RHSA-2025:17181

Vulnerability from csaf_redhat - Published: 2025-10-01 16:41 - Updated: 2026-01-22 00:09
Summary
Red Hat Security Advisory: Insights proxy Container Image

Notes

Topic
Initial GA Release of Red Hat Insights proxy
Details
The Insights proxy Container is used by the Insights proxy product RPM and serves as an intermediary between cystomer systems in disconnected networks, air-gapped systems or systems with no outside connections and Insights. The Insights proxy routes all Red Hat Insights traffic through itself, providing a layer of privary and security for disconnected customer systems.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
To clipboard 

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Initial GA Release of Red Hat Insights proxy",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "The Insights proxy Container is used by the Insights proxy product RPM\nand serves as an intermediary between cystomer systems in disconnected networks,\nair-gapped systems or systems with no outside connections and Insights.\n\nThe Insights proxy routes all Red Hat Insights traffic through itself, providing\na layer of privary and security for disconnected customer systems.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2025:17181",
        "url": "https://access.redhat.com/errata/RHSA-2025:17181"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2025-32988",
        "url": "https://access.redhat.com/security/cve/CVE-2025-32988"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2025-32989",
        "url": "https://access.redhat.com/security/cve/CVE-2025-32989"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2025-32990",
        "url": "https://access.redhat.com/security/cve/CVE-2025-32990"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2025-6020",
        "url": "https://access.redhat.com/security/cve/CVE-2025-6020"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2025-6395",
        "url": "https://access.redhat.com/security/cve/CVE-2025-6395"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2025-8941",
        "url": "https://access.redhat.com/security/cve/CVE-2025-8941"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/",
        "url": "https://access.redhat.com/security/updates/classification/"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_17181.json"
      }
    ],
    "title": "Red Hat Security Advisory: Insights proxy Container Image",
    "tracking": {
      "current_release_date": "2026-01-22T00:09:57+00:00",
      "generator": {
        "date": "2026-01-22T00:09:57+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.6.15"
        }
      },
      "id": "RHSA-2025:17181",
      "initial_release_date": "2025-10-01T16:41:41+00:00",
      "revision_history": [
        {
          "date": "2025-10-01T16:41:41+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2025-10-01T16:41:46+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2026-01-22T00:09:57+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Insights proxy 1.5",
                "product": {
                  "name": "Red Hat Insights proxy 1.5",
                  "product_id": "Red Hat Insights proxy 1.5",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:insights_proxy:1.5::el9"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Insights proxy"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:4ca38b33efec0d2dd17a8fd822a7c18281810676ceabb0c1db90953cb91cd5ea_amd64",
                "product": {
                  "name": "registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:4ca38b33efec0d2dd17a8fd822a7c18281810676ceabb0c1db90953cb91cd5ea_amd64",
                  "product_id": "registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:4ca38b33efec0d2dd17a8fd822a7c18281810676ceabb0c1db90953cb91cd5ea_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/insights-proxy-container-rhel9@sha256%3A4ca38b33efec0d2dd17a8fd822a7c18281810676ceabb0c1db90953cb91cd5ea?arch=amd64\u0026repository_url=registry.redhat.io/insights-proxy\u0026tag=1.5.7-1759331989"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "amd64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:8eb6b896e1eac4080a564e146f95c4166e47ca137083b37119027c6a77011207_arm64",
                "product": {
                  "name": "registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:8eb6b896e1eac4080a564e146f95c4166e47ca137083b37119027c6a77011207_arm64",
                  "product_id": "registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:8eb6b896e1eac4080a564e146f95c4166e47ca137083b37119027c6a77011207_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/insights-proxy-container-rhel9@sha256%3A8eb6b896e1eac4080a564e146f95c4166e47ca137083b37119027c6a77011207?arch=arm64\u0026repository_url=registry.redhat.io/insights-proxy\u0026tag=1.5.7-1759331989"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "arm64"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:4ca38b33efec0d2dd17a8fd822a7c18281810676ceabb0c1db90953cb91cd5ea_amd64 as a component of Red Hat Insights proxy 1.5",
          "product_id": "Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:4ca38b33efec0d2dd17a8fd822a7c18281810676ceabb0c1db90953cb91cd5ea_amd64"
        },
        "product_reference": "registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:4ca38b33efec0d2dd17a8fd822a7c18281810676ceabb0c1db90953cb91cd5ea_amd64",
        "relates_to_product_reference": "Red Hat Insights proxy 1.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:8eb6b896e1eac4080a564e146f95c4166e47ca137083b37119027c6a77011207_arm64 as a component of Red Hat Insights proxy 1.5",
          "product_id": "Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:8eb6b896e1eac4080a564e146f95c4166e47ca137083b37119027c6a77011207_arm64"
        },
        "product_reference": "registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:8eb6b896e1eac4080a564e146f95c4166e47ca137083b37119027c6a77011207_arm64",
        "relates_to_product_reference": "Red Hat Insights proxy 1.5"
      }
    ]
  },
  "vulnerabilities": [
    {
      "acknowledgments": [
        {
          "names": [
            "Olivier BAL-PETRE"
          ],
          "organization": "ANSSI - French Cybersecurity Agency"
        }
      ],
      "cve": "CVE-2025-6020",
      "cwe": {
        "id": "CWE-22",
        "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
      },
      "discovery_date": "2025-06-12T16:33:01.214000+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2372512"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "linux-pam: Linux-pam directory Traversal",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This vulnerability in pam_namespace marked as Important rather than Moderate due to its direct impact on privilege boundaries and the ease of exploitation in common configurations. By leveraging symlink attacks or race conditions in polyinstantiated directories under their control, unprivileged local users can escalate to root, compromising the entire system. Since pam_namespace is often used in multi-user environments (e.g., shared systems, terminal servers, containers), a misconfigured or partially protected setup becomes a single point of failure. The attack does not require special capabilities or kernel-level exploits\u2014just timing and control over certain paths\u2014making it both reliable and low-barrier. Moreover, privilege escalation flaws like this can be chained with other vulnerabilities to persist or evade detection, further amplifying the risk.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:4ca38b33efec0d2dd17a8fd822a7c18281810676ceabb0c1db90953cb91cd5ea_amd64",
          "Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:8eb6b896e1eac4080a564e146f95c4166e47ca137083b37119027c6a77011207_arm64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-6020"
        },
        {
          "category": "external",
          "summary": "RHBZ#2372512",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372512"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-6020",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-6020"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6020",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6020"
        }
      ],
      "release_date": "2025-06-17T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-10-01T16:41:41+00:00",
          "details": "The Insights proxy container image provided here is downloaded by the Red Hat\nInsights proxy product RPM.\n\nBefore applying this update, make sure all previously released errata relevant to\nyour system have been applied.",
          "product_ids": [
            "Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:4ca38b33efec0d2dd17a8fd822a7c18281810676ceabb0c1db90953cb91cd5ea_amd64",
            "Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:8eb6b896e1eac4080a564e146f95c4166e47ca137083b37119027c6a77011207_arm64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:17181"
        },
        {
          "category": "workaround",
          "details": "Disable the `pam_namespace` module if it is not essential for your environment, or carefully review and configure it to avoid operating on any directories or paths that can be influenced or controlled by unprivileged users, such as user home directories or world-writable locations like `/tmp`.",
          "product_ids": [
            "Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:4ca38b33efec0d2dd17a8fd822a7c18281810676ceabb0c1db90953cb91cd5ea_amd64",
            "Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:8eb6b896e1eac4080a564e146f95c4166e47ca137083b37119027c6a77011207_arm64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:4ca38b33efec0d2dd17a8fd822a7c18281810676ceabb0c1db90953cb91cd5ea_amd64",
            "Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:8eb6b896e1eac4080a564e146f95c4166e47ca137083b37119027c6a77011207_arm64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "linux-pam: Linux-pam directory Traversal"
    },
    {
      "cve": "CVE-2025-6395",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "discovery_date": "2025-07-07T09:30:13.037000+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2376755"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A NULL pointer dereference flaw was found in the GnuTLS software in _gnutls_figure_common_ciphersuite().",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "gnutls: NULL pointer dereference in _gnutls_figure_common_ciphersuite()",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:4ca38b33efec0d2dd17a8fd822a7c18281810676ceabb0c1db90953cb91cd5ea_amd64",
          "Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:8eb6b896e1eac4080a564e146f95c4166e47ca137083b37119027c6a77011207_arm64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-6395"
        },
        {
          "category": "external",
          "summary": "RHBZ#2376755",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2376755"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-6395",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-6395"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6395",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6395"
        }
      ],
      "release_date": "2025-07-10T07:56:53.029000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-10-01T16:41:41+00:00",
          "details": "The Insights proxy container image provided here is downloaded by the Red Hat\nInsights proxy product RPM.\n\nBefore applying this update, make sure all previously released errata relevant to\nyour system have been applied.",
          "product_ids": [
            "Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:4ca38b33efec0d2dd17a8fd822a7c18281810676ceabb0c1db90953cb91cd5ea_amd64",
            "Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:8eb6b896e1eac4080a564e146f95c4166e47ca137083b37119027c6a77011207_arm64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:17181"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:4ca38b33efec0d2dd17a8fd822a7c18281810676ceabb0c1db90953cb91cd5ea_amd64",
            "Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:8eb6b896e1eac4080a564e146f95c4166e47ca137083b37119027c6a77011207_arm64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:4ca38b33efec0d2dd17a8fd822a7c18281810676ceabb0c1db90953cb91cd5ea_amd64",
            "Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:8eb6b896e1eac4080a564e146f95c4166e47ca137083b37119027c6a77011207_arm64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "gnutls: NULL pointer dereference in _gnutls_figure_common_ciphersuite()"
    },
    {
      "cve": "CVE-2025-8941",
      "cwe": {
        "id": "CWE-22",
        "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
      },
      "discovery_date": "2025-08-13T12:11:55.270000+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2388220"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in linux-pam. The pam_namespace module may improperly handle user-controlled paths, allowing local users to exploit symlink attacks and race conditions to elevate their privileges to root. This CVE provides a \"complete\" fix for CVE-2025-6020.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "linux-pam: Incomplete fix for CVE-2025-6020",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This vulnerability in pam_namespace is rated Important because it allows a local, unprivileged user to escalate privileges to root by exploiting symlink attacks or race conditions in polyinstantiated directories under their control. Successful exploitation requires only the ability to create and manipulate filesystem paths in such directories, without the need for special capabilities or kernel-level vulnerabilities. In multi-user environments\u2014such as shared systems, terminal servers, or certain container deployments, an unprotected or misconfigured pam_namespace configuration can serve as a single point of compromise. Privilege escalation flaws of this nature may also be chained with other vulnerabilities to maintain persistence or evade detection, further increasing the overall impact.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:4ca38b33efec0d2dd17a8fd822a7c18281810676ceabb0c1db90953cb91cd5ea_amd64",
          "Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:8eb6b896e1eac4080a564e146f95c4166e47ca137083b37119027c6a77011207_arm64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-8941"
        },
        {
          "category": "external",
          "summary": "RHBZ#2388220",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2388220"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-8941",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-8941"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-8941",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-8941"
        }
      ],
      "release_date": "2025-08-13T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-10-01T16:41:41+00:00",
          "details": "The Insights proxy container image provided here is downloaded by the Red Hat\nInsights proxy product RPM.\n\nBefore applying this update, make sure all previously released errata relevant to\nyour system have been applied.",
          "product_ids": [
            "Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:4ca38b33efec0d2dd17a8fd822a7c18281810676ceabb0c1db90953cb91cd5ea_amd64",
            "Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:8eb6b896e1eac4080a564e146f95c4166e47ca137083b37119027c6a77011207_arm64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:17181"
        },
        {
          "category": "workaround",
          "details": "Disable the `pam_namespace` module if it is not essential for your environment, or carefully review and configure it to avoid operating on any directories or paths that can be influenced or controlled by unprivileged users, such as user home directories or world-writable locations like `/tmp`.",
          "product_ids": [
            "Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:4ca38b33efec0d2dd17a8fd822a7c18281810676ceabb0c1db90953cb91cd5ea_amd64",
            "Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:8eb6b896e1eac4080a564e146f95c4166e47ca137083b37119027c6a77011207_arm64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:4ca38b33efec0d2dd17a8fd822a7c18281810676ceabb0c1db90953cb91cd5ea_amd64",
            "Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:8eb6b896e1eac4080a564e146f95c4166e47ca137083b37119027c6a77011207_arm64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "linux-pam: Incomplete fix for CVE-2025-6020"
    },
    {
      "cve": "CVE-2025-32988",
      "cwe": {
        "id": "CWE-415",
        "name": "Double Free"
      },
      "discovery_date": "2025-04-15T01:21:36.833000+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2359622"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in GnuTLS. A double-free vulnerability exists in GnuTLS due to incorrect ownership handling in the export logic of Subject Alternative Name (SAN) entries containing an otherName. If the type-id OID is invalid or malformed, GnuTLS will call asn1_delete_structure() on an ASN.1 node it does not own, leading to a double-free condition when the parent function or caller later attempts to free the same structure.\n\nThis vulnerability can be triggered using only public GnuTLS APIs and may result in denial of service or memory corruption, depending on allocator behavior.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "gnutls: Vulnerability in GnuTLS otherName SAN export",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This vulnerability is rated Moderate rather than Important because, although it involves a memory management flaw (double-free) that can potentially lead to memory corruption, practical exploitation is limited by modern memory protection mechanisms and contextual constraints. The issue occurs only when processing malformed SAN otherName entries through public GnuTLS APIs\u2014an uncommon and controlled code path in most deployments. Furthermore, exploitation for arbitrary code execution is highly dependent on allocator behavior and requires precise heap manipulation, which is non-trivial under defenses such as Address Space Layout Randomization (ASLR), Data Execution Prevention (DEP), and hardened memory allocators. In the majority of cases, the outcome would be a crash or denial of service rather than a reliable compromise of integrity or confidentiality. Therefore, given its limited attack surface, dependency on crafted input, and the presence of strong runtime mitigations, the impact justifies a Moderate severity classification instead of Important.\n\nAs such, successfully triggering this vulnerability would require a sophisticated attack vector that is capable of accounting for the many native and deployed security mechanisms designed to detect and contain a double-free condition.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:4ca38b33efec0d2dd17a8fd822a7c18281810676ceabb0c1db90953cb91cd5ea_amd64",
          "Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:8eb6b896e1eac4080a564e146f95c4166e47ca137083b37119027c6a77011207_arm64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-32988"
        },
        {
          "category": "external",
          "summary": "RHBZ#2359622",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2359622"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-32988",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-32988"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-32988",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-32988"
        }
      ],
      "release_date": "2025-07-10T07:55:14.310000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-10-01T16:41:41+00:00",
          "details": "The Insights proxy container image provided here is downloaded by the Red Hat\nInsights proxy product RPM.\n\nBefore applying this update, make sure all previously released errata relevant to\nyour system have been applied.",
          "product_ids": [
            "Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:4ca38b33efec0d2dd17a8fd822a7c18281810676ceabb0c1db90953cb91cd5ea_amd64",
            "Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:8eb6b896e1eac4080a564e146f95c4166e47ca137083b37119027c6a77011207_arm64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:17181"
        },
        {
          "category": "workaround",
          "details": "Currently, no mitigation is available for this vulnerability.",
          "product_ids": [
            "Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:4ca38b33efec0d2dd17a8fd822a7c18281810676ceabb0c1db90953cb91cd5ea_amd64",
            "Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:8eb6b896e1eac4080a564e146f95c4166e47ca137083b37119027c6a77011207_arm64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:4ca38b33efec0d2dd17a8fd822a7c18281810676ceabb0c1db90953cb91cd5ea_amd64",
            "Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:8eb6b896e1eac4080a564e146f95c4166e47ca137083b37119027c6a77011207_arm64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "gnutls: Vulnerability in GnuTLS otherName SAN export"
    },
    {
      "cve": "CVE-2025-32989",
      "cwe": {
        "id": "CWE-295",
        "name": "Improper Certificate Validation"
      },
      "discovery_date": "2025-04-15T01:21:36.512000+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2359621"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency (CT) Signed Certificate Timestamp (SCT) extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension (OID 1.3.6.1.4.1.11129.2.4.2) that contains sensitive data. This issue leads to the exposure of confidential information when GnuTLS verifies certificates from certain websites when the certificate (SCT) is not checked correctly.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "gnutls: Vulnerability in GnuTLS SCT extension parsing",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:4ca38b33efec0d2dd17a8fd822a7c18281810676ceabb0c1db90953cb91cd5ea_amd64",
          "Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:8eb6b896e1eac4080a564e146f95c4166e47ca137083b37119027c6a77011207_arm64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-32989"
        },
        {
          "category": "external",
          "summary": "RHBZ#2359621",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2359621"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-32989",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-32989"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-32989",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-32989"
        }
      ],
      "release_date": "2025-07-10T07:54:13.541000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-10-01T16:41:41+00:00",
          "details": "The Insights proxy container image provided here is downloaded by the Red Hat\nInsights proxy product RPM.\n\nBefore applying this update, make sure all previously released errata relevant to\nyour system have been applied.",
          "product_ids": [
            "Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:4ca38b33efec0d2dd17a8fd822a7c18281810676ceabb0c1db90953cb91cd5ea_amd64",
            "Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:8eb6b896e1eac4080a564e146f95c4166e47ca137083b37119027c6a77011207_arm64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:17181"
        },
        {
          "category": "workaround",
          "details": "Currently, no mitigation is available for this vulnerability.",
          "product_ids": [
            "Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:4ca38b33efec0d2dd17a8fd822a7c18281810676ceabb0c1db90953cb91cd5ea_amd64",
            "Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:8eb6b896e1eac4080a564e146f95c4166e47ca137083b37119027c6a77011207_arm64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:4ca38b33efec0d2dd17a8fd822a7c18281810676ceabb0c1db90953cb91cd5ea_amd64",
            "Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:8eb6b896e1eac4080a564e146f95c4166e47ca137083b37119027c6a77011207_arm64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "gnutls: Vulnerability in GnuTLS SCT extension parsing"
    },
    {
      "cve": "CVE-2025-32990",
      "cwe": {
        "id": "CWE-122",
        "name": "Heap-based Buffer Overflow"
      },
      "discovery_date": "2025-04-15T01:21:36.656000+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2359620"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A heap-buffer-overflow (off-by-one) flaw was found in the GnuTLS software in the template parsing logic within the certtool utility. When it reads certain settings from a template file, it allows an attacker to cause an out-of-bounds (OOB) NULL pointer write, resulting in memory corruption and a denial-of-service (DoS) that could potentially crash the system.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "gnutls: Vulnerability in GnuTLS certtool template parsing",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This vulnerability is rated as a moderate severity because a heap-buffer-overflow (off-by-one) flaw was found exclusively in the certtool utility\u0027s template parsing logic (part of the gnutls-utils package), and does not affect the core gnutls library itself. This issue is triggered when the tool processes specially crafted settings from a template file, leading to an out-of-bounds NULL pointer write. The resulting memory corruption causes a denial-of-service by crashing the application.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:4ca38b33efec0d2dd17a8fd822a7c18281810676ceabb0c1db90953cb91cd5ea_amd64",
          "Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:8eb6b896e1eac4080a564e146f95c4166e47ca137083b37119027c6a77011207_arm64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-32990"
        },
        {
          "category": "external",
          "summary": "RHBZ#2359620",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2359620"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-32990",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-32990"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-32990",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-32990"
        }
      ],
      "release_date": "2025-07-09T07:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-10-01T16:41:41+00:00",
          "details": "The Insights proxy container image provided here is downloaded by the Red Hat\nInsights proxy product RPM.\n\nBefore applying this update, make sure all previously released errata relevant to\nyour system have been applied.",
          "product_ids": [
            "Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:4ca38b33efec0d2dd17a8fd822a7c18281810676ceabb0c1db90953cb91cd5ea_amd64",
            "Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:8eb6b896e1eac4080a564e146f95c4166e47ca137083b37119027c6a77011207_arm64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:17181"
        },
        {
          "category": "workaround",
          "details": "Currently, no mitigation is available for this vulnerability.",
          "product_ids": [
            "Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:4ca38b33efec0d2dd17a8fd822a7c18281810676ceabb0c1db90953cb91cd5ea_amd64",
            "Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:8eb6b896e1eac4080a564e146f95c4166e47ca137083b37119027c6a77011207_arm64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:4ca38b33efec0d2dd17a8fd822a7c18281810676ceabb0c1db90953cb91cd5ea_amd64",
            "Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:8eb6b896e1eac4080a564e146f95c4166e47ca137083b37119027c6a77011207_arm64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "gnutls: Vulnerability in GnuTLS certtool template parsing"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.