/ai"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_15839.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Enterprise Linux AI 1.5 (AMD)",
"tracking": {
"current_release_date": "2025-12-18T23:32:24+00:00",
"generator": {
"date": "2025-12-18T23:32:24+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.14"
}
},
"id": "RHSA-2025:15839",
"initial_release_date": "2025-09-15T16:11:17+00:00",
"revision_history": [
{
"date": "2025-09-15T16:11:17+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-11-18T18:22:02+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-12-18T23:32:24+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AI 1.5",
"product": {
"name": "Red Hat Enterprise Linux AI 1.5",
"product_id": "Red Hat Enterprise Linux AI 1.5",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux_ai:1.5::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux AI"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhelai1/bootc-amd-rhel9@sha256:e683240d86973334e53882f4978b89b5c2a9f452b4080392c33b72bd57f91b63_amd64",
"product": {
"name": "registry.redhat.io/rhelai1/bootc-amd-rhel9@sha256:e683240d86973334e53882f4978b89b5c2a9f452b4080392c33b72bd57f91b63_amd64",
"product_id": "registry.redhat.io/rhelai1/bootc-amd-rhel9@sha256:e683240d86973334e53882f4978b89b5c2a9f452b4080392c33b72bd57f91b63_amd64",
"product_identification_helper": {
"purl": "pkg:oci/bootc-amd-rhel9@sha256%3Ae683240d86973334e53882f4978b89b5c2a9f452b4080392c33b72bd57f91b63?arch=amd64\u0026repository_url=registry.redhat.io/rhelai1\u0026tag=1.5.3-1756800437"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhelai1/bootc-amd-rhel9@sha256:e683240d86973334e53882f4978b89b5c2a9f452b4080392c33b72bd57f91b63_amd64 as a component of Red Hat Enterprise Linux AI 1.5",
"product_id": "Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/bootc-amd-rhel9@sha256:e683240d86973334e53882f4978b89b5c2a9f452b4080392c33b72bd57f91b63_amd64"
},
"product_reference": "registry.redhat.io/rhelai1/bootc-amd-rhel9@sha256:e683240d86973334e53882f4978b89b5c2a9f452b4080392c33b72bd57f91b63_amd64",
"relates_to_product_reference": "Red Hat Enterprise Linux AI 1.5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-47277",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2025-05-20T18:00:58.703636+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2367605"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in vLLM. This vulnerability allows unauthorized access to key-value caches via network exposure of the `TCPStore` interface when using the `PyNcclPipe` KV cache transfer integration with the V0 engine.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vllm: vLLM Allows Remote Code Execution via PyNcclPipe Communication Service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "By default, Red Hat products are configured to restrict vLLM nodes to an isolated network. However, this vulnerability could become relevant if customers change the specific configurations, and therefore, Red Hat products are affected.\n\nThis vulnerability is classified as Moderate rather than Critical because its exploitability and impact are constrained by specific deployment contexts and assumptions about network trust boundaries. While the use of pickle.loads on untrusted input typically leads to remote code execution (RCE), the vulnerable PyNcclPipe interface is not intended to be exposed to the internet or untrusted networks, it is designed for use within a secured, internal cluster environment as explicitly documented by vLLM. Successful exploitation requires an attacker to have direct network access to a misconfigured or poorly segmented system where the KV cache transfer service is bound to a public interface. Additionally, the vulnerable code path exists only in a niche configuration (V0 engine with PyNcclPipe), further reducing its exposure. Therefore, while the flaw does introduce RCE risk in misconfigured setups, the combination of non-default exposure, clear documentation, and limited applicability justifies a reduced impact.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/bootc-amd-rhel9@sha256:e683240d86973334e53882f4978b89b5c2a9f452b4080392c33b72bd57f91b63_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-47277"
},
{
"category": "external",
"summary": "RHBZ#2367605",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2367605"
},
{
"category": "external",
"summary": "RHSB-2025-001",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2025-001"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-47277",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47277"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-47277",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47277"
},
{
"category": "external",
"summary": "https://docs.vllm.ai/en/latest/deployment/security.html",
"url": "https://docs.vllm.ai/en/latest/deployment/security.html"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/commit/0d6e187e88874c39cda7409cf673f9e6546893e7",
"url": "https://github.com/vllm-project/vllm/commit/0d6e187e88874c39cda7409cf673f9e6546893e7"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/pull/15988",
"url": "https://github.com/vllm-project/vllm/pull/15988"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/security/advisories/GHSA-hjq4-87xh-g4fv",
"url": "https://github.com/vllm-project/vllm/security/advisories/GHSA-hjq4-87xh-g4fv"
}
],
"release_date": "2025-05-20T17:32:27.034000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-09-15T16:11:17+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:15839",
"product_ids": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/bootc-amd-rhel9@sha256:e683240d86973334e53882f4978b89b5c2a9f452b4080392c33b72bd57f91b63_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:15839"
},
{
"category": "workaround",
"details": "No mitigation is currently available that meets Red Hat Product Security\u2019s standards for usability, deployment, applicability, or stability.",
"product_ids": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/bootc-amd-rhel9@sha256:e683240d86973334e53882f4978b89b5c2a9f452b4080392c33b72bd57f91b63_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/bootc-amd-rhel9@sha256:e683240d86973334e53882f4978b89b5c2a9f452b4080392c33b72bd57f91b63_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "vllm: vLLM Allows Remote Code Execution via PyNcclPipe Communication Service"
},
{
"cve": "CVE-2025-48379",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"discovery_date": "2025-07-01T19:00:57.380377+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2375795"
}
],
"notes": [
{
"category": "description",
"text": "A critical vulnerability was identified in the Pillow image processing library. This flaw could allow a local attacker to execute arbitrary code or cause the application to crash, resulting in a denial of service. An attacker can exploit this vulnerability by tricking an application into processing a specially crafted image file. The issue occurs because the library writes more data than an allocated memory buffer can hold, leading to memory corruption.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-pillow: pillow: Pillow DDS Heap Buffer Overflow",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability was rated as Important by the Red Hat Product Security Engineer. An attacker may leverage that by crafting a malicious DDS image bigger than 64k (when encoded). This happens because of the lack of size checking when writing the image data into an internal buffer. When successfully exploited, this vulnerability may lead to a local arbitrary code execution within the user privileges similar to the ones for the user running the application or a denial of service for the application consuming the Pillow library.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/bootc-amd-rhel9@sha256:e683240d86973334e53882f4978b89b5c2a9f452b4080392c33b72bd57f91b63_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-48379"
},
{
"category": "external",
"summary": "RHBZ#2375795",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2375795"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-48379",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48379"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-48379",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-48379"
},
{
"category": "external",
"summary": "https://github.com/python-pillow/Pillow/commit/ef98b3510e3e4f14b547762764813d7e5ca3c5a4",
"url": "https://github.com/python-pillow/Pillow/commit/ef98b3510e3e4f14b547762764813d7e5ca3c5a4"
},
{
"category": "external",
"summary": "https://github.com/python-pillow/Pillow/pull/9041",
"url": "https://github.com/python-pillow/Pillow/pull/9041"
},
{
"category": "external",
"summary": "https://github.com/python-pillow/Pillow/releases/tag/11.3.0",
"url": "https://github.com/python-pillow/Pillow/releases/tag/11.3.0"
},
{
"category": "external",
"summary": "https://github.com/python-pillow/Pillow/security/advisories/GHSA-xg8h-j46f-w952",
"url": "https://github.com/python-pillow/Pillow/security/advisories/GHSA-xg8h-j46f-w952"
}
],
"release_date": "2025-07-01T18:33:30.687000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-09-15T16:11:17+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:15839",
"product_ids": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/bootc-amd-rhel9@sha256:e683240d86973334e53882f4978b89b5c2a9f452b4080392c33b72bd57f91b63_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:15839"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/bootc-amd-rhel9@sha256:e683240d86973334e53882f4978b89b5c2a9f452b4080392c33b72bd57f91b63_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/bootc-amd-rhel9@sha256:e683240d86973334e53882f4978b89b5c2a9f452b4080392c33b72bd57f91b63_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "python-pillow: pillow: Pillow DDS Heap Buffer Overflow"
}
]
}
RHSA-2025:15837
Vulnerability from csaf_redhat - Published: 2025-09-15 16:11 - Updated: 2025-12-18 23:32Summary
Red Hat Security Advisory: Red Hat Enterprise Linux AI 1.5 (NVIDIA)
Notes
Topic
Red Hat Enterprise Linux AI 1.5 (NVIDIA) is now available.
Details
Red Hat® Enterprise Linux® AI is a foundation model platform to seamlessly develop, test, and run Granite family large language models (LLMs) for enterprise applications.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat Enterprise Linux AI 1.5 (NVIDIA) is now available.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat\u00ae Enterprise Linux\u00ae AI is a foundation model platform to seamlessly develop, test, and run Granite family large language models (LLMs) for enterprise applications.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:15837",
"url": "https://access.redhat.com/errata/RHSA-2025:15837"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-48379",
"url": "https://access.redhat.com/security/cve/CVE-2025-48379"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/cve-2025-47277",
"url": "https://access.redhat.com/security/cve/cve-2025-47277"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://www.redhat.com/en/technologies/linux-platforms/enterprise-linux/ai",
"url": "https://www.redhat.com/en/technologies/linux-platforms/enterprise-linux/ai"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_15837.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Enterprise Linux AI 1.5 (NVIDIA)",
"tracking": {
"current_release_date": "2025-12-18T23:32:22+00:00",
"generator": {
"date": "2025-12-18T23:32:22+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.14"
}
},
"id": "RHSA-2025:15837",
"initial_release_date": "2025-09-15T16:11:05+00:00",
"revision_history": [
{
"date": "2025-09-15T16:11:05+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-11-17T22:18:45+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-12-18T23:32:22+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AI 1.5",
"product": {
"name": "Red Hat Enterprise Linux AI 1.5",
"product_id": "Red Hat Enterprise Linux AI 1.5",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux_ai:1.5::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux AI"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhelai1/bootc-gcp-nvidia-rhel9@sha256:e0f422a906d386596295e99b64c6158ae44b6b8a12be30868865e76742fccb17_amd64",
"product": {
"name": "registry.redhat.io/rhelai1/bootc-gcp-nvidia-rhel9@sha256:e0f422a906d386596295e99b64c6158ae44b6b8a12be30868865e76742fccb17_amd64",
"product_id": "registry.redhat.io/rhelai1/bootc-gcp-nvidia-rhel9@sha256:e0f422a906d386596295e99b64c6158ae44b6b8a12be30868865e76742fccb17_amd64",
"product_identification_helper": {
"purl": "pkg:oci/bootc-gcp-nvidia-rhel9@sha256%3Ae0f422a906d386596295e99b64c6158ae44b6b8a12be30868865e76742fccb17?arch=amd64\u0026repository_url=registry.redhat.io/rhelai1\u0026tag=1.5.3-1756815294"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhelai1/bootc-gcp-nvidia-rhel9@sha256:e0f422a906d386596295e99b64c6158ae44b6b8a12be30868865e76742fccb17_amd64 as a component of Red Hat Enterprise Linux AI 1.5",
"product_id": "Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/bootc-gcp-nvidia-rhel9@sha256:e0f422a906d386596295e99b64c6158ae44b6b8a12be30868865e76742fccb17_amd64"
},
"product_reference": "registry.redhat.io/rhelai1/bootc-gcp-nvidia-rhel9@sha256:e0f422a906d386596295e99b64c6158ae44b6b8a12be30868865e76742fccb17_amd64",
"relates_to_product_reference": "Red Hat Enterprise Linux AI 1.5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-47277",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2025-05-20T18:00:58.703636+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2367605"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in vLLM. This vulnerability allows unauthorized access to key-value caches via network exposure of the `TCPStore` interface when using the `PyNcclPipe` KV cache transfer integration with the V0 engine.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vllm: vLLM Allows Remote Code Execution via PyNcclPipe Communication Service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "By default, Red Hat products are configured to restrict vLLM nodes to an isolated network. However, this vulnerability could become relevant if customers change the specific configurations, and therefore, Red Hat products are affected.\n\nThis vulnerability is classified as Moderate rather than Critical because its exploitability and impact are constrained by specific deployment contexts and assumptions about network trust boundaries. While the use of pickle.loads on untrusted input typically leads to remote code execution (RCE), the vulnerable PyNcclPipe interface is not intended to be exposed to the internet or untrusted networks, it is designed for use within a secured, internal cluster environment as explicitly documented by vLLM. Successful exploitation requires an attacker to have direct network access to a misconfigured or poorly segmented system where the KV cache transfer service is bound to a public interface. Additionally, the vulnerable code path exists only in a niche configuration (V0 engine with PyNcclPipe), further reducing its exposure. Therefore, while the flaw does introduce RCE risk in misconfigured setups, the combination of non-default exposure, clear documentation, and limited applicability justifies a reduced impact.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/bootc-gcp-nvidia-rhel9@sha256:e0f422a906d386596295e99b64c6158ae44b6b8a12be30868865e76742fccb17_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-47277"
},
{
"category": "external",
"summary": "RHBZ#2367605",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2367605"
},
{
"category": "external",
"summary": "RHSB-2025-001",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2025-001"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-47277",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47277"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-47277",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47277"
},
{
"category": "external",
"summary": "https://docs.vllm.ai/en/latest/deployment/security.html",
"url": "https://docs.vllm.ai/en/latest/deployment/security.html"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/commit/0d6e187e88874c39cda7409cf673f9e6546893e7",
"url": "https://github.com/vllm-project/vllm/commit/0d6e187e88874c39cda7409cf673f9e6546893e7"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/pull/15988",
"url": "https://github.com/vllm-project/vllm/pull/15988"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/security/advisories/GHSA-hjq4-87xh-g4fv",
"url": "https://github.com/vllm-project/vllm/security/advisories/GHSA-hjq4-87xh-g4fv"
}
],
"release_date": "2025-05-20T17:32:27.034000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-09-15T16:11:05+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:15837",
"product_ids": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/bootc-gcp-nvidia-rhel9@sha256:e0f422a906d386596295e99b64c6158ae44b6b8a12be30868865e76742fccb17_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:15837"
},
{
"category": "workaround",
"details": "No mitigation is currently available that meets Red Hat Product Security\u2019s standards for usability, deployment, applicability, or stability.",
"product_ids": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/bootc-gcp-nvidia-rhel9@sha256:e0f422a906d386596295e99b64c6158ae44b6b8a12be30868865e76742fccb17_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/bootc-gcp-nvidia-rhel9@sha256:e0f422a906d386596295e99b64c6158ae44b6b8a12be30868865e76742fccb17_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "vllm: vLLM Allows Remote Code Execution via PyNcclPipe Communication Service"
},
{
"cve": "CVE-2025-48379",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"discovery_date": "2025-07-01T19:00:57.380377+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2375795"
}
],
"notes": [
{
"category": "description",
"text": "A critical vulnerability was identified in the Pillow image processing library. This flaw could allow a local attacker to execute arbitrary code or cause the application to crash, resulting in a denial of service. An attacker can exploit this vulnerability by tricking an application into processing a specially crafted image file. The issue occurs because the library writes more data than an allocated memory buffer can hold, leading to memory corruption.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-pillow: pillow: Pillow DDS Heap Buffer Overflow",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability was rated as Important by the Red Hat Product Security Engineer. An attacker may leverage that by crafting a malicious DDS image bigger than 64k (when encoded). This happens because of the lack of size checking when writing the image data into an internal buffer. When successfully exploited, this vulnerability may lead to a local arbitrary code execution within the user privileges similar to the ones for the user running the application or a denial of service for the application consuming the Pillow library.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/bootc-gcp-nvidia-rhel9@sha256:e0f422a906d386596295e99b64c6158ae44b6b8a12be30868865e76742fccb17_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-48379"
},
{
"category": "external",
"summary": "RHBZ#2375795",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2375795"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-48379",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48379"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-48379",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-48379"
},
{
"category": "external",
"summary": "https://github.com/python-pillow/Pillow/commit/ef98b3510e3e4f14b547762764813d7e5ca3c5a4",
"url": "https://github.com/python-pillow/Pillow/commit/ef98b3510e3e4f14b547762764813d7e5ca3c5a4"
},
{
"category": "external",
"summary": "https://github.com/python-pillow/Pillow/pull/9041",
"url": "https://github.com/python-pillow/Pillow/pull/9041"
},
{
"category": "external",
"summary": "https://github.com/python-pillow/Pillow/releases/tag/11.3.0",
"url": "https://github.com/python-pillow/Pillow/releases/tag/11.3.0"
},
{
"category": "external",
"summary": "https://github.com/python-pillow/Pillow/security/advisories/GHSA-xg8h-j46f-w952",
"url": "https://github.com/python-pillow/Pillow/security/advisories/GHSA-xg8h-j46f-w952"
}
],
"release_date": "2025-07-01T18:33:30.687000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-09-15T16:11:05+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:15837",
"product_ids": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/bootc-gcp-nvidia-rhel9@sha256:e0f422a906d386596295e99b64c6158ae44b6b8a12be30868865e76742fccb17_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:15837"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/bootc-gcp-nvidia-rhel9@sha256:e0f422a906d386596295e99b64c6158ae44b6b8a12be30868865e76742fccb17_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/bootc-gcp-nvidia-rhel9@sha256:e0f422a906d386596295e99b64c6158ae44b6b8a12be30868865e76742fccb17_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "python-pillow: pillow: Pillow DDS Heap Buffer Overflow"
}
]
}
RHSA-2025:15836
Vulnerability from csaf_redhat - Published: 2025-09-15 16:07 - Updated: 2025-12-18 23:32Summary
Red Hat Security Advisory: Red Hat Enterprise Linux AI 1.5 (Intel Gaudi)
Notes
Topic
Red Hat Enterprise Linux AI 1.5 (Intel Gaudi) is now available.
Details
Red Hat® Enterprise Linux® AI is a foundation model platform to seamlessly develop, test, and run Granite family large language models (LLMs) for enterprise applications.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat Enterprise Linux AI 1.5 (Intel Gaudi) is now available.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat\u00ae Enterprise Linux\u00ae AI is a foundation model platform to seamlessly develop, test, and run Granite family large language models (LLMs) for enterprise applications.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:15836",
"url": "https://access.redhat.com/errata/RHSA-2025:15836"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-48379",
"url": "https://access.redhat.com/security/cve/CVE-2025-48379"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/cve-2025-47277",
"url": "https://access.redhat.com/security/cve/cve-2025-47277"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://www.redhat.com/en/technologies/linux-platforms/enterprise-linux/ai",
"url": "https://www.redhat.com/en/technologies/linux-platforms/enterprise-linux/ai"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_15836.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Enterprise Linux AI 1.5 (Intel Gaudi)",
"tracking": {
"current_release_date": "2025-12-18T23:32:21+00:00",
"generator": {
"date": "2025-12-18T23:32:21+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.14"
}
},
"id": "RHSA-2025:15836",
"initial_release_date": "2025-09-15T16:07:54+00:00",
"revision_history": [
{
"date": "2025-09-15T16:07:54+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-11-17T22:18:45+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-12-18T23:32:21+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AI 1.5",
"product": {
"name": "Red Hat Enterprise Linux AI 1.5",
"product_id": "Red Hat Enterprise Linux AI 1.5",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux_ai:1.5::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux AI"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhelai1/bootc-intel-rhel9@sha256:47c7b3931eb3a829bb4916cf9ecb7d03d83e762801399f8ed3825de0aa213b43_amd64",
"product": {
"name": "registry.redhat.io/rhelai1/bootc-intel-rhel9@sha256:47c7b3931eb3a829bb4916cf9ecb7d03d83e762801399f8ed3825de0aa213b43_amd64",
"product_id": "registry.redhat.io/rhelai1/bootc-intel-rhel9@sha256:47c7b3931eb3a829bb4916cf9ecb7d03d83e762801399f8ed3825de0aa213b43_amd64",
"product_identification_helper": {
"purl": "pkg:oci/bootc-intel-rhel9@sha256%3A47c7b3931eb3a829bb4916cf9ecb7d03d83e762801399f8ed3825de0aa213b43?arch=amd64\u0026repository_url=registry.redhat.io/rhelai1\u0026tag=1.5.3-1756724193"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhelai1/bootc-intel-rhel9@sha256:47c7b3931eb3a829bb4916cf9ecb7d03d83e762801399f8ed3825de0aa213b43_amd64 as a component of Red Hat Enterprise Linux AI 1.5",
"product_id": "Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/bootc-intel-rhel9@sha256:47c7b3931eb3a829bb4916cf9ecb7d03d83e762801399f8ed3825de0aa213b43_amd64"
},
"product_reference": "registry.redhat.io/rhelai1/bootc-intel-rhel9@sha256:47c7b3931eb3a829bb4916cf9ecb7d03d83e762801399f8ed3825de0aa213b43_amd64",
"relates_to_product_reference": "Red Hat Enterprise Linux AI 1.5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-47277",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2025-05-20T18:00:58.703636+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2367605"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in vLLM. This vulnerability allows unauthorized access to key-value caches via network exposure of the `TCPStore` interface when using the `PyNcclPipe` KV cache transfer integration with the V0 engine.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vllm: vLLM Allows Remote Code Execution via PyNcclPipe Communication Service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "By default, Red Hat products are configured to restrict vLLM nodes to an isolated network. However, this vulnerability could become relevant if customers change the specific configurations, and therefore, Red Hat products are affected.\n\nThis vulnerability is classified as Moderate rather than Critical because its exploitability and impact are constrained by specific deployment contexts and assumptions about network trust boundaries. While the use of pickle.loads on untrusted input typically leads to remote code execution (RCE), the vulnerable PyNcclPipe interface is not intended to be exposed to the internet or untrusted networks, it is designed for use within a secured, internal cluster environment as explicitly documented by vLLM. Successful exploitation requires an attacker to have direct network access to a misconfigured or poorly segmented system where the KV cache transfer service is bound to a public interface. Additionally, the vulnerable code path exists only in a niche configuration (V0 engine with PyNcclPipe), further reducing its exposure. Therefore, while the flaw does introduce RCE risk in misconfigured setups, the combination of non-default exposure, clear documentation, and limited applicability justifies a reduced impact.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/bootc-intel-rhel9@sha256:47c7b3931eb3a829bb4916cf9ecb7d03d83e762801399f8ed3825de0aa213b43_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-47277"
},
{
"category": "external",
"summary": "RHBZ#2367605",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2367605"
},
{
"category": "external",
"summary": "RHSB-2025-001",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2025-001"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-47277",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47277"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-47277",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47277"
},
{
"category": "external",
"summary": "https://docs.vllm.ai/en/latest/deployment/security.html",
"url": "https://docs.vllm.ai/en/latest/deployment/security.html"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/commit/0d6e187e88874c39cda7409cf673f9e6546893e7",
"url": "https://github.com/vllm-project/vllm/commit/0d6e187e88874c39cda7409cf673f9e6546893e7"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/pull/15988",
"url": "https://github.com/vllm-project/vllm/pull/15988"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/security/advisories/GHSA-hjq4-87xh-g4fv",
"url": "https://github.com/vllm-project/vllm/security/advisories/GHSA-hjq4-87xh-g4fv"
}
],
"release_date": "2025-05-20T17:32:27.034000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-09-15T16:07:54+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:15836",
"product_ids": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/bootc-intel-rhel9@sha256:47c7b3931eb3a829bb4916cf9ecb7d03d83e762801399f8ed3825de0aa213b43_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:15836"
},
{
"category": "workaround",
"details": "No mitigation is currently available that meets Red Hat Product Security\u2019s standards for usability, deployment, applicability, or stability.",
"product_ids": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/bootc-intel-rhel9@sha256:47c7b3931eb3a829bb4916cf9ecb7d03d83e762801399f8ed3825de0aa213b43_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/bootc-intel-rhel9@sha256:47c7b3931eb3a829bb4916cf9ecb7d03d83e762801399f8ed3825de0aa213b43_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "vllm: vLLM Allows Remote Code Execution via PyNcclPipe Communication Service"
},
{
"cve": "CVE-2025-48379",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"discovery_date": "2025-07-01T19:00:57.380377+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2375795"
}
],
"notes": [
{
"category": "description",
"text": "A critical vulnerability was identified in the Pillow image processing library. This flaw could allow a local attacker to execute arbitrary code or cause the application to crash, resulting in a denial of service. An attacker can exploit this vulnerability by tricking an application into processing a specially crafted image file. The issue occurs because the library writes more data than an allocated memory buffer can hold, leading to memory corruption.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-pillow: pillow: Pillow DDS Heap Buffer Overflow",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability was rated as Important by the Red Hat Product Security Engineer. An attacker may leverage that by crafting a malicious DDS image bigger than 64k (when encoded). This happens because of the lack of size checking when writing the image data into an internal buffer. When successfully exploited, this vulnerability may lead to a local arbitrary code execution within the user privileges similar to the ones for the user running the application or a denial of service for the application consuming the Pillow library.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/bootc-intel-rhel9@sha256:47c7b3931eb3a829bb4916cf9ecb7d03d83e762801399f8ed3825de0aa213b43_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-48379"
},
{
"category": "external",
"summary": "RHBZ#2375795",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2375795"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-48379",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48379"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-48379",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-48379"
},
{
"category": "external",
"summary": "https://github.com/python-pillow/Pillow/commit/ef98b3510e3e4f14b547762764813d7e5ca3c5a4",
"url": "https://github.com/python-pillow/Pillow/commit/ef98b3510e3e4f14b547762764813d7e5ca3c5a4"
},
{
"category": "external",
"summary": "https://github.com/python-pillow/Pillow/pull/9041",
"url": "https://github.com/python-pillow/Pillow/pull/9041"
},
{
"category": "external",
"summary": "https://github.com/python-pillow/Pillow/releases/tag/11.3.0",
"url": "https://github.com/python-pillow/Pillow/releases/tag/11.3.0"
},
{
"category": "external",
"summary": "https://github.com/python-pillow/Pillow/security/advisories/GHSA-xg8h-j46f-w952",
"url": "https://github.com/python-pillow/Pillow/security/advisories/GHSA-xg8h-j46f-w952"
}
],
"release_date": "2025-07-01T18:33:30.687000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-09-15T16:07:54+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:15836",
"product_ids": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/bootc-intel-rhel9@sha256:47c7b3931eb3a829bb4916cf9ecb7d03d83e762801399f8ed3825de0aa213b43_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:15836"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/bootc-intel-rhel9@sha256:47c7b3931eb3a829bb4916cf9ecb7d03d83e762801399f8ed3825de0aa213b43_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/bootc-intel-rhel9@sha256:47c7b3931eb3a829bb4916cf9ecb7d03d83e762801399f8ed3825de0aa213b43_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "python-pillow: pillow: Pillow DDS Heap Buffer Overflow"
}
]
}
GHSA-XG8H-J46F-W952
Vulnerability from github – Published: 2025-07-01 17:29 – Updated: 2025-07-02 14:20
VLAI?
Summary
Pillow vulnerability can cause write buffer overflow on BCn encoding
Details
There is a heap buffer overflow when writing a sufficiently large (>64k encoded with default settings) image in the DDS format due to writing into a buffer without checking for available space.
This only affects users who save untrusted data as a compressed DDS image.
- Unclear how large the potential write could be. It is likely limited by process segfault, so it's not necessarily deterministic. It may be practically unbounded.
- Unclear if there's a restriction on the bytes that could be emitted. It's likely that the only restriction is that the bytes would be emitted in chunks of 8 or 16.
This was introduced in Pillow 11.2.0 when the feature was added.
Severity ?
7.1 (High)
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "pillow"
},
"ranges": [
{
"events": [
{
"introduced": "11.2.0"
},
{
"fixed": "11.3.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2025-48379"
],
"database_specific": {
"cwe_ids": [
"CWE-122"
],
"github_reviewed": true,
"github_reviewed_at": "2025-07-01T17:29:37Z",
"nvd_published_at": "2025-07-01T19:15:27Z",
"severity": "HIGH"
},
"details": "There is a heap buffer overflow when writing a sufficiently large (\u003e64k encoded with default settings) image in the DDS format due to writing into a buffer without checking for available space. \n\nThis only affects users who save untrusted data as a compressed DDS image. \n\n* Unclear how large the potential write could be. It is likely limited by process segfault, so it\u0027s not necessarily deterministic. It may be practically unbounded. \n* Unclear if there\u0027s a restriction on the bytes that could be emitted. It\u0027s likely that the only restriction is that the bytes would be emitted in chunks of 8 or 16. \n\nThis was introduced in Pillow 11.2.0 when the feature was added.",
"id": "GHSA-xg8h-j46f-w952",
"modified": "2025-07-02T14:20:24Z",
"published": "2025-07-01T17:29:37Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/python-pillow/Pillow/security/advisories/GHSA-xg8h-j46f-w952"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-48379"
},
{
"type": "WEB",
"url": "https://github.com/python-pillow/Pillow/pull/9041"
},
{
"type": "WEB",
"url": "https://github.com/python-pillow/Pillow/commit/ef98b3510e3e4f14b547762764813d7e5ca3c5a4"
},
{
"type": "WEB",
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/pillow/PYSEC-2025-61.yaml"
},
{
"type": "PACKAGE",
"url": "https://github.com/python-pillow/Pillow"
},
{
"type": "WEB",
"url": "https://github.com/python-pillow/Pillow/releases/tag/11.3.0"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Pillow vulnerability can cause write buffer overflow on BCn encoding"
}
OPENSUSE-SU-2025:15316-1
Vulnerability from csaf_opensuse - Published: 2025-07-06 00:00 - Updated: 2025-07-06 00:00Summary
python311-Pillow-11.3.0-1.1 on GA media
Notes
Title of the patch
python311-Pillow-11.3.0-1.1 on GA media
Description of the patch
These are all security issues fixed in the python311-Pillow-11.3.0-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2025-15316
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "python311-Pillow-11.3.0-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the python311-Pillow-11.3.0-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15316",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15316-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-48379 page",
"url": "https://www.suse.com/security/cve/CVE-2025-48379/"
}
],
"title": "python311-Pillow-11.3.0-1.1 on GA media",
"tracking": {
"current_release_date": "2025-07-06T00:00:00Z",
"generator": {
"date": "2025-07-06T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15316-1",
"initial_release_date": "2025-07-06T00:00:00Z",
"revision_history": [
{
"date": "2025-07-06T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "python311-Pillow-11.3.0-1.1.aarch64",
"product": {
"name": "python311-Pillow-11.3.0-1.1.aarch64",
"product_id": "python311-Pillow-11.3.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "python311-Pillow-tk-11.3.0-1.1.aarch64",
"product": {
"name": "python311-Pillow-tk-11.3.0-1.1.aarch64",
"product_id": "python311-Pillow-tk-11.3.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "python312-Pillow-11.3.0-1.1.aarch64",
"product": {
"name": "python312-Pillow-11.3.0-1.1.aarch64",
"product_id": "python312-Pillow-11.3.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "python312-Pillow-tk-11.3.0-1.1.aarch64",
"product": {
"name": "python312-Pillow-tk-11.3.0-1.1.aarch64",
"product_id": "python312-Pillow-tk-11.3.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "python313-Pillow-11.3.0-1.1.aarch64",
"product": {
"name": "python313-Pillow-11.3.0-1.1.aarch64",
"product_id": "python313-Pillow-11.3.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "python313-Pillow-tk-11.3.0-1.1.aarch64",
"product": {
"name": "python313-Pillow-tk-11.3.0-1.1.aarch64",
"product_id": "python313-Pillow-tk-11.3.0-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "python311-Pillow-11.3.0-1.1.ppc64le",
"product": {
"name": "python311-Pillow-11.3.0-1.1.ppc64le",
"product_id": "python311-Pillow-11.3.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "python311-Pillow-tk-11.3.0-1.1.ppc64le",
"product": {
"name": "python311-Pillow-tk-11.3.0-1.1.ppc64le",
"product_id": "python311-Pillow-tk-11.3.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "python312-Pillow-11.3.0-1.1.ppc64le",
"product": {
"name": "python312-Pillow-11.3.0-1.1.ppc64le",
"product_id": "python312-Pillow-11.3.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "python312-Pillow-tk-11.3.0-1.1.ppc64le",
"product": {
"name": "python312-Pillow-tk-11.3.0-1.1.ppc64le",
"product_id": "python312-Pillow-tk-11.3.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "python313-Pillow-11.3.0-1.1.ppc64le",
"product": {
"name": "python313-Pillow-11.3.0-1.1.ppc64le",
"product_id": "python313-Pillow-11.3.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "python313-Pillow-tk-11.3.0-1.1.ppc64le",
"product": {
"name": "python313-Pillow-tk-11.3.0-1.1.ppc64le",
"product_id": "python313-Pillow-tk-11.3.0-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "python311-Pillow-11.3.0-1.1.s390x",
"product": {
"name": "python311-Pillow-11.3.0-1.1.s390x",
"product_id": "python311-Pillow-11.3.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "python311-Pillow-tk-11.3.0-1.1.s390x",
"product": {
"name": "python311-Pillow-tk-11.3.0-1.1.s390x",
"product_id": "python311-Pillow-tk-11.3.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "python312-Pillow-11.3.0-1.1.s390x",
"product": {
"name": "python312-Pillow-11.3.0-1.1.s390x",
"product_id": "python312-Pillow-11.3.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "python312-Pillow-tk-11.3.0-1.1.s390x",
"product": {
"name": "python312-Pillow-tk-11.3.0-1.1.s390x",
"product_id": "python312-Pillow-tk-11.3.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "python313-Pillow-11.3.0-1.1.s390x",
"product": {
"name": "python313-Pillow-11.3.0-1.1.s390x",
"product_id": "python313-Pillow-11.3.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "python313-Pillow-tk-11.3.0-1.1.s390x",
"product": {
"name": "python313-Pillow-tk-11.3.0-1.1.s390x",
"product_id": "python313-Pillow-tk-11.3.0-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "python311-Pillow-11.3.0-1.1.x86_64",
"product": {
"name": "python311-Pillow-11.3.0-1.1.x86_64",
"product_id": "python311-Pillow-11.3.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "python311-Pillow-tk-11.3.0-1.1.x86_64",
"product": {
"name": "python311-Pillow-tk-11.3.0-1.1.x86_64",
"product_id": "python311-Pillow-tk-11.3.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "python312-Pillow-11.3.0-1.1.x86_64",
"product": {
"name": "python312-Pillow-11.3.0-1.1.x86_64",
"product_id": "python312-Pillow-11.3.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "python312-Pillow-tk-11.3.0-1.1.x86_64",
"product": {
"name": "python312-Pillow-tk-11.3.0-1.1.x86_64",
"product_id": "python312-Pillow-tk-11.3.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "python313-Pillow-11.3.0-1.1.x86_64",
"product": {
"name": "python313-Pillow-11.3.0-1.1.x86_64",
"product_id": "python313-Pillow-11.3.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "python313-Pillow-tk-11.3.0-1.1.x86_64",
"product": {
"name": "python313-Pillow-tk-11.3.0-1.1.x86_64",
"product_id": "python313-Pillow-tk-11.3.0-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-Pillow-11.3.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python311-Pillow-11.3.0-1.1.aarch64"
},
"product_reference": "python311-Pillow-11.3.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-Pillow-11.3.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python311-Pillow-11.3.0-1.1.ppc64le"
},
"product_reference": "python311-Pillow-11.3.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-Pillow-11.3.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python311-Pillow-11.3.0-1.1.s390x"
},
"product_reference": "python311-Pillow-11.3.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-Pillow-11.3.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python311-Pillow-11.3.0-1.1.x86_64"
},
"product_reference": "python311-Pillow-11.3.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-Pillow-tk-11.3.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python311-Pillow-tk-11.3.0-1.1.aarch64"
},
"product_reference": "python311-Pillow-tk-11.3.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-Pillow-tk-11.3.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python311-Pillow-tk-11.3.0-1.1.ppc64le"
},
"product_reference": "python311-Pillow-tk-11.3.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-Pillow-tk-11.3.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python311-Pillow-tk-11.3.0-1.1.s390x"
},
"product_reference": "python311-Pillow-tk-11.3.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-Pillow-tk-11.3.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python311-Pillow-tk-11.3.0-1.1.x86_64"
},
"product_reference": "python311-Pillow-tk-11.3.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python312-Pillow-11.3.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python312-Pillow-11.3.0-1.1.aarch64"
},
"product_reference": "python312-Pillow-11.3.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python312-Pillow-11.3.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python312-Pillow-11.3.0-1.1.ppc64le"
},
"product_reference": "python312-Pillow-11.3.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python312-Pillow-11.3.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python312-Pillow-11.3.0-1.1.s390x"
},
"product_reference": "python312-Pillow-11.3.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python312-Pillow-11.3.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python312-Pillow-11.3.0-1.1.x86_64"
},
"product_reference": "python312-Pillow-11.3.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python312-Pillow-tk-11.3.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python312-Pillow-tk-11.3.0-1.1.aarch64"
},
"product_reference": "python312-Pillow-tk-11.3.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python312-Pillow-tk-11.3.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python312-Pillow-tk-11.3.0-1.1.ppc64le"
},
"product_reference": "python312-Pillow-tk-11.3.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python312-Pillow-tk-11.3.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python312-Pillow-tk-11.3.0-1.1.s390x"
},
"product_reference": "python312-Pillow-tk-11.3.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python312-Pillow-tk-11.3.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python312-Pillow-tk-11.3.0-1.1.x86_64"
},
"product_reference": "python312-Pillow-tk-11.3.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python313-Pillow-11.3.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python313-Pillow-11.3.0-1.1.aarch64"
},
"product_reference": "python313-Pillow-11.3.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python313-Pillow-11.3.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python313-Pillow-11.3.0-1.1.ppc64le"
},
"product_reference": "python313-Pillow-11.3.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python313-Pillow-11.3.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python313-Pillow-11.3.0-1.1.s390x"
},
"product_reference": "python313-Pillow-11.3.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python313-Pillow-11.3.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python313-Pillow-11.3.0-1.1.x86_64"
},
"product_reference": "python313-Pillow-11.3.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python313-Pillow-tk-11.3.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python313-Pillow-tk-11.3.0-1.1.aarch64"
},
"product_reference": "python313-Pillow-tk-11.3.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python313-Pillow-tk-11.3.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python313-Pillow-tk-11.3.0-1.1.ppc64le"
},
"product_reference": "python313-Pillow-tk-11.3.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python313-Pillow-tk-11.3.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python313-Pillow-tk-11.3.0-1.1.s390x"
},
"product_reference": "python313-Pillow-tk-11.3.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python313-Pillow-tk-11.3.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python313-Pillow-tk-11.3.0-1.1.x86_64"
},
"product_reference": "python313-Pillow-tk-11.3.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-48379",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-48379"
}
],
"notes": [
{
"category": "general",
"text": "Pillow is a Python imaging library. In versions 11.2.0 to before 11.3.0, there is a heap buffer overflow when writing a sufficiently large (\u003e64k encoded with default settings) image in the DDS format due to writing into a buffer without checking for available space. This only affects users who save untrusted data as a compressed DDS image. This issue has been patched in version 11.3.0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python311-Pillow-11.3.0-1.1.aarch64",
"openSUSE Tumbleweed:python311-Pillow-11.3.0-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Pillow-11.3.0-1.1.s390x",
"openSUSE Tumbleweed:python311-Pillow-11.3.0-1.1.x86_64",
"openSUSE Tumbleweed:python311-Pillow-tk-11.3.0-1.1.aarch64",
"openSUSE Tumbleweed:python311-Pillow-tk-11.3.0-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Pillow-tk-11.3.0-1.1.s390x",
"openSUSE Tumbleweed:python311-Pillow-tk-11.3.0-1.1.x86_64",
"openSUSE Tumbleweed:python312-Pillow-11.3.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Pillow-11.3.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Pillow-11.3.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Pillow-11.3.0-1.1.x86_64",
"openSUSE Tumbleweed:python312-Pillow-tk-11.3.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Pillow-tk-11.3.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Pillow-tk-11.3.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Pillow-tk-11.3.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Pillow-11.3.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Pillow-11.3.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Pillow-11.3.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Pillow-11.3.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Pillow-tk-11.3.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Pillow-tk-11.3.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Pillow-tk-11.3.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Pillow-tk-11.3.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-48379",
"url": "https://www.suse.com/security/cve/CVE-2025-48379"
},
{
"category": "external",
"summary": "SUSE Bug 1245578 for CVE-2025-48379",
"url": "https://bugzilla.suse.com/1245578"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python311-Pillow-11.3.0-1.1.aarch64",
"openSUSE Tumbleweed:python311-Pillow-11.3.0-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Pillow-11.3.0-1.1.s390x",
"openSUSE Tumbleweed:python311-Pillow-11.3.0-1.1.x86_64",
"openSUSE Tumbleweed:python311-Pillow-tk-11.3.0-1.1.aarch64",
"openSUSE Tumbleweed:python311-Pillow-tk-11.3.0-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Pillow-tk-11.3.0-1.1.s390x",
"openSUSE Tumbleweed:python311-Pillow-tk-11.3.0-1.1.x86_64",
"openSUSE Tumbleweed:python312-Pillow-11.3.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Pillow-11.3.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Pillow-11.3.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Pillow-11.3.0-1.1.x86_64",
"openSUSE Tumbleweed:python312-Pillow-tk-11.3.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Pillow-tk-11.3.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Pillow-tk-11.3.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Pillow-tk-11.3.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Pillow-11.3.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Pillow-11.3.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Pillow-11.3.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Pillow-11.3.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Pillow-tk-11.3.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Pillow-tk-11.3.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Pillow-tk-11.3.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Pillow-tk-11.3.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python311-Pillow-11.3.0-1.1.aarch64",
"openSUSE Tumbleweed:python311-Pillow-11.3.0-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Pillow-11.3.0-1.1.s390x",
"openSUSE Tumbleweed:python311-Pillow-11.3.0-1.1.x86_64",
"openSUSE Tumbleweed:python311-Pillow-tk-11.3.0-1.1.aarch64",
"openSUSE Tumbleweed:python311-Pillow-tk-11.3.0-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Pillow-tk-11.3.0-1.1.s390x",
"openSUSE Tumbleweed:python311-Pillow-tk-11.3.0-1.1.x86_64",
"openSUSE Tumbleweed:python312-Pillow-11.3.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Pillow-11.3.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Pillow-11.3.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Pillow-11.3.0-1.1.x86_64",
"openSUSE Tumbleweed:python312-Pillow-tk-11.3.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Pillow-tk-11.3.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Pillow-tk-11.3.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Pillow-tk-11.3.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Pillow-11.3.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Pillow-11.3.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Pillow-11.3.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Pillow-11.3.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Pillow-tk-11.3.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Pillow-tk-11.3.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Pillow-tk-11.3.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Pillow-tk-11.3.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-06T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-48379"
}
]
}
FKIE_CVE-2025-48379
Vulnerability from fkie_nvd - Published: 2025-07-01 19:15 - Updated: 2025-10-15 20:03
Severity ?
7.1 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Summary
Pillow is a Python imaging library. In versions 11.2.0 to before 11.3.0, there is a heap buffer overflow when writing a sufficiently large (>64k encoded with default settings) image in the DDS format due to writing into a buffer without checking for available space. This only affects users who save untrusted data as a compressed DDS image. This issue has been patched in version 11.3.0.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:python:pillow:11.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "15F219D5-60A5-47BB-B062-F6B310B53376",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Pillow is a Python imaging library. In versions 11.2.0 to before 11.3.0, there is a heap buffer overflow when writing a sufficiently large (\u003e64k encoded with default settings) image in the DDS format due to writing into a buffer without checking for available space. This only affects users who save untrusted data as a compressed DDS image. This issue has been patched in version 11.3.0."
},
{
"lang": "es",
"value": "Pillow es una librer\u00eda de im\u00e1genes de Python. En las versiones 11.2.0 y anteriores a la 11.3.0, se produce un desbordamiento del b\u00fafer de mont\u00f3n al escribir una imagen suficientemente grande (m\u00e1s de 64k codificada con la configuraci\u00f3n predeterminada) en formato DDS, debido a que se escribe en un b\u00fafer sin comprobar el espacio disponible. Esto solo afecta a los usuarios que guardan datos no confiables como una imagen DDS comprimida. Este problema se ha corregido en la versi\u00f3n 11.3.0. "
}
],
"id": "CVE-2025-48379",
"lastModified": "2025-10-15T20:03:42.337",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2025-07-01T19:15:27.353",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Patch"
],
"url": "https://github.com/python-pillow/Pillow/commit/ef98b3510e3e4f14b547762764813d7e5ca3c5a4"
},
{
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Issue Tracking"
],
"url": "https://github.com/python-pillow/Pillow/pull/9041"
},
{
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
],
"url": "https://github.com/python-pillow/Pillow/releases/tag/11.3.0"
},
{
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
],
"url": "https://github.com/python-pillow/Pillow/security/advisories/GHSA-xg8h-j46f-w952"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-122"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…