RHSA-2026:13431
Vulnerability from csaf_redhat - Published: 2026-05-04 12:11 - Updated: 2026-05-05 08:30Summary
Red Hat Security Advisory: OpenShift Virtualization v4.14 Images
Severity
Important
Notes
Topic: Red Hat OpenShift Virtualization release v4.14 is now available with updates to packages and images that fix several bugs and add enhancements.
Details: OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform.
This advisory contains OpenShift Virtualization v4.14 images.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw in golang.org/x/crypto/ssh/agent causes the SSH agent client to panic when a peer responds with the generic SSH_AGENT_SUCCESS (0x06) message to requests expecting typed replies (e.g., List, Sign). The unmarshal layer produces an unexpected message type, which the client code does not handle, leading to panic("unreachable") or a nil-pointer dereference. A malicious agent or forwarded connection can exploit this to terminate the client process.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:13431
Workaround
No mitigation is currently available that meets Red Hat Product Security’s standards for usability, deployment, applicability, or stability.
References
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Virtualization release v4.14 is now available with updates to packages and images that fix several bugs and add enhancements.",
"title": "Topic"
},
{
"category": "general",
"text": "OpenShift Virtualization is Red Hat\u0027s virtualization solution designed for Red Hat OpenShift Container Platform.\n\nThis advisory contains OpenShift Virtualization v4.14 images.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:13431",
"url": "https://access.redhat.com/errata/RHSA-2026:13431"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-47913",
"url": "https://access.redhat.com/security/cve/CVE-2025-47913"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_13431.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Virtualization v4.14 Images",
"tracking": {
"current_release_date": "2026-05-05T08:30:45+00:00",
"generator": {
"date": "2026-05-05T08:30:45+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.9"
}
},
"id": "RHSA-2026:13431",
"initial_release_date": "2026-05-04T12:11:07+00:00",
"revision_history": [
{
"date": "2026-05-04T12:11:07+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-05-04T12:11:11+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-05T08:30:45+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Container Native Virtualization 4.14",
"product": {
"name": "Red Hat Container Native Virtualization 4.14",
"product_id": "Red Hat Container Native Virtualization 4.14",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:container_native_virtualization:4.14::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Container Native Virtualization"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:4e7bc28d353ef5e80d73c9f1a9a39460407572545d43ee9edd9d7f59238547bb_amd64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:4e7bc28d353ef5e80d73c9f1a9a39460407572545d43ee9edd9d7f59238547bb_amd64",
"product_id": "registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:4e7bc28d353ef5e80d73c9f1a9a39460407572545d43ee9edd9d7f59238547bb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/libguestfs-tools-rhel9@sha256%3A4e7bc28d353ef5e80d73c9f1a9a39460407572545d43ee9edd9d7f59238547bb?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization\u0026tag=1777476491"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/pr-helper-rhel9@sha256:2e5bcaa78176f3dc0ceaca67e137e93a0aaa87a3549e3e2a75a145e9dda061e5_amd64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/pr-helper-rhel9@sha256:2e5bcaa78176f3dc0ceaca67e137e93a0aaa87a3549e3e2a75a145e9dda061e5_amd64",
"product_id": "registry.redhat.io/container-native-virtualization/pr-helper-rhel9@sha256:2e5bcaa78176f3dc0ceaca67e137e93a0aaa87a3549e3e2a75a145e9dda061e5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pr-helper-rhel9@sha256%3A2e5bcaa78176f3dc0ceaca67e137e93a0aaa87a3549e3e2a75a145e9dda061e5?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization\u0026tag=1777476339"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:2457d7067501cc5d6c9e71462ed1c7a84b57b3b2a0085977fa5a6c162453c6cd_amd64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:2457d7067501cc5d6c9e71462ed1c7a84b57b3b2a0085977fa5a6c162453c6cd_amd64",
"product_id": "registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:2457d7067501cc5d6c9e71462ed1c7a84b57b3b2a0085977fa5a6c162453c6cd_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-api-rhel9@sha256%3A2457d7067501cc5d6c9e71462ed1c7a84b57b3b2a0085977fa5a6c162453c6cd?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization\u0026tag=1777476387"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:8c4b096f97553bf2bed6c6f4a2d2097307ac3a2956cb435d4aa903235ec01296_amd64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:8c4b096f97553bf2bed6c6f4a2d2097307ac3a2956cb435d4aa903235ec01296_amd64",
"product_id": "registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:8c4b096f97553bf2bed6c6f4a2d2097307ac3a2956cb435d4aa903235ec01296_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-artifacts-server-rhel9@sha256%3A8c4b096f97553bf2bed6c6f4a2d2097307ac3a2956cb435d4aa903235ec01296?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization\u0026tag=1777476433"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:03f4cae27e192fbaa841b75c94144de53dda1a42f2f3afe1ec8dae7360b62cbd_amd64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:03f4cae27e192fbaa841b75c94144de53dda1a42f2f3afe1ec8dae7360b62cbd_amd64",
"product_id": "registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:03f4cae27e192fbaa841b75c94144de53dda1a42f2f3afe1ec8dae7360b62cbd_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-controller-rhel9@sha256%3A03f4cae27e192fbaa841b75c94144de53dda1a42f2f3afe1ec8dae7360b62cbd?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization\u0026tag=1777476366"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:3886dde6df92ed675a8ae925c2fca55689427e2b0d98370dd3f4c64affd4976c_amd64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:3886dde6df92ed675a8ae925c2fca55689427e2b0d98370dd3f4c64affd4976c_amd64",
"product_id": "registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:3886dde6df92ed675a8ae925c2fca55689427e2b0d98370dd3f4c64affd4976c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-exportproxy-rhel9@sha256%3A3886dde6df92ed675a8ae925c2fca55689427e2b0d98370dd3f4c64affd4976c?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization\u0026tag=1777476369"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:39a35427e40e1cc7ac2a316d49b7ecc834664e348f407f43f2b1f1a623e9dec5_amd64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:39a35427e40e1cc7ac2a316d49b7ecc834664e348f407f43f2b1f1a623e9dec5_amd64",
"product_id": "registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:39a35427e40e1cc7ac2a316d49b7ecc834664e348f407f43f2b1f1a623e9dec5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-exportserver-rhel9@sha256%3A39a35427e40e1cc7ac2a316d49b7ecc834664e348f407f43f2b1f1a623e9dec5?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization\u0026tag=1777476369"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:d3307886b24877a4931cda0d29ed64caab03f99a4eca13de057bac217dcdf2e9_amd64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:d3307886b24877a4931cda0d29ed64caab03f99a4eca13de057bac217dcdf2e9_amd64",
"product_id": "registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:d3307886b24877a4931cda0d29ed64caab03f99a4eca13de057bac217dcdf2e9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-handler-rhel9@sha256%3Ad3307886b24877a4931cda0d29ed64caab03f99a4eca13de057bac217dcdf2e9?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization\u0026tag=1777476367"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:2a14da43018bf6e9aae844bbb91f7d354cb65905b46fc4c6c43981a11164a5ec_amd64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:2a14da43018bf6e9aae844bbb91f7d354cb65905b46fc4c6c43981a11164a5ec_amd64",
"product_id": "registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:2a14da43018bf6e9aae844bbb91f7d354cb65905b46fc4c6c43981a11164a5ec_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-launcher-rhel9@sha256%3A2a14da43018bf6e9aae844bbb91f7d354cb65905b46fc4c6c43981a11164a5ec?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization\u0026tag=1777476378"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:7e6938a25df9a72abf67b484ea12618ddb4146a99f57f18abb289e8bb3fc3f3a_amd64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:7e6938a25df9a72abf67b484ea12618ddb4146a99f57f18abb289e8bb3fc3f3a_amd64",
"product_id": "registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:7e6938a25df9a72abf67b484ea12618ddb4146a99f57f18abb289e8bb3fc3f3a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-operator-rhel9@sha256%3A7e6938a25df9a72abf67b484ea12618ddb4146a99f57f18abb289e8bb3fc3f3a?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization\u0026tag=1777476365"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:6693bd574b2887c1969c85780d16ff49f6bd7c9f61d63ef872977d87d9f436ac_arm64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:6693bd574b2887c1969c85780d16ff49f6bd7c9f61d63ef872977d87d9f436ac_arm64",
"product_id": "registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:6693bd574b2887c1969c85780d16ff49f6bd7c9f61d63ef872977d87d9f436ac_arm64",
"product_identification_helper": {
"purl": "pkg:oci/libguestfs-tools-rhel9@sha256%3A6693bd574b2887c1969c85780d16ff49f6bd7c9f61d63ef872977d87d9f436ac?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization\u0026tag=1777476491"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/pr-helper-rhel9@sha256:a2211e0bd514790fe9749614fbbdb7f24c78553931d26cacc1b09a249351fc73_arm64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/pr-helper-rhel9@sha256:a2211e0bd514790fe9749614fbbdb7f24c78553931d26cacc1b09a249351fc73_arm64",
"product_id": "registry.redhat.io/container-native-virtualization/pr-helper-rhel9@sha256:a2211e0bd514790fe9749614fbbdb7f24c78553931d26cacc1b09a249351fc73_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pr-helper-rhel9@sha256%3Aa2211e0bd514790fe9749614fbbdb7f24c78553931d26cacc1b09a249351fc73?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization\u0026tag=1777476339"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:5bea70e2ac09d488c70c57bb1f67e25df690d011c8fccedc8c2f71c5ba85ab8c_arm64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:5bea70e2ac09d488c70c57bb1f67e25df690d011c8fccedc8c2f71c5ba85ab8c_arm64",
"product_id": "registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:5bea70e2ac09d488c70c57bb1f67e25df690d011c8fccedc8c2f71c5ba85ab8c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/virt-api-rhel9@sha256%3A5bea70e2ac09d488c70c57bb1f67e25df690d011c8fccedc8c2f71c5ba85ab8c?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization\u0026tag=1777476387"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:affd591a7a0bc48e5e26cf15f520334d8e479540bd9d041b879972ebb67ebafe_arm64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:affd591a7a0bc48e5e26cf15f520334d8e479540bd9d041b879972ebb67ebafe_arm64",
"product_id": "registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:affd591a7a0bc48e5e26cf15f520334d8e479540bd9d041b879972ebb67ebafe_arm64",
"product_identification_helper": {
"purl": "pkg:oci/virt-artifacts-server-rhel9@sha256%3Aaffd591a7a0bc48e5e26cf15f520334d8e479540bd9d041b879972ebb67ebafe?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization\u0026tag=1777476433"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:923dfbda8d194e4b8b99457b44a6d614e5884f1e5e8a011274c64c928a39c2b5_arm64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:923dfbda8d194e4b8b99457b44a6d614e5884f1e5e8a011274c64c928a39c2b5_arm64",
"product_id": "registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:923dfbda8d194e4b8b99457b44a6d614e5884f1e5e8a011274c64c928a39c2b5_arm64",
"product_identification_helper": {
"purl": "pkg:oci/virt-controller-rhel9@sha256%3A923dfbda8d194e4b8b99457b44a6d614e5884f1e5e8a011274c64c928a39c2b5?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization\u0026tag=1777476366"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:4b6dc49d1dd9bb43401f136c6220430851029a5e9568b8f94011edb00d8727af_arm64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:4b6dc49d1dd9bb43401f136c6220430851029a5e9568b8f94011edb00d8727af_arm64",
"product_id": "registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:4b6dc49d1dd9bb43401f136c6220430851029a5e9568b8f94011edb00d8727af_arm64",
"product_identification_helper": {
"purl": "pkg:oci/virt-exportproxy-rhel9@sha256%3A4b6dc49d1dd9bb43401f136c6220430851029a5e9568b8f94011edb00d8727af?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization\u0026tag=1777476369"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:b32654a44ecd9f6e8907f3f1c61672b8d8c711309101a783f5163969fd134b1d_arm64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:b32654a44ecd9f6e8907f3f1c61672b8d8c711309101a783f5163969fd134b1d_arm64",
"product_id": "registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:b32654a44ecd9f6e8907f3f1c61672b8d8c711309101a783f5163969fd134b1d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/virt-exportserver-rhel9@sha256%3Ab32654a44ecd9f6e8907f3f1c61672b8d8c711309101a783f5163969fd134b1d?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization\u0026tag=1777476369"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:455bbde77709328fb24c868bbd1787bd8ff7416b8b21ab193bfd648e53af44dc_arm64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:455bbde77709328fb24c868bbd1787bd8ff7416b8b21ab193bfd648e53af44dc_arm64",
"product_id": "registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:455bbde77709328fb24c868bbd1787bd8ff7416b8b21ab193bfd648e53af44dc_arm64",
"product_identification_helper": {
"purl": "pkg:oci/virt-handler-rhel9@sha256%3A455bbde77709328fb24c868bbd1787bd8ff7416b8b21ab193bfd648e53af44dc?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization\u0026tag=1777476367"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:0335dce2f5ed915ee7e87af95397faace9bd13b998e6b2f3f3c2731c679cfc94_arm64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:0335dce2f5ed915ee7e87af95397faace9bd13b998e6b2f3f3c2731c679cfc94_arm64",
"product_id": "registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:0335dce2f5ed915ee7e87af95397faace9bd13b998e6b2f3f3c2731c679cfc94_arm64",
"product_identification_helper": {
"purl": "pkg:oci/virt-launcher-rhel9@sha256%3A0335dce2f5ed915ee7e87af95397faace9bd13b998e6b2f3f3c2731c679cfc94?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization\u0026tag=1777476378"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:e8afcc403a1f8a9b3fef8de1f35cf48e5f514ccca54127d224727ab8237b2a8a_arm64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:e8afcc403a1f8a9b3fef8de1f35cf48e5f514ccca54127d224727ab8237b2a8a_arm64",
"product_id": "registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:e8afcc403a1f8a9b3fef8de1f35cf48e5f514ccca54127d224727ab8237b2a8a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/virt-operator-rhel9@sha256%3Ae8afcc403a1f8a9b3fef8de1f35cf48e5f514ccca54127d224727ab8237b2a8a?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization\u0026tag=1777476365"
}
}
}
],
"category": "architecture",
"name": "arm64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:4e7bc28d353ef5e80d73c9f1a9a39460407572545d43ee9edd9d7f59238547bb_amd64 as a component of Red Hat Container Native Virtualization 4.14",
"product_id": "Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:4e7bc28d353ef5e80d73c9f1a9a39460407572545d43ee9edd9d7f59238547bb_amd64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:4e7bc28d353ef5e80d73c9f1a9a39460407572545d43ee9edd9d7f59238547bb_amd64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:6693bd574b2887c1969c85780d16ff49f6bd7c9f61d63ef872977d87d9f436ac_arm64 as a component of Red Hat Container Native Virtualization 4.14",
"product_id": "Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:6693bd574b2887c1969c85780d16ff49f6bd7c9f61d63ef872977d87d9f436ac_arm64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:6693bd574b2887c1969c85780d16ff49f6bd7c9f61d63ef872977d87d9f436ac_arm64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/pr-helper-rhel9@sha256:2e5bcaa78176f3dc0ceaca67e137e93a0aaa87a3549e3e2a75a145e9dda061e5_amd64 as a component of Red Hat Container Native Virtualization 4.14",
"product_id": "Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/pr-helper-rhel9@sha256:2e5bcaa78176f3dc0ceaca67e137e93a0aaa87a3549e3e2a75a145e9dda061e5_amd64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/pr-helper-rhel9@sha256:2e5bcaa78176f3dc0ceaca67e137e93a0aaa87a3549e3e2a75a145e9dda061e5_amd64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/pr-helper-rhel9@sha256:a2211e0bd514790fe9749614fbbdb7f24c78553931d26cacc1b09a249351fc73_arm64 as a component of Red Hat Container Native Virtualization 4.14",
"product_id": "Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/pr-helper-rhel9@sha256:a2211e0bd514790fe9749614fbbdb7f24c78553931d26cacc1b09a249351fc73_arm64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/pr-helper-rhel9@sha256:a2211e0bd514790fe9749614fbbdb7f24c78553931d26cacc1b09a249351fc73_arm64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:2457d7067501cc5d6c9e71462ed1c7a84b57b3b2a0085977fa5a6c162453c6cd_amd64 as a component of Red Hat Container Native Virtualization 4.14",
"product_id": "Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:2457d7067501cc5d6c9e71462ed1c7a84b57b3b2a0085977fa5a6c162453c6cd_amd64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:2457d7067501cc5d6c9e71462ed1c7a84b57b3b2a0085977fa5a6c162453c6cd_amd64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:5bea70e2ac09d488c70c57bb1f67e25df690d011c8fccedc8c2f71c5ba85ab8c_arm64 as a component of Red Hat Container Native Virtualization 4.14",
"product_id": "Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:5bea70e2ac09d488c70c57bb1f67e25df690d011c8fccedc8c2f71c5ba85ab8c_arm64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:5bea70e2ac09d488c70c57bb1f67e25df690d011c8fccedc8c2f71c5ba85ab8c_arm64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:8c4b096f97553bf2bed6c6f4a2d2097307ac3a2956cb435d4aa903235ec01296_amd64 as a component of Red Hat Container Native Virtualization 4.14",
"product_id": "Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:8c4b096f97553bf2bed6c6f4a2d2097307ac3a2956cb435d4aa903235ec01296_amd64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:8c4b096f97553bf2bed6c6f4a2d2097307ac3a2956cb435d4aa903235ec01296_amd64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:affd591a7a0bc48e5e26cf15f520334d8e479540bd9d041b879972ebb67ebafe_arm64 as a component of Red Hat Container Native Virtualization 4.14",
"product_id": "Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:affd591a7a0bc48e5e26cf15f520334d8e479540bd9d041b879972ebb67ebafe_arm64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:affd591a7a0bc48e5e26cf15f520334d8e479540bd9d041b879972ebb67ebafe_arm64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:03f4cae27e192fbaa841b75c94144de53dda1a42f2f3afe1ec8dae7360b62cbd_amd64 as a component of Red Hat Container Native Virtualization 4.14",
"product_id": "Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:03f4cae27e192fbaa841b75c94144de53dda1a42f2f3afe1ec8dae7360b62cbd_amd64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:03f4cae27e192fbaa841b75c94144de53dda1a42f2f3afe1ec8dae7360b62cbd_amd64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:923dfbda8d194e4b8b99457b44a6d614e5884f1e5e8a011274c64c928a39c2b5_arm64 as a component of Red Hat Container Native Virtualization 4.14",
"product_id": "Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:923dfbda8d194e4b8b99457b44a6d614e5884f1e5e8a011274c64c928a39c2b5_arm64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:923dfbda8d194e4b8b99457b44a6d614e5884f1e5e8a011274c64c928a39c2b5_arm64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:3886dde6df92ed675a8ae925c2fca55689427e2b0d98370dd3f4c64affd4976c_amd64 as a component of Red Hat Container Native Virtualization 4.14",
"product_id": "Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:3886dde6df92ed675a8ae925c2fca55689427e2b0d98370dd3f4c64affd4976c_amd64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:3886dde6df92ed675a8ae925c2fca55689427e2b0d98370dd3f4c64affd4976c_amd64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:4b6dc49d1dd9bb43401f136c6220430851029a5e9568b8f94011edb00d8727af_arm64 as a component of Red Hat Container Native Virtualization 4.14",
"product_id": "Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:4b6dc49d1dd9bb43401f136c6220430851029a5e9568b8f94011edb00d8727af_arm64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:4b6dc49d1dd9bb43401f136c6220430851029a5e9568b8f94011edb00d8727af_arm64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:39a35427e40e1cc7ac2a316d49b7ecc834664e348f407f43f2b1f1a623e9dec5_amd64 as a component of Red Hat Container Native Virtualization 4.14",
"product_id": "Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:39a35427e40e1cc7ac2a316d49b7ecc834664e348f407f43f2b1f1a623e9dec5_amd64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:39a35427e40e1cc7ac2a316d49b7ecc834664e348f407f43f2b1f1a623e9dec5_amd64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:b32654a44ecd9f6e8907f3f1c61672b8d8c711309101a783f5163969fd134b1d_arm64 as a component of Red Hat Container Native Virtualization 4.14",
"product_id": "Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:b32654a44ecd9f6e8907f3f1c61672b8d8c711309101a783f5163969fd134b1d_arm64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:b32654a44ecd9f6e8907f3f1c61672b8d8c711309101a783f5163969fd134b1d_arm64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:455bbde77709328fb24c868bbd1787bd8ff7416b8b21ab193bfd648e53af44dc_arm64 as a component of Red Hat Container Native Virtualization 4.14",
"product_id": "Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:455bbde77709328fb24c868bbd1787bd8ff7416b8b21ab193bfd648e53af44dc_arm64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:455bbde77709328fb24c868bbd1787bd8ff7416b8b21ab193bfd648e53af44dc_arm64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:d3307886b24877a4931cda0d29ed64caab03f99a4eca13de057bac217dcdf2e9_amd64 as a component of Red Hat Container Native Virtualization 4.14",
"product_id": "Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:d3307886b24877a4931cda0d29ed64caab03f99a4eca13de057bac217dcdf2e9_amd64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:d3307886b24877a4931cda0d29ed64caab03f99a4eca13de057bac217dcdf2e9_amd64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:0335dce2f5ed915ee7e87af95397faace9bd13b998e6b2f3f3c2731c679cfc94_arm64 as a component of Red Hat Container Native Virtualization 4.14",
"product_id": "Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:0335dce2f5ed915ee7e87af95397faace9bd13b998e6b2f3f3c2731c679cfc94_arm64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:0335dce2f5ed915ee7e87af95397faace9bd13b998e6b2f3f3c2731c679cfc94_arm64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:2a14da43018bf6e9aae844bbb91f7d354cb65905b46fc4c6c43981a11164a5ec_amd64 as a component of Red Hat Container Native Virtualization 4.14",
"product_id": "Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:2a14da43018bf6e9aae844bbb91f7d354cb65905b46fc4c6c43981a11164a5ec_amd64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:2a14da43018bf6e9aae844bbb91f7d354cb65905b46fc4c6c43981a11164a5ec_amd64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:7e6938a25df9a72abf67b484ea12618ddb4146a99f57f18abb289e8bb3fc3f3a_amd64 as a component of Red Hat Container Native Virtualization 4.14",
"product_id": "Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:7e6938a25df9a72abf67b484ea12618ddb4146a99f57f18abb289e8bb3fc3f3a_amd64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:7e6938a25df9a72abf67b484ea12618ddb4146a99f57f18abb289e8bb3fc3f3a_amd64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:e8afcc403a1f8a9b3fef8de1f35cf48e5f514ccca54127d224727ab8237b2a8a_arm64 as a component of Red Hat Container Native Virtualization 4.14",
"product_id": "Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:e8afcc403a1f8a9b3fef8de1f35cf48e5f514ccca54127d224727ab8237b2a8a_arm64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:e8afcc403a1f8a9b3fef8de1f35cf48e5f514ccca54127d224727ab8237b2a8a_arm64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.14"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-47913",
"discovery_date": "2025-11-13T22:01:26.092452+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:4e7bc28d353ef5e80d73c9f1a9a39460407572545d43ee9edd9d7f59238547bb_amd64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:6693bd574b2887c1969c85780d16ff49f6bd7c9f61d63ef872977d87d9f436ac_arm64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/pr-helper-rhel9@sha256:2e5bcaa78176f3dc0ceaca67e137e93a0aaa87a3549e3e2a75a145e9dda061e5_amd64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/pr-helper-rhel9@sha256:a2211e0bd514790fe9749614fbbdb7f24c78553931d26cacc1b09a249351fc73_arm64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:2457d7067501cc5d6c9e71462ed1c7a84b57b3b2a0085977fa5a6c162453c6cd_amd64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:5bea70e2ac09d488c70c57bb1f67e25df690d011c8fccedc8c2f71c5ba85ab8c_arm64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:03f4cae27e192fbaa841b75c94144de53dda1a42f2f3afe1ec8dae7360b62cbd_amd64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:923dfbda8d194e4b8b99457b44a6d614e5884f1e5e8a011274c64c928a39c2b5_arm64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:3886dde6df92ed675a8ae925c2fca55689427e2b0d98370dd3f4c64affd4976c_amd64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:4b6dc49d1dd9bb43401f136c6220430851029a5e9568b8f94011edb00d8727af_arm64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:39a35427e40e1cc7ac2a316d49b7ecc834664e348f407f43f2b1f1a623e9dec5_amd64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:b32654a44ecd9f6e8907f3f1c61672b8d8c711309101a783f5163969fd134b1d_arm64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:455bbde77709328fb24c868bbd1787bd8ff7416b8b21ab193bfd648e53af44dc_arm64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:d3307886b24877a4931cda0d29ed64caab03f99a4eca13de057bac217dcdf2e9_amd64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:0335dce2f5ed915ee7e87af95397faace9bd13b998e6b2f3f3c2731c679cfc94_arm64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:2a14da43018bf6e9aae844bbb91f7d354cb65905b46fc4c6c43981a11164a5ec_amd64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:7e6938a25df9a72abf67b484ea12618ddb4146a99f57f18abb289e8bb3fc3f3a_amd64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:e8afcc403a1f8a9b3fef8de1f35cf48e5f514ccca54127d224727ab8237b2a8a_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2414943"
}
],
"notes": [
{
"category": "description",
"text": "A flaw in golang.org/x/crypto/ssh/agent causes the SSH agent client to panic when a peer responds with the generic SSH_AGENT_SUCCESS (0x06) message to requests expecting typed replies (e.g., List, Sign). The unmarshal layer produces an unexpected message type, which the client code does not handle, leading to panic(\"unreachable\") or a nil-pointer dereference. A malicious agent or forwarded connection can exploit this to terminate the client process.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSH_AGENT_SUCCESS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability was marked as Important because it allows any malicious or misbehaving SSH agent to force a crash in the client process using a single valid protocol byte. The panic occurs before the client has a chance to validate message structure or recover, which means an attacker controlling\u2014or intercepting\u2014SSH agent traffic can reliably terminate processes that rely on agent interactions. In environments where SSH agents operate over forwarded sockets, shared workspaces, or CI/CD runners, this turns into a reliable, unauthenticated remote denial of service against critical automation or developer tooling. The flaw also stems from unsafe assumptions in the unmarshalling logic, where unexpected but protocol-legal message types drop into \u201cunreachable\u201d code paths instead of being handled gracefully\u2014making it a design-level reliability break rather than a simple error-handling bug. For this reason, it is rated as an important availability-impacting vulnerability rather than a moderate issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:8c4b096f97553bf2bed6c6f4a2d2097307ac3a2956cb435d4aa903235ec01296_amd64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:affd591a7a0bc48e5e26cf15f520334d8e479540bd9d041b879972ebb67ebafe_arm64"
],
"known_not_affected": [
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:4e7bc28d353ef5e80d73c9f1a9a39460407572545d43ee9edd9d7f59238547bb_amd64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:6693bd574b2887c1969c85780d16ff49f6bd7c9f61d63ef872977d87d9f436ac_arm64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/pr-helper-rhel9@sha256:2e5bcaa78176f3dc0ceaca67e137e93a0aaa87a3549e3e2a75a145e9dda061e5_amd64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/pr-helper-rhel9@sha256:a2211e0bd514790fe9749614fbbdb7f24c78553931d26cacc1b09a249351fc73_arm64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:2457d7067501cc5d6c9e71462ed1c7a84b57b3b2a0085977fa5a6c162453c6cd_amd64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:5bea70e2ac09d488c70c57bb1f67e25df690d011c8fccedc8c2f71c5ba85ab8c_arm64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:03f4cae27e192fbaa841b75c94144de53dda1a42f2f3afe1ec8dae7360b62cbd_amd64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:923dfbda8d194e4b8b99457b44a6d614e5884f1e5e8a011274c64c928a39c2b5_arm64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:3886dde6df92ed675a8ae925c2fca55689427e2b0d98370dd3f4c64affd4976c_amd64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:4b6dc49d1dd9bb43401f136c6220430851029a5e9568b8f94011edb00d8727af_arm64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:39a35427e40e1cc7ac2a316d49b7ecc834664e348f407f43f2b1f1a623e9dec5_amd64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:b32654a44ecd9f6e8907f3f1c61672b8d8c711309101a783f5163969fd134b1d_arm64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:455bbde77709328fb24c868bbd1787bd8ff7416b8b21ab193bfd648e53af44dc_arm64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:d3307886b24877a4931cda0d29ed64caab03f99a4eca13de057bac217dcdf2e9_amd64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:0335dce2f5ed915ee7e87af95397faace9bd13b998e6b2f3f3c2731c679cfc94_arm64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:2a14da43018bf6e9aae844bbb91f7d354cb65905b46fc4c6c43981a11164a5ec_amd64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:7e6938a25df9a72abf67b484ea12618ddb4146a99f57f18abb289e8bb3fc3f3a_amd64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:e8afcc403a1f8a9b3fef8de1f35cf48e5f514ccca54127d224727ab8237b2a8a_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-47913"
},
{
"category": "external",
"summary": "RHBZ#2414943",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414943"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-47913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47913"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-47913",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47913"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-hcg3-q754-cr77",
"url": "https://github.com/advisories/GHSA-hcg3-q754-cr77"
},
{
"category": "external",
"summary": "https://go.dev/cl/700295",
"url": "https://go.dev/cl/700295"
},
{
"category": "external",
"summary": "https://go.dev/issue/75178",
"url": "https://go.dev/issue/75178"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4116",
"url": "https://pkg.go.dev/vuln/GO-2025-4116"
}
],
"release_date": "2025-11-13T21:29:39.907000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-04T12:11:07+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:8c4b096f97553bf2bed6c6f4a2d2097307ac3a2956cb435d4aa903235ec01296_amd64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:affd591a7a0bc48e5e26cf15f520334d8e479540bd9d041b879972ebb67ebafe_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:13431"
},
{
"category": "workaround",
"details": "No mitigation is currently available that meets Red Hat Product Security\u2019s standards for usability, deployment, applicability, or stability.",
"product_ids": [
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:4e7bc28d353ef5e80d73c9f1a9a39460407572545d43ee9edd9d7f59238547bb_amd64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:6693bd574b2887c1969c85780d16ff49f6bd7c9f61d63ef872977d87d9f436ac_arm64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/pr-helper-rhel9@sha256:2e5bcaa78176f3dc0ceaca67e137e93a0aaa87a3549e3e2a75a145e9dda061e5_amd64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/pr-helper-rhel9@sha256:a2211e0bd514790fe9749614fbbdb7f24c78553931d26cacc1b09a249351fc73_arm64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:2457d7067501cc5d6c9e71462ed1c7a84b57b3b2a0085977fa5a6c162453c6cd_amd64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:5bea70e2ac09d488c70c57bb1f67e25df690d011c8fccedc8c2f71c5ba85ab8c_arm64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:8c4b096f97553bf2bed6c6f4a2d2097307ac3a2956cb435d4aa903235ec01296_amd64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:affd591a7a0bc48e5e26cf15f520334d8e479540bd9d041b879972ebb67ebafe_arm64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:03f4cae27e192fbaa841b75c94144de53dda1a42f2f3afe1ec8dae7360b62cbd_amd64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:923dfbda8d194e4b8b99457b44a6d614e5884f1e5e8a011274c64c928a39c2b5_arm64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:3886dde6df92ed675a8ae925c2fca55689427e2b0d98370dd3f4c64affd4976c_amd64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:4b6dc49d1dd9bb43401f136c6220430851029a5e9568b8f94011edb00d8727af_arm64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:39a35427e40e1cc7ac2a316d49b7ecc834664e348f407f43f2b1f1a623e9dec5_amd64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:b32654a44ecd9f6e8907f3f1c61672b8d8c711309101a783f5163969fd134b1d_arm64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:455bbde77709328fb24c868bbd1787bd8ff7416b8b21ab193bfd648e53af44dc_arm64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:d3307886b24877a4931cda0d29ed64caab03f99a4eca13de057bac217dcdf2e9_amd64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:0335dce2f5ed915ee7e87af95397faace9bd13b998e6b2f3f3c2731c679cfc94_arm64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:2a14da43018bf6e9aae844bbb91f7d354cb65905b46fc4c6c43981a11164a5ec_amd64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:7e6938a25df9a72abf67b484ea12618ddb4146a99f57f18abb289e8bb3fc3f3a_amd64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:e8afcc403a1f8a9b3fef8de1f35cf48e5f514ccca54127d224727ab8237b2a8a_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:4e7bc28d353ef5e80d73c9f1a9a39460407572545d43ee9edd9d7f59238547bb_amd64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:6693bd574b2887c1969c85780d16ff49f6bd7c9f61d63ef872977d87d9f436ac_arm64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/pr-helper-rhel9@sha256:2e5bcaa78176f3dc0ceaca67e137e93a0aaa87a3549e3e2a75a145e9dda061e5_amd64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/pr-helper-rhel9@sha256:a2211e0bd514790fe9749614fbbdb7f24c78553931d26cacc1b09a249351fc73_arm64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:2457d7067501cc5d6c9e71462ed1c7a84b57b3b2a0085977fa5a6c162453c6cd_amd64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:5bea70e2ac09d488c70c57bb1f67e25df690d011c8fccedc8c2f71c5ba85ab8c_arm64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:8c4b096f97553bf2bed6c6f4a2d2097307ac3a2956cb435d4aa903235ec01296_amd64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:affd591a7a0bc48e5e26cf15f520334d8e479540bd9d041b879972ebb67ebafe_arm64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:03f4cae27e192fbaa841b75c94144de53dda1a42f2f3afe1ec8dae7360b62cbd_amd64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:923dfbda8d194e4b8b99457b44a6d614e5884f1e5e8a011274c64c928a39c2b5_arm64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:3886dde6df92ed675a8ae925c2fca55689427e2b0d98370dd3f4c64affd4976c_amd64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:4b6dc49d1dd9bb43401f136c6220430851029a5e9568b8f94011edb00d8727af_arm64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:39a35427e40e1cc7ac2a316d49b7ecc834664e348f407f43f2b1f1a623e9dec5_amd64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:b32654a44ecd9f6e8907f3f1c61672b8d8c711309101a783f5163969fd134b1d_arm64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:455bbde77709328fb24c868bbd1787bd8ff7416b8b21ab193bfd648e53af44dc_arm64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:d3307886b24877a4931cda0d29ed64caab03f99a4eca13de057bac217dcdf2e9_amd64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:0335dce2f5ed915ee7e87af95397faace9bd13b998e6b2f3f3c2731c679cfc94_arm64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:2a14da43018bf6e9aae844bbb91f7d354cb65905b46fc4c6c43981a11164a5ec_amd64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:7e6938a25df9a72abf67b484ea12618ddb4146a99f57f18abb289e8bb3fc3f3a_amd64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:e8afcc403a1f8a9b3fef8de1f35cf48e5f514ccca54127d224727ab8237b2a8a_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSH_AGENT_SUCCESS"
}
]
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…