Redhat Openshift Container Platform vulnerabilities

CVE-2026-1933 [MEDIUM] CWE-284 CVE-2026-1933: A flaw was found in Samba’s handling of NTFS-style reparse points on shares configured with read onl A flaw was found in Samba’s handling of NTFS-style reparse points on shares configured with read only = yes. Due to missing SMB-layer access checks, authenticated users with underlying filesystem write permissions may create or delete reparse point metadata through SMB operations even on read-only exports. This could allow modification of SMB-visible

CVE-2026-2340 [MEDIUM] CWE-280 CVE-2026-2340: A flaw was found in Samba’s vfs_worm module. The module is intended to provide write-once, read-many A flaw was found in Samba’s vfs_worm module. The module is intended to provide write-once, read-many (WORM) protections by preventing modification of files after a configurable grace period. Due to insufficient validation during rename operations, an authenticated user with write access to a share could overwrite a protected file by renaming a newly c

CVE-2026-4480 [CRITICAL] CWE-78 CVE-2026-4480: A flaw was found in the Samba printing subsystem. Samba passes the client-controlled job description A flaw was found in the Samba printing subsystem. Samba passes the client-controlled job description string to the command configured with the "print command" setting via the "%J" substitution character without escaping shell meta characters. A remote attacker could exploit this vulnerability by sending a specially crafted print job description that

CVE-2026-48864 [HIGH] CWE-787 CVE-2026-48864: A flaw was found in libsolv. This heap buffer overflow occurs during the decompression of attacker-c A flaw was found in libsolv. This heap buffer overflow occurs during the decompression of attacker-controlled compressed data within `.solv` files due to insufficient input validation. An attacker can provide a specially crafted `.solv` file, which, when processed by a vulnerable application, can lead to out-of-bounds memory access. This could result

CVE-2026-9149 [MEDIUM] CWE-122 CVE-2026-9149: A flaw was found in libsolv. This heap buffer overflow vulnerability occurs when a victim processes A flaw was found in libsolv. This heap buffer overflow vulnerability occurs when a victim processes a specially crafted `.solv` file containing negative size values in the `repo_add_solv` function. This leads to an undersized memory allocation and a subsequent out-of-bounds write. An attacker could exploit this to cause a denial of service (DoS).

CVE-2026-9150 [MEDIUM] CWE-121 CVE-2026-9150: A flaw was found in libsolv. This stack-based buffer overflow vulnerability occurs in libsolv's Debi A flaw was found in libsolv. This stack-based buffer overflow vulnerability occurs in libsolv's Debian metadata parser when processing specially crafted Debian repository metadata. An attacker could exploit this by providing malicious SHA384 or SHA512 checksum tags, leading to memory corruption and a denial of service (DoS) in the affected system.

CVE-2026-42010 [CRITICAL] CWE-626 CVE-2026-42010: A flaw was found in gnutls. Servers configured with RSA-PSK (Rivest–Shamir–Adleman – Pre-Shared Key) A flaw was found in gnutls. Servers configured with RSA-PSK (Rivest–Shamir–Adleman – Pre-Shared Key) wrongfully matched usernames containing a NUL character with truncated usernames. A remote attacker could exploit this by sending a specially crafted username, leading to an authentication bypass. This vulnerability allows an attacker to gain unaut

CVE-2026-33845 [CRITICAL] CWE-191 CVE-2026-33845: A flaw in GnuTLS DTLS handshake parsing allows malformed fragments with zero length and non-zero off A flaw in GnuTLS DTLS handshake parsing allows malformed fragments with zero length and non-zero offset, leading to an integer underflow during reassembly and resulting in an out-of-bounds read. This issue is remotely exploitable and may cause information disclosure or denial of service.

CVE-2026-3833 [HIGH] CWE-178 CVE-2026-3833: A flaw was found in gnutls. This vulnerability occurs because gnutls performs case-sensitive compari A flaw was found in gnutls. This vulnerability occurs because gnutls performs case-sensitive comparisons of `nameConstraints` labels, specifically for `dNSName` (DNS) or `rfc822Name` (email) constraints within `excludedSubtrees` or `permittedSubtrees`. A remote attacker can exploit this by crafting a leaf certificate with casing differences in the Subje

CVE-2026-3832 [LOW] CWE-179 CVE-2026-3832: A flaw was found in gnutls. A remote attacker could exploit this vulnerability by presenting a speci A flaw was found in gnutls. A remote attacker could exploit this vulnerability by presenting a specially crafted Online Certificate Status Protocol (OCSP) response during a TLS handshake. Due to a logic error in how gnutls processes multi-record OCSP responses, a client with OCSP verification enabled may incorrectly accept a revoked server certificate, p

CVE-2026-7309 [MEDIUM] CWE-426 CVE-2026-7309: A flaw was found in the OpenShift Container Platform build system. A user with the `edit` ClusterRol A flaw was found in the OpenShift Container Platform build system. A user with the `edit` ClusterRole can inject arbitrary environment variables, such as `LD_PRELOAD` or `http_proxy`, into `docker-build` containers through the `buildconfigs/instantiate` API. This incomplete fix for a previous vulnerability allows for information disclosure, specifical

CVE-2026-6732 [HIGH] CWE-843 CVE-2026-6732: A flaw was found in libxml2. This vulnerability occurs when the library processes a specially crafte A flaw was found in libxml2. This vulnerability occurs when the library processes a specially crafted XML Schema Definition (XSD) validated document that includes an internal entity reference. An attacker could exploit this by providing a malicious document, leading to a type confusion error that causes the application to crash. This results in a denial

CVE-2026-31431 [HIGH] CWE-669 CVE-2026-31431: In the Linux kernel, the following vulnerability has been resolved: crypto: algif_aead - Revert to In the Linux kernel, the following vulnerability has been resolved: crypto: algif_aead - Revert to operating out-of-place This mostly reverts commit 72548b093ee3 except for the copying of the associated data. There is no benefit in operating in-place in algif_aead since the source and destination come from different mappings. Get rid of all the comp

CVE-2026-6846 [HIGH] CWE-122 CVE-2026-6846: A flaw was found in binutils. A heap-buffer-overflow vulnerability exists when processing a speciall A flaw was found in binutils. A heap-buffer-overflow vulnerability exists when processing a specially crafted XCOFF (Extended Common Object File Format) object file during linking. A local attacker could trick a user into processing this malicious file, which could lead to arbitrary code execution, allowing the attacker to run unauthorized commands, or

CVE-2026-6843 [MEDIUM] CWE-134 CVE-2026-6843: A flaw was found in nano. A local user could exploit a format string vulnerability in the `statuslin A flaw was found in nano. A local user could exploit a format string vulnerability in the `statusline()` function. By creating a directory with a name containing `printf` specifiers, the application attempts to display this name, leading to a segmentation fault (SEGV). This results in a Denial of Service (DoS) for the `nano` application.

CVE-2026-6845 [MEDIUM] CWE-476 CVE-2026-6845: A flaw was found in binutils, specifically within the `readelf` utility. This vulnerability allows a A flaw was found in binutils, specifically within the `readelf` utility. This vulnerability allows a local attacker to cause a Denial of Service (DoS) by tricking a user into processing a specially crafted Executable and Linkable Format (ELF) file. The exploitation of this flaw can lead to the system becoming unresponsive due to excessive resource con

CVE-2026-6844 [MEDIUM] CWE-400 CVE-2026-6844: A flaw was found in the `readelf` utility of the binutils package. A local attacker could exploit tw A flaw was found in the `readelf` utility of the binutils package. A local attacker could exploit two Denial of Service (DoS) vulnerabilities by providing a specially crafted Executable and Linkable Format (ELF) file. One vulnerability, a resource exhaustion (CWE-400), can lead to an out-of-memory condition. The other, a null pointer dereference (CWE-

CVE-2026-4878 [HIGH] CWE-367 CVE-2026-4878: A flaw was found in libcap. A local unprivileged user can exploit a Time-of-check-to-time-of-use (TO A flaw was found in libcap. A local unprivileged user can exploit a Time-of-check-to-time-of-use (TOCTOU) race condition in the `cap_set_file()` function. This allows an attacker with write access to a parent directory to redirect file capability updates to an attacker-controlled file. By doing so, capabilities can be injected into or stripped from unin

CVE-2026-5745 [MEDIUM] CWE-476 CVE-2026-5745: A flaw was found in libarchive. A NULL pointer dereference vulnerability exists in the ACL parsing l A flaw was found in libarchive. A NULL pointer dereference vulnerability exists in the ACL parsing logic, specifically within the archive_acl_from_text_nl() function. When processing a malformed ACL string (such as a bare "d" or "default" tag without subsequent fields), the function fails to perform adequate validation before advancing the pointer. An

CVE-2026-5121 [HIGH] CWE-190 CVE-2026-5121: A flaw was found in libarchive. On 32-bit systems, an integer overflow vulnerability exists in the z A flaw was found in libarchive. On 32-bit systems, an integer overflow vulnerability exists in the zisofs block pointer allocation logic. A remote attacker can exploit this by providing a specially crafted ISO9660 image, which can lead to a heap buffer overflow. This could potentially allow for arbitrary code execution on the affected system.