cvelistv5 - cve-2025-57852

CVE-2025-57852 (GCVE-0-2025-57852)

Vulnerability from cvelistv5

Published

2025-09-30 14:37

Modified

2025-10-01 09:12

Severity ?

5.2 (Medium) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:H/A:L

CWE

CWE-276 - Incorrect Default Permissions

Summary

A container privilege escalation flaw was found in KServe ModelMesh container images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an affected container, even as a non-root user, can leverage their membership in the root group to modify the /etc/passwd file. This could allow the attacker to add a new user with any arbitrary UID, including UID 0, leading to full root privileges within the container.

References

▼	URL	Tags
	secalert@redhat.com	https://access.redhat.com/errata/RHBA-2025:16983
	secalert@redhat.com	https://access.redhat.com/errata/RHBA-2025:16984
	secalert@redhat.com	https://access.redhat.com/security/cve/CVE-2025-57852
	secalert@redhat.com	https://bugzilla.redhat.com/show_bug.cgi?id=2391105

Impacted products

Vendor

Product

Version

▼

Red Hat

Red Hat OpenShift AI 2.19

Unaffected: sha256:53ac36baa374159b9065c718a9ede821bbb61d9ebe9502b2243e0a9f7aca0d16 < *
cpe:/a:redhat:openshift_ai:2.19::el8

	Red Hat	Red Hat OpenShift AI 2.21	Unaffected: sha256:687c8eeed55f021ecaab1307f0e88b5b16d91f72d63b3d7168d7bbee90e8947b < * cpe:/a:redhat:openshift_ai:2.21::el9
	Red Hat	Red Hat OpenShift AI (RHOAI)	cpe:/a:redhat:openshift_ai

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-57852",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-09-30T15:27:58.164163Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-09-30T15:35:07.031Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_ai:2.19::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "registry.redhat.io/rhoai/odh-modelmesh-rhel8",
          "product": "Red Hat OpenShift AI 2.19",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "sha256:53ac36baa374159b9065c718a9ede821bbb61d9ebe9502b2243e0a9f7aca0d16",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_ai:2.21::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "registry.redhat.io/rhoai/odh-modelmesh-rhel9",
          "product": "Red Hat OpenShift AI 2.21",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "sha256:687c8eeed55f021ecaab1307f0e88b5b16d91f72d63b3d7168d7bbee90e8947b",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_ai"
          ],
          "defaultStatus": "affected",
          "packageName": "rhoai/odh-modelmesh-rhel9",
          "product": "Red Hat OpenShift AI (RHOAI)",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank Antony Di Scala and Michael Whale for reporting this issue."
        }
      ],
      "datePublic": "2025-09-30T14:25:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A container privilege escalation flaw was found in KServe ModelMesh container images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an affected container, even as a non-root user, can leverage their membership in the root group to modify the /etc/passwd file. This could allow the attacker to add a new user with any arbitrary UID, including UID 0, leading to full root privileges within the container."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Low"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "LOW",
            "baseScore": 5.2,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:H/A:L",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-276",
              "description": "Incorrect Default Permissions",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-10-01T09:12:38.219Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHBA-2025:16983",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHBA-2025:16983"
        },
        {
          "name": "RHBA-2025:16984",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHBA-2025:16984"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-57852"
        },
        {
          "name": "RHBZ#2391105",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2391105"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-08-26T00:00:00+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-09-30T14:25:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Openshift-ai: privilege escalation via excessive /etc/passwd permissions",
      "x_redhatCweChain": "CWE-276: Incorrect Default Permissions"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-57852",
    "datePublished": "2025-09-30T14:37:10.024Z",
    "dateReserved": "2025-08-21T14:40:40.822Z",
    "dateUpdated": "2025-10-01T09:12:38.219Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-57852\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2025-09-30T15:15:53.720\",\"lastModified\":\"2025-10-01T10:15:31.500\",\"vulnStatus\":\"Received\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A container privilege escalation flaw was found in KServe ModelMesh container images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an affected container, even as a non-root user, can leverage their membership in the root group to modify the /etc/passwd file. This could allow the attacker to add a new user with any arbitrary UID, including UID 0, leading to full root privileges within the container.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:H/A:L\",\"baseScore\":5.2,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":0.5,\"impactScore\":4.7}]},\"weaknesses\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-276\"}]}],\"references\":[{\"url\":\"https://access.redhat.com/errata/RHBA-2025:16983\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHBA-2025:16984\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/security/cve/CVE-2025-57852\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2391105\",\"source\":\"secalert@redhat.com\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-57852\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-09-30T15:27:58.164163Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-09-30T15:28:00.770Z\"}}], \"cna\": {\"title\": \"Openshift-ai: privilege escalation via excessive /etc/passwd permissions\", \"credits\": [{\"lang\": \"en\", \"value\": \"Red Hat would like to thank Antony Di Scala and Michael Whale for reporting this issue.\"}], \"metrics\": [{\"other\": {\"type\": \"Red Hat severity rating\", \"content\": {\"value\": \"Low\", \"namespace\": \"https://access.redhat.com/security/updates/classification/\"}}}, {\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 5.2, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:H/A:L\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"LOW\", \"privilegesRequired\": \"HIGH\", \"confidentialityImpact\": \"LOW\"}}], \"affected\": [{\"cpes\": [\"cpe:/a:redhat:openshift_ai:2.19::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift AI 2.19\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"sha256:53ac36baa374159b9065c718a9ede821bbb61d9ebe9502b2243e0a9f7aca0d16\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"registry.redhat.io/rhoai/odh-modelmesh-rhel8\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_ai:2.21::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift AI 2.21\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"sha256:687c8eeed55f021ecaab1307f0e88b5b16d91f72d63b3d7168d7bbee90e8947b\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"registry.redhat.io/rhoai/odh-modelmesh-rhel9\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_ai\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift AI (RHOAI)\", \"packageName\": \"rhoai/odh-modelmesh-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2025-08-26T00:00:00+00:00\", \"value\": \"Reported to Red Hat.\"}, {\"lang\": \"en\", \"time\": \"2025-09-30T14:25:00+00:00\", \"value\": \"Made public.\"}], \"datePublic\": \"2025-09-30T14:25:00.000Z\", \"references\": [{\"url\": \"https://access.redhat.com/errata/RHBA-2025:16983\", \"name\": \"RHBA-2025:16983\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHBA-2025:16984\", \"name\": \"RHBA-2025:16984\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/security/cve/CVE-2025-57852\", \"tags\": [\"vdb-entry\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2391105\", \"name\": \"RHBZ#2391105\", \"tags\": [\"issue-tracking\", \"x_refsource_REDHAT\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A container privilege escalation flaw was found in KServe ModelMesh container images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an affected container, even as a non-root user, can leverage their membership in the root group to modify the /etc/passwd file. This could allow the attacker to add a new user with any arbitrary UID, including UID 0, leading to full root privileges within the container.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-276\", \"description\": \"Incorrect Default Permissions\"}]}], \"providerMetadata\": {\"orgId\": \"53f830b8-0a3f-465b-8143-3b8a9948e749\", \"shortName\": \"redhat\", \"dateUpdated\": \"2025-10-01T09:12:38.219Z\"}, \"x_redhatCweChain\": \"CWE-276: Incorrect Default Permissions\"}}",
      "cveMetadata": "{\"cveId\": \"CVE-2025-57852\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-10-01T09:12:38.219Z\", \"dateReserved\": \"2025-08-21T14:40:40.822Z\", \"assignerOrgId\": \"53f830b8-0a3f-465b-8143-3b8a9948e749\", \"datePublished\": \"2025-09-30T14:37:10.024Z\", \"assignerShortName\": \"redhat\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

rhba-2025:16984

Vulnerability from csaf_redhat

Published

2025-09-29 17:16

Modified

2025-10-01 09:12

Summary

Red Hat Bug Fix Advisory: RHOAI 2.19.0 - Red Hat OpenShift AI

Notes

Topic

Updated images are now available for Red Hat OpenShift AI.

Details

Release of RHOAI 2.19.0 provides these changes:

This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Updated images are now available for Red Hat OpenShift AI.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Release of RHOAI 2.19.0 provides these changes:",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHBA-2025:16984",
        "url": "https://access.redhat.com/errata/RHBA-2025:16984"
      },
      {
        "category": "external",
        "summary": "https://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
        "url": "https://docs.redhat.com/en/documentation/red_hat_openshift_ai/"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/",
        "url": "https://access.redhat.com/security/updates/classification/"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/cve-2025-10725",
        "url": "https://access.redhat.com/security/cve/cve-2025-10725"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/cve-2025-57852",
        "url": "https://access.redhat.com/security/cve/cve-2025-57852"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhba-2025_16984.json"
      }
    ],
    "title": "Red Hat Bug Fix Advisory: RHOAI 2.19.0 - Red Hat OpenShift AI",
    "tracking": {
      "current_release_date": "2025-10-01T09:12:22+00:00",
      "generator": {
        "date": "2025-10-01T09:12:22+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.6.8"
        }
      },
      "id": "RHBA-2025:16984",
      "initial_release_date": "2025-09-29T17:16:20+00:00",
      "revision_history": [
        {
          "date": "2025-09-29T17:16:20+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2025-09-30T16:12:00+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-10-01T09:12:22+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat OpenShift AI 2.19",
                "product": {
                  "name": "Red Hat OpenShift AI 2.19",
                  "product_id": "Red Hat OpenShift AI 2.19",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift_ai:2.19::el8"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat OpenShift AI"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:d316259cc9d5555c2137ba177375f64ca297ce7b3dde7ec66edb8567e110a0da_amd64",
                "product": {
                  "name": "registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:d316259cc9d5555c2137ba177375f64ca297ce7b3dde7ec66edb8567e110a0da_amd64",
                  "product_id": "registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:d316259cc9d5555c2137ba177375f64ca297ce7b3dde7ec66edb8567e110a0da_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/odh-dashboard-rhel8@sha256%3Ad316259cc9d5555c2137ba177375f64ca297ce7b3dde7ec66edb8567e110a0da?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=v2.19.3-1758705248"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:53ac36baa374159b9065c718a9ede821bbb61d9ebe9502b2243e0a9f7aca0d16_amd64",
                "product": {
                  "name": "registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:53ac36baa374159b9065c718a9ede821bbb61d9ebe9502b2243e0a9f7aca0d16_amd64",
                  "product_id": "registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:53ac36baa374159b9065c718a9ede821bbb61d9ebe9502b2243e0a9f7aca0d16_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/odh-modelmesh-rhel8@sha256%3A53ac36baa374159b9065c718a9ede821bbb61d9ebe9502b2243e0a9f7aca0d16?arch=amd64\u0026repository_url=registry.redhat.io/rhoai"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/rhoai/odh-operator-bundle@sha256:a6e02e1876fd5382ba4921dd65650b2d747666feb96c839f34e99d2972dfc323_amd64",
                "product": {
                  "name": "registry.redhat.io/rhoai/odh-operator-bundle@sha256:a6e02e1876fd5382ba4921dd65650b2d747666feb96c839f34e99d2972dfc323_amd64",
                  "product_id": "registry.redhat.io/rhoai/odh-operator-bundle@sha256:a6e02e1876fd5382ba4921dd65650b2d747666feb96c839f34e99d2972dfc323_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/odh-operator-bundle@sha256%3Aa6e02e1876fd5382ba4921dd65650b2d747666feb96c839f34e99d2972dfc323?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=v2.19.3-1758720462"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/rhoai/odh-rhel8-operator@sha256:03e5cbae0925efac7fd0adfb14f4317c48a7efdbdd54c7804db92a2efb3b2bfc_amd64",
                "product": {
                  "name": "registry.redhat.io/rhoai/odh-rhel8-operator@sha256:03e5cbae0925efac7fd0adfb14f4317c48a7efdbdd54c7804db92a2efb3b2bfc_amd64",
                  "product_id": "registry.redhat.io/rhoai/odh-rhel8-operator@sha256:03e5cbae0925efac7fd0adfb14f4317c48a7efdbdd54c7804db92a2efb3b2bfc_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/odh-rhel8-operator@sha256%3A03e5cbae0925efac7fd0adfb14f4317c48a7efdbdd54c7804db92a2efb3b2bfc?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=v2.19.3-1758715871"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "amd64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:a03e4403f33af3ab32dd42d8bf8762aea079bd14d66f0543f525453acb048c80_ppc64le",
                "product": {
                  "name": "registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:a03e4403f33af3ab32dd42d8bf8762aea079bd14d66f0543f525453acb048c80_ppc64le",
                  "product_id": "registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:a03e4403f33af3ab32dd42d8bf8762aea079bd14d66f0543f525453acb048c80_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/odh-dashboard-rhel8@sha256%3Aa03e4403f33af3ab32dd42d8bf8762aea079bd14d66f0543f525453acb048c80?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=v2.19.3-1758705248"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/rhoai/odh-rhel8-operator@sha256:43a8904396e55074ffb1afcfcd8fe6db0edcbc918a8ff8301b6b0920aea7eabf_ppc64le",
                "product": {
                  "name": "registry.redhat.io/rhoai/odh-rhel8-operator@sha256:43a8904396e55074ffb1afcfcd8fe6db0edcbc918a8ff8301b6b0920aea7eabf_ppc64le",
                  "product_id": "registry.redhat.io/rhoai/odh-rhel8-operator@sha256:43a8904396e55074ffb1afcfcd8fe6db0edcbc918a8ff8301b6b0920aea7eabf_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/odh-rhel8-operator@sha256%3A43a8904396e55074ffb1afcfcd8fe6db0edcbc918a8ff8301b6b0920aea7eabf?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=v2.19.3-1758715871"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:e2b51a0d81397f7318c655b76f2952bd08e333ba56aa89053357b39514c23686_s390x",
                "product": {
                  "name": "registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:e2b51a0d81397f7318c655b76f2952bd08e333ba56aa89053357b39514c23686_s390x",
                  "product_id": "registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:e2b51a0d81397f7318c655b76f2952bd08e333ba56aa89053357b39514c23686_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/odh-dashboard-rhel8@sha256%3Ae2b51a0d81397f7318c655b76f2952bd08e333ba56aa89053357b39514c23686?arch=s390x\u0026repository_url=registry.redhat.io/rhoai\u0026tag=v2.19.3-1758705248"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/rhoai/odh-rhel8-operator@sha256:74858d557494f60d4abaa5491b0db312a77bfb83709447b11396a0cf74bec623_s390x",
                "product": {
                  "name": "registry.redhat.io/rhoai/odh-rhel8-operator@sha256:74858d557494f60d4abaa5491b0db312a77bfb83709447b11396a0cf74bec623_s390x",
                  "product_id": "registry.redhat.io/rhoai/odh-rhel8-operator@sha256:74858d557494f60d4abaa5491b0db312a77bfb83709447b11396a0cf74bec623_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/odh-rhel8-operator@sha256%3A74858d557494f60d4abaa5491b0db312a77bfb83709447b11396a0cf74bec623?arch=s390x\u0026repository_url=registry.redhat.io/rhoai\u0026tag=v2.19.3-1758715871"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "registry.redhat.io/rhoai/odh-rhel8-operator@sha256:f9b4d952ca1ca80ecba82dec8f638f01a70de7404231e572ac2f51d5d31d5d28_arm64",
                "product": {
                  "name": "registry.redhat.io/rhoai/odh-rhel8-operator@sha256:f9b4d952ca1ca80ecba82dec8f638f01a70de7404231e572ac2f51d5d31d5d28_arm64",
                  "product_id": "registry.redhat.io/rhoai/odh-rhel8-operator@sha256:f9b4d952ca1ca80ecba82dec8f638f01a70de7404231e572ac2f51d5d31d5d28_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/odh-rhel8-operator@sha256%3Af9b4d952ca1ca80ecba82dec8f638f01a70de7404231e572ac2f51d5d31d5d28?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=v2.19.3-1758715871"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "arm64"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:a03e4403f33af3ab32dd42d8bf8762aea079bd14d66f0543f525453acb048c80_ppc64le as a component of Red Hat OpenShift AI 2.19",
          "product_id": "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:a03e4403f33af3ab32dd42d8bf8762aea079bd14d66f0543f525453acb048c80_ppc64le"
        },
        "product_reference": "registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:a03e4403f33af3ab32dd42d8bf8762aea079bd14d66f0543f525453acb048c80_ppc64le",
        "relates_to_product_reference": "Red Hat OpenShift AI 2.19"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:d316259cc9d5555c2137ba177375f64ca297ce7b3dde7ec66edb8567e110a0da_amd64 as a component of Red Hat OpenShift AI 2.19",
          "product_id": "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:d316259cc9d5555c2137ba177375f64ca297ce7b3dde7ec66edb8567e110a0da_amd64"
        },
        "product_reference": "registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:d316259cc9d5555c2137ba177375f64ca297ce7b3dde7ec66edb8567e110a0da_amd64",
        "relates_to_product_reference": "Red Hat OpenShift AI 2.19"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:e2b51a0d81397f7318c655b76f2952bd08e333ba56aa89053357b39514c23686_s390x as a component of Red Hat OpenShift AI 2.19",
          "product_id": "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:e2b51a0d81397f7318c655b76f2952bd08e333ba56aa89053357b39514c23686_s390x"
        },
        "product_reference": "registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:e2b51a0d81397f7318c655b76f2952bd08e333ba56aa89053357b39514c23686_s390x",
        "relates_to_product_reference": "Red Hat OpenShift AI 2.19"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:53ac36baa374159b9065c718a9ede821bbb61d9ebe9502b2243e0a9f7aca0d16_amd64 as a component of Red Hat OpenShift AI 2.19",
          "product_id": "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:53ac36baa374159b9065c718a9ede821bbb61d9ebe9502b2243e0a9f7aca0d16_amd64"
        },
        "product_reference": "registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:53ac36baa374159b9065c718a9ede821bbb61d9ebe9502b2243e0a9f7aca0d16_amd64",
        "relates_to_product_reference": "Red Hat OpenShift AI 2.19"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/rhoai/odh-operator-bundle@sha256:a6e02e1876fd5382ba4921dd65650b2d747666feb96c839f34e99d2972dfc323_amd64 as a component of Red Hat OpenShift AI 2.19",
          "product_id": "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-operator-bundle@sha256:a6e02e1876fd5382ba4921dd65650b2d747666feb96c839f34e99d2972dfc323_amd64"
        },
        "product_reference": "registry.redhat.io/rhoai/odh-operator-bundle@sha256:a6e02e1876fd5382ba4921dd65650b2d747666feb96c839f34e99d2972dfc323_amd64",
        "relates_to_product_reference": "Red Hat OpenShift AI 2.19"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/rhoai/odh-rhel8-operator@sha256:03e5cbae0925efac7fd0adfb14f4317c48a7efdbdd54c7804db92a2efb3b2bfc_amd64 as a component of Red Hat OpenShift AI 2.19",
          "product_id": "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:03e5cbae0925efac7fd0adfb14f4317c48a7efdbdd54c7804db92a2efb3b2bfc_amd64"
        },
        "product_reference": "registry.redhat.io/rhoai/odh-rhel8-operator@sha256:03e5cbae0925efac7fd0adfb14f4317c48a7efdbdd54c7804db92a2efb3b2bfc_amd64",
        "relates_to_product_reference": "Red Hat OpenShift AI 2.19"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/rhoai/odh-rhel8-operator@sha256:43a8904396e55074ffb1afcfcd8fe6db0edcbc918a8ff8301b6b0920aea7eabf_ppc64le as a component of Red Hat OpenShift AI 2.19",
          "product_id": "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:43a8904396e55074ffb1afcfcd8fe6db0edcbc918a8ff8301b6b0920aea7eabf_ppc64le"
        },
        "product_reference": "registry.redhat.io/rhoai/odh-rhel8-operator@sha256:43a8904396e55074ffb1afcfcd8fe6db0edcbc918a8ff8301b6b0920aea7eabf_ppc64le",
        "relates_to_product_reference": "Red Hat OpenShift AI 2.19"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/rhoai/odh-rhel8-operator@sha256:74858d557494f60d4abaa5491b0db312a77bfb83709447b11396a0cf74bec623_s390x as a component of Red Hat OpenShift AI 2.19",
          "product_id": "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:74858d557494f60d4abaa5491b0db312a77bfb83709447b11396a0cf74bec623_s390x"
        },
        "product_reference": "registry.redhat.io/rhoai/odh-rhel8-operator@sha256:74858d557494f60d4abaa5491b0db312a77bfb83709447b11396a0cf74bec623_s390x",
        "relates_to_product_reference": "Red Hat OpenShift AI 2.19"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/rhoai/odh-rhel8-operator@sha256:f9b4d952ca1ca80ecba82dec8f638f01a70de7404231e572ac2f51d5d31d5d28_arm64 as a component of Red Hat OpenShift AI 2.19",
          "product_id": "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:f9b4d952ca1ca80ecba82dec8f638f01a70de7404231e572ac2f51d5d31d5d28_arm64"
        },
        "product_reference": "registry.redhat.io/rhoai/odh-rhel8-operator@sha256:f9b4d952ca1ca80ecba82dec8f638f01a70de7404231e572ac2f51d5d31d5d28_arm64",
        "relates_to_product_reference": "Red Hat OpenShift AI 2.19"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-10725",
      "cwe": {
        "id": "CWE-266",
        "name": "Incorrect Privilege Assignment"
      },
      "discovery_date": "2025-09-19T08:42:33.326000+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:a03e4403f33af3ab32dd42d8bf8762aea079bd14d66f0543f525453acb048c80_ppc64le",
            "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:d316259cc9d5555c2137ba177375f64ca297ce7b3dde7ec66edb8567e110a0da_amd64",
            "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:e2b51a0d81397f7318c655b76f2952bd08e333ba56aa89053357b39514c23686_s390x",
            "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:53ac36baa374159b9065c718a9ede821bbb61d9ebe9502b2243e0a9f7aca0d16_amd64",
            "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-operator-bundle@sha256:a6e02e1876fd5382ba4921dd65650b2d747666feb96c839f34e99d2972dfc323_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2396641"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Red Hat Openshift AI Service. A low-privileged attacker with access to an authenticated account, for example as a data scientist using a standard Jupyter notebook, can escalate their privileges to a full cluster administrator. This allows for the complete compromise of the cluster\u0027s confidentiality, integrity, and availability. The attacker can steal sensitive data, disrupt all services, and take control of the underlying infrastructure, leading to a total breach of the platform and all applications hosted on it.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openshift-ai: Overly Permissive ClusterRole Allows Authenticated Users to Escalate Privileges to Cluster Admin",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat Security Ratings classify this as an Important and not Critical because it requires minimal authentication for the remote attacker to Jeopardize an environment. Following https://access.redhat.com/security/updates/classification",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:03e5cbae0925efac7fd0adfb14f4317c48a7efdbdd54c7804db92a2efb3b2bfc_amd64",
          "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:43a8904396e55074ffb1afcfcd8fe6db0edcbc918a8ff8301b6b0920aea7eabf_ppc64le",
          "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:74858d557494f60d4abaa5491b0db312a77bfb83709447b11396a0cf74bec623_s390x",
          "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:f9b4d952ca1ca80ecba82dec8f638f01a70de7404231e572ac2f51d5d31d5d28_arm64"
        ],
        "known_not_affected": [
          "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:a03e4403f33af3ab32dd42d8bf8762aea079bd14d66f0543f525453acb048c80_ppc64le",
          "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:d316259cc9d5555c2137ba177375f64ca297ce7b3dde7ec66edb8567e110a0da_amd64",
          "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:e2b51a0d81397f7318c655b76f2952bd08e333ba56aa89053357b39514c23686_s390x",
          "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:53ac36baa374159b9065c718a9ede821bbb61d9ebe9502b2243e0a9f7aca0d16_amd64",
          "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-operator-bundle@sha256:a6e02e1876fd5382ba4921dd65650b2d747666feb96c839f34e99d2972dfc323_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-10725"
        },
        {
          "category": "external",
          "summary": "RHBZ#2396641",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2396641"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-10725",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-10725"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-10725",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-10725"
        }
      ],
      "release_date": "2025-09-29T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-09-29T17:16:20+00:00",
          "details": "For Red Hat OpenShift AI 2.19.0 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
          "product_ids": [
            "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:03e5cbae0925efac7fd0adfb14f4317c48a7efdbdd54c7804db92a2efb3b2bfc_amd64",
            "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:43a8904396e55074ffb1afcfcd8fe6db0edcbc918a8ff8301b6b0920aea7eabf_ppc64le",
            "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:74858d557494f60d4abaa5491b0db312a77bfb83709447b11396a0cf74bec623_s390x",
            "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:f9b4d952ca1ca80ecba82dec8f638f01a70de7404231e572ac2f51d5d31d5d28_arm64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHBA-2025:16984"
        },
        {
          "category": "workaround",
          "details": "* Remove the ClusterRoleBinding that associates the kueue-batch-user-role with the system:authenticated group. The permission to create jobs should be granted on a more granular, as-needed basis to specific users or groups, adhering to the principle of least privilege.\n\n* Avoid granting broad permissions to system-level groups.",
          "product_ids": [
            "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:a03e4403f33af3ab32dd42d8bf8762aea079bd14d66f0543f525453acb048c80_ppc64le",
            "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:d316259cc9d5555c2137ba177375f64ca297ce7b3dde7ec66edb8567e110a0da_amd64",
            "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:e2b51a0d81397f7318c655b76f2952bd08e333ba56aa89053357b39514c23686_s390x",
            "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:53ac36baa374159b9065c718a9ede821bbb61d9ebe9502b2243e0a9f7aca0d16_amd64",
            "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-operator-bundle@sha256:a6e02e1876fd5382ba4921dd65650b2d747666feb96c839f34e99d2972dfc323_amd64",
            "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:03e5cbae0925efac7fd0adfb14f4317c48a7efdbdd54c7804db92a2efb3b2bfc_amd64",
            "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:43a8904396e55074ffb1afcfcd8fe6db0edcbc918a8ff8301b6b0920aea7eabf_ppc64le",
            "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:74858d557494f60d4abaa5491b0db312a77bfb83709447b11396a0cf74bec623_s390x",
            "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:f9b4d952ca1ca80ecba82dec8f638f01a70de7404231e572ac2f51d5d31d5d28_arm64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.9,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:a03e4403f33af3ab32dd42d8bf8762aea079bd14d66f0543f525453acb048c80_ppc64le",
            "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:d316259cc9d5555c2137ba177375f64ca297ce7b3dde7ec66edb8567e110a0da_amd64",
            "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:e2b51a0d81397f7318c655b76f2952bd08e333ba56aa89053357b39514c23686_s390x",
            "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:53ac36baa374159b9065c718a9ede821bbb61d9ebe9502b2243e0a9f7aca0d16_amd64",
            "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-operator-bundle@sha256:a6e02e1876fd5382ba4921dd65650b2d747666feb96c839f34e99d2972dfc323_amd64",
            "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:03e5cbae0925efac7fd0adfb14f4317c48a7efdbdd54c7804db92a2efb3b2bfc_amd64",
            "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:43a8904396e55074ffb1afcfcd8fe6db0edcbc918a8ff8301b6b0920aea7eabf_ppc64le",
            "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:74858d557494f60d4abaa5491b0db312a77bfb83709447b11396a0cf74bec623_s390x",
            "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:f9b4d952ca1ca80ecba82dec8f638f01a70de7404231e572ac2f51d5d31d5d28_arm64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "openshift-ai: Overly Permissive ClusterRole Allows Authenticated Users to Escalate Privileges to Cluster Admin"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Michael Whale",
            "Antony Di Scala"
          ]
        }
      ],
      "cve": "CVE-2025-57852",
      "cwe": {
        "id": "CWE-276",
        "name": "Incorrect Default Permissions"
      },
      "discovery_date": "2025-08-26T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:a03e4403f33af3ab32dd42d8bf8762aea079bd14d66f0543f525453acb048c80_ppc64le",
            "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:d316259cc9d5555c2137ba177375f64ca297ce7b3dde7ec66edb8567e110a0da_amd64",
            "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:e2b51a0d81397f7318c655b76f2952bd08e333ba56aa89053357b39514c23686_s390x",
            "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-operator-bundle@sha256:a6e02e1876fd5382ba4921dd65650b2d747666feb96c839f34e99d2972dfc323_amd64",
            "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:03e5cbae0925efac7fd0adfb14f4317c48a7efdbdd54c7804db92a2efb3b2bfc_amd64",
            "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:43a8904396e55074ffb1afcfcd8fe6db0edcbc918a8ff8301b6b0920aea7eabf_ppc64le",
            "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:74858d557494f60d4abaa5491b0db312a77bfb83709447b11396a0cf74bec623_s390x",
            "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:f9b4d952ca1ca80ecba82dec8f638f01a70de7404231e572ac2f51d5d31d5d28_arm64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2391105"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A container privilege escalation flaw was found in KServe ModelMesh container images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an affected container, even as a non-root user, can leverage their membership in the root group to modify the /etc/passwd file. This could allow the attacker to add a new user with any arbitrary UID, including UID 0, leading to full root privileges within the container.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openshift-ai: privilege escalation via excessive /etc/passwd permissions",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat Security Ratings classify this as a Low and not Moderate in Red Hat OpenShift AI due to the restrictive SCC profile used for the ModelMesh containers. The restricted-v2 profile fully mitigates this vulnerability by dropping the SETUID and SETGID privileges, blocking the two system calls from processes within the container and preventing privilege escalation.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:53ac36baa374159b9065c718a9ede821bbb61d9ebe9502b2243e0a9f7aca0d16_amd64"
        ],
        "known_not_affected": [
          "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:a03e4403f33af3ab32dd42d8bf8762aea079bd14d66f0543f525453acb048c80_ppc64le",
          "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:d316259cc9d5555c2137ba177375f64ca297ce7b3dde7ec66edb8567e110a0da_amd64",
          "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:e2b51a0d81397f7318c655b76f2952bd08e333ba56aa89053357b39514c23686_s390x",
          "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-operator-bundle@sha256:a6e02e1876fd5382ba4921dd65650b2d747666feb96c839f34e99d2972dfc323_amd64",
          "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:03e5cbae0925efac7fd0adfb14f4317c48a7efdbdd54c7804db92a2efb3b2bfc_amd64",
          "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:43a8904396e55074ffb1afcfcd8fe6db0edcbc918a8ff8301b6b0920aea7eabf_ppc64le",
          "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:74858d557494f60d4abaa5491b0db312a77bfb83709447b11396a0cf74bec623_s390x",
          "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:f9b4d952ca1ca80ecba82dec8f638f01a70de7404231e572ac2f51d5d31d5d28_arm64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-57852"
        },
        {
          "category": "external",
          "summary": "RHBZ#2391105",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2391105"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-57852",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-57852"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-57852",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-57852"
        }
      ],
      "release_date": "2025-09-30T14:25:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-09-29T17:16:20+00:00",
          "details": "For Red Hat OpenShift AI 2.19.0 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
          "product_ids": [
            "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:53ac36baa374159b9065c718a9ede821bbb61d9ebe9502b2243e0a9f7aca0d16_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHBA-2025:16984"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "LOW",
            "baseScore": 5.2,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:H/A:L",
            "version": "3.1"
          },
          "products": [
            "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:a03e4403f33af3ab32dd42d8bf8762aea079bd14d66f0543f525453acb048c80_ppc64le",
            "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:d316259cc9d5555c2137ba177375f64ca297ce7b3dde7ec66edb8567e110a0da_amd64",
            "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:e2b51a0d81397f7318c655b76f2952bd08e333ba56aa89053357b39514c23686_s390x",
            "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:53ac36baa374159b9065c718a9ede821bbb61d9ebe9502b2243e0a9f7aca0d16_amd64",
            "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-operator-bundle@sha256:a6e02e1876fd5382ba4921dd65650b2d747666feb96c839f34e99d2972dfc323_amd64",
            "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:03e5cbae0925efac7fd0adfb14f4317c48a7efdbdd54c7804db92a2efb3b2bfc_amd64",
            "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:43a8904396e55074ffb1afcfcd8fe6db0edcbc918a8ff8301b6b0920aea7eabf_ppc64le",
            "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:74858d557494f60d4abaa5491b0db312a77bfb83709447b11396a0cf74bec623_s390x",
            "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:f9b4d952ca1ca80ecba82dec8f638f01a70de7404231e572ac2f51d5d31d5d28_arm64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "openshift-ai: privilege escalation via excessive /etc/passwd permissions"
    }
  ]
}

rhba-2025:16983

Vulnerability from csaf_redhat

Published

2025-09-29 17:16

Modified

2025-10-01 09:12

Summary

Red Hat Bug Fix Advisory: RHOAI 2.21.0 - Red Hat OpenShift AI

Notes

Topic

Updated images are now available for Red Hat OpenShift AI.

Details

Release of RHOAI 2.21.0 provides these changes:

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Updated images are now available for Red Hat OpenShift AI.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Release of RHOAI 2.21.0 provides these changes:",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHBA-2025:16983",
        "url": "https://access.redhat.com/errata/RHBA-2025:16983"
      },
      {
        "category": "external",
        "summary": "https://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
        "url": "https://docs.redhat.com/en/documentation/red_hat_openshift_ai/"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/",
        "url": "https://access.redhat.com/security/updates/classification/"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/cve-2025-10725",
        "url": "https://access.redhat.com/security/cve/cve-2025-10725"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/cve-2025-57852",
        "url": "https://access.redhat.com/security/cve/cve-2025-57852"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhba-2025_16983.json"
      }
    ],
    "title": "Red Hat Bug Fix Advisory: RHOAI 2.21.0 - Red Hat OpenShift AI",
    "tracking": {
      "current_release_date": "2025-10-01T09:12:21+00:00",
      "generator": {
        "date": "2025-10-01T09:12:21+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.6.8"
        }
      },
      "id": "RHBA-2025:16983",
      "initial_release_date": "2025-09-29T17:16:12+00:00",
      "revision_history": [
        {
          "date": "2025-09-29T17:16:12+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2025-09-30T16:12:00+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-10-01T09:12:21+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat OpenShift AI 2.21",
                "product": {
                  "name": "Red Hat OpenShift AI 2.21",
                  "product_id": "Red Hat OpenShift AI 2.21",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift_ai:2.21::el9"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat OpenShift AI"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:0a4f139cdacd228206c5a5a6b34b57ea87b040a58a46534ebc5daeda7d70cb19_amd64",
                "product": {
                  "name": "registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:0a4f139cdacd228206c5a5a6b34b57ea87b040a58a46534ebc5daeda7d70cb19_amd64",
                  "product_id": "registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:0a4f139cdacd228206c5a5a6b34b57ea87b040a58a46534ebc5daeda7d70cb19_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/odh-dashboard-rhel9@sha256%3A0a4f139cdacd228206c5a5a6b34b57ea87b040a58a46534ebc5daeda7d70cb19?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=v2.21.1-1758709863"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:687c8eeed55f021ecaab1307f0e88b5b16d91f72d63b3d7168d7bbee90e8947b_amd64",
                "product": {
                  "name": "registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:687c8eeed55f021ecaab1307f0e88b5b16d91f72d63b3d7168d7bbee90e8947b_amd64",
                  "product_id": "registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:687c8eeed55f021ecaab1307f0e88b5b16d91f72d63b3d7168d7bbee90e8947b_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/odh-modelmesh-rhel9@sha256%3A687c8eeed55f021ecaab1307f0e88b5b16d91f72d63b3d7168d7bbee90e8947b?arch=amd64\u0026repository_url=registry.redhat.io/rhoai"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/rhoai/odh-operator-bundle@sha256:e9612ec99daa171c403b5ddf37788526e5375b83987e5de9b1ebe519198607b4_amd64",
                "product": {
                  "name": "registry.redhat.io/rhoai/odh-operator-bundle@sha256:e9612ec99daa171c403b5ddf37788526e5375b83987e5de9b1ebe519198607b4_amd64",
                  "product_id": "registry.redhat.io/rhoai/odh-operator-bundle@sha256:e9612ec99daa171c403b5ddf37788526e5375b83987e5de9b1ebe519198607b4_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/odh-operator-bundle@sha256%3Ae9612ec99daa171c403b5ddf37788526e5375b83987e5de9b1ebe519198607b4?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=v2.21.1-1758724953"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/rhoai/odh-rhel9-operator@sha256:9f7620cc36c23dbf8528ecc04742861a65e867b338c582b84055559ab553f857_amd64",
                "product": {
                  "name": "registry.redhat.io/rhoai/odh-rhel9-operator@sha256:9f7620cc36c23dbf8528ecc04742861a65e867b338c582b84055559ab553f857_amd64",
                  "product_id": "registry.redhat.io/rhoai/odh-rhel9-operator@sha256:9f7620cc36c23dbf8528ecc04742861a65e867b338c582b84055559ab553f857_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/odh-rhel9-operator@sha256%3A9f7620cc36c23dbf8528ecc04742861a65e867b338c582b84055559ab553f857?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=v2.21.1-1758715880"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "amd64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:301a5939cc80923b789f9efaf96601b32d067472750afb22a7d001822b235ab0_ppc64le",
                "product": {
                  "name": "registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:301a5939cc80923b789f9efaf96601b32d067472750afb22a7d001822b235ab0_ppc64le",
                  "product_id": "registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:301a5939cc80923b789f9efaf96601b32d067472750afb22a7d001822b235ab0_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/odh-dashboard-rhel9@sha256%3A301a5939cc80923b789f9efaf96601b32d067472750afb22a7d001822b235ab0?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=v2.21.1-1758709863"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/rhoai/odh-rhel9-operator@sha256:66e2c3916ae1cdb08edab90f0868965b26991ce43fb120db7f2d05311d90c9c8_ppc64le",
                "product": {
                  "name": "registry.redhat.io/rhoai/odh-rhel9-operator@sha256:66e2c3916ae1cdb08edab90f0868965b26991ce43fb120db7f2d05311d90c9c8_ppc64le",
                  "product_id": "registry.redhat.io/rhoai/odh-rhel9-operator@sha256:66e2c3916ae1cdb08edab90f0868965b26991ce43fb120db7f2d05311d90c9c8_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/odh-rhel9-operator@sha256%3A66e2c3916ae1cdb08edab90f0868965b26991ce43fb120db7f2d05311d90c9c8?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=v2.21.1-1758715880"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:c25cf00dde02c342509a9617a3d1b55ec72236a6dacd2f38f9331ea4d8701fa5_s390x",
                "product": {
                  "name": "registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:c25cf00dde02c342509a9617a3d1b55ec72236a6dacd2f38f9331ea4d8701fa5_s390x",
                  "product_id": "registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:c25cf00dde02c342509a9617a3d1b55ec72236a6dacd2f38f9331ea4d8701fa5_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/odh-dashboard-rhel9@sha256%3Ac25cf00dde02c342509a9617a3d1b55ec72236a6dacd2f38f9331ea4d8701fa5?arch=s390x\u0026repository_url=registry.redhat.io/rhoai\u0026tag=v2.21.1-1758709863"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/rhoai/odh-rhel9-operator@sha256:799b0f8dc02e0e081582f5f6594f0a224aee1472c260f31058c78f54d005d7c6_s390x",
                "product": {
                  "name": "registry.redhat.io/rhoai/odh-rhel9-operator@sha256:799b0f8dc02e0e081582f5f6594f0a224aee1472c260f31058c78f54d005d7c6_s390x",
                  "product_id": "registry.redhat.io/rhoai/odh-rhel9-operator@sha256:799b0f8dc02e0e081582f5f6594f0a224aee1472c260f31058c78f54d005d7c6_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/odh-rhel9-operator@sha256%3A799b0f8dc02e0e081582f5f6594f0a224aee1472c260f31058c78f54d005d7c6?arch=s390x\u0026repository_url=registry.redhat.io/rhoai\u0026tag=v2.21.1-1758715880"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:dd32ff192490d1832df545699f66b80911f55d6ee36ead72b6a745dd7d4938e3_arm64",
                "product": {
                  "name": "registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:dd32ff192490d1832df545699f66b80911f55d6ee36ead72b6a745dd7d4938e3_arm64",
                  "product_id": "registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:dd32ff192490d1832df545699f66b80911f55d6ee36ead72b6a745dd7d4938e3_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/odh-dashboard-rhel9@sha256%3Add32ff192490d1832df545699f66b80911f55d6ee36ead72b6a745dd7d4938e3?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=v2.21.1-1758709863"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/rhoai/odh-rhel9-operator@sha256:db339d2d4f86af4efa695ef193d19e26b25fec80017fa2780833a4cd944e383b_arm64",
                "product": {
                  "name": "registry.redhat.io/rhoai/odh-rhel9-operator@sha256:db339d2d4f86af4efa695ef193d19e26b25fec80017fa2780833a4cd944e383b_arm64",
                  "product_id": "registry.redhat.io/rhoai/odh-rhel9-operator@sha256:db339d2d4f86af4efa695ef193d19e26b25fec80017fa2780833a4cd944e383b_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/odh-rhel9-operator@sha256%3Adb339d2d4f86af4efa695ef193d19e26b25fec80017fa2780833a4cd944e383b?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=v2.21.1-1758715880"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "arm64"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:0a4f139cdacd228206c5a5a6b34b57ea87b040a58a46534ebc5daeda7d70cb19_amd64 as a component of Red Hat OpenShift AI 2.21",
          "product_id": "Red Hat OpenShift AI 2.21:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:0a4f139cdacd228206c5a5a6b34b57ea87b040a58a46534ebc5daeda7d70cb19_amd64"
        },
        "product_reference": "registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:0a4f139cdacd228206c5a5a6b34b57ea87b040a58a46534ebc5daeda7d70cb19_amd64",
        "relates_to_product_reference": "Red Hat OpenShift AI 2.21"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:301a5939cc80923b789f9efaf96601b32d067472750afb22a7d001822b235ab0_ppc64le as a component of Red Hat OpenShift AI 2.21",
          "product_id": "Red Hat OpenShift AI 2.21:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:301a5939cc80923b789f9efaf96601b32d067472750afb22a7d001822b235ab0_ppc64le"
        },
        "product_reference": "registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:301a5939cc80923b789f9efaf96601b32d067472750afb22a7d001822b235ab0_ppc64le",
        "relates_to_product_reference": "Red Hat OpenShift AI 2.21"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:c25cf00dde02c342509a9617a3d1b55ec72236a6dacd2f38f9331ea4d8701fa5_s390x as a component of Red Hat OpenShift AI 2.21",
          "product_id": "Red Hat OpenShift AI 2.21:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:c25cf00dde02c342509a9617a3d1b55ec72236a6dacd2f38f9331ea4d8701fa5_s390x"
        },
        "product_reference": "registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:c25cf00dde02c342509a9617a3d1b55ec72236a6dacd2f38f9331ea4d8701fa5_s390x",
        "relates_to_product_reference": "Red Hat OpenShift AI 2.21"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:dd32ff192490d1832df545699f66b80911f55d6ee36ead72b6a745dd7d4938e3_arm64 as a component of Red Hat OpenShift AI 2.21",
          "product_id": "Red Hat OpenShift AI 2.21:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:dd32ff192490d1832df545699f66b80911f55d6ee36ead72b6a745dd7d4938e3_arm64"
        },
        "product_reference": "registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:dd32ff192490d1832df545699f66b80911f55d6ee36ead72b6a745dd7d4938e3_arm64",
        "relates_to_product_reference": "Red Hat OpenShift AI 2.21"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:687c8eeed55f021ecaab1307f0e88b5b16d91f72d63b3d7168d7bbee90e8947b_amd64 as a component of Red Hat OpenShift AI 2.21",
          "product_id": "Red Hat OpenShift AI 2.21:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:687c8eeed55f021ecaab1307f0e88b5b16d91f72d63b3d7168d7bbee90e8947b_amd64"
        },
        "product_reference": "registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:687c8eeed55f021ecaab1307f0e88b5b16d91f72d63b3d7168d7bbee90e8947b_amd64",
        "relates_to_product_reference": "Red Hat OpenShift AI 2.21"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/rhoai/odh-operator-bundle@sha256:e9612ec99daa171c403b5ddf37788526e5375b83987e5de9b1ebe519198607b4_amd64 as a component of Red Hat OpenShift AI 2.21",
          "product_id": "Red Hat OpenShift AI 2.21:registry.redhat.io/rhoai/odh-operator-bundle@sha256:e9612ec99daa171c403b5ddf37788526e5375b83987e5de9b1ebe519198607b4_amd64"
        },
        "product_reference": "registry.redhat.io/rhoai/odh-operator-bundle@sha256:e9612ec99daa171c403b5ddf37788526e5375b83987e5de9b1ebe519198607b4_amd64",
        "relates_to_product_reference": "Red Hat OpenShift AI 2.21"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/rhoai/odh-rhel9-operator@sha256:66e2c3916ae1cdb08edab90f0868965b26991ce43fb120db7f2d05311d90c9c8_ppc64le as a component of Red Hat OpenShift AI 2.21",
          "product_id": "Red Hat OpenShift AI 2.21:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:66e2c3916ae1cdb08edab90f0868965b26991ce43fb120db7f2d05311d90c9c8_ppc64le"
        },
        "product_reference": "registry.redhat.io/rhoai/odh-rhel9-operator@sha256:66e2c3916ae1cdb08edab90f0868965b26991ce43fb120db7f2d05311d90c9c8_ppc64le",
        "relates_to_product_reference": "Red Hat OpenShift AI 2.21"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/rhoai/odh-rhel9-operator@sha256:799b0f8dc02e0e081582f5f6594f0a224aee1472c260f31058c78f54d005d7c6_s390x as a component of Red Hat OpenShift AI 2.21",
          "product_id": "Red Hat OpenShift AI 2.21:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:799b0f8dc02e0e081582f5f6594f0a224aee1472c260f31058c78f54d005d7c6_s390x"
        },
        "product_reference": "registry.redhat.io/rhoai/odh-rhel9-operator@sha256:799b0f8dc02e0e081582f5f6594f0a224aee1472c260f31058c78f54d005d7c6_s390x",
        "relates_to_product_reference": "Red Hat OpenShift AI 2.21"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/rhoai/odh-rhel9-operator@sha256:9f7620cc36c23dbf8528ecc04742861a65e867b338c582b84055559ab553f857_amd64 as a component of Red Hat OpenShift AI 2.21",
          "product_id": "Red Hat OpenShift AI 2.21:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:9f7620cc36c23dbf8528ecc04742861a65e867b338c582b84055559ab553f857_amd64"
        },
        "product_reference": "registry.redhat.io/rhoai/odh-rhel9-operator@sha256:9f7620cc36c23dbf8528ecc04742861a65e867b338c582b84055559ab553f857_amd64",
        "relates_to_product_reference": "Red Hat OpenShift AI 2.21"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/rhoai/odh-rhel9-operator@sha256:db339d2d4f86af4efa695ef193d19e26b25fec80017fa2780833a4cd944e383b_arm64 as a component of Red Hat OpenShift AI 2.21",
          "product_id": "Red Hat OpenShift AI 2.21:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:db339d2d4f86af4efa695ef193d19e26b25fec80017fa2780833a4cd944e383b_arm64"
        },
        "product_reference": "registry.redhat.io/rhoai/odh-rhel9-operator@sha256:db339d2d4f86af4efa695ef193d19e26b25fec80017fa2780833a4cd944e383b_arm64",
        "relates_to_product_reference": "Red Hat OpenShift AI 2.21"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-10725",
      "cwe": {
        "id": "CWE-266",
        "name": "Incorrect Privilege Assignment"
      },
      "discovery_date": "2025-09-19T08:42:33.326000+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat OpenShift AI 2.21:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:0a4f139cdacd228206c5a5a6b34b57ea87b040a58a46534ebc5daeda7d70cb19_amd64",
            "Red Hat OpenShift AI 2.21:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:301a5939cc80923b789f9efaf96601b32d067472750afb22a7d001822b235ab0_ppc64le",
            "Red Hat OpenShift AI 2.21:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:c25cf00dde02c342509a9617a3d1b55ec72236a6dacd2f38f9331ea4d8701fa5_s390x",
            "Red Hat OpenShift AI 2.21:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:dd32ff192490d1832df545699f66b80911f55d6ee36ead72b6a745dd7d4938e3_arm64",
            "Red Hat OpenShift AI 2.21:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:687c8eeed55f021ecaab1307f0e88b5b16d91f72d63b3d7168d7bbee90e8947b_amd64",
            "Red Hat OpenShift AI 2.21:registry.redhat.io/rhoai/odh-operator-bundle@sha256:e9612ec99daa171c403b5ddf37788526e5375b83987e5de9b1ebe519198607b4_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2396641"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Red Hat Openshift AI Service. A low-privileged attacker with access to an authenticated account, for example as a data scientist using a standard Jupyter notebook, can escalate their privileges to a full cluster administrator. This allows for the complete compromise of the cluster\u0027s confidentiality, integrity, and availability. The attacker can steal sensitive data, disrupt all services, and take control of the underlying infrastructure, leading to a total breach of the platform and all applications hosted on it.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openshift-ai: Overly Permissive ClusterRole Allows Authenticated Users to Escalate Privileges to Cluster Admin",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat Security Ratings classify this as an Important and not Critical because it requires minimal authentication for the remote attacker to Jeopardize an environment. Following https://access.redhat.com/security/updates/classification",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat OpenShift AI 2.21:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:66e2c3916ae1cdb08edab90f0868965b26991ce43fb120db7f2d05311d90c9c8_ppc64le",
          "Red Hat OpenShift AI 2.21:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:799b0f8dc02e0e081582f5f6594f0a224aee1472c260f31058c78f54d005d7c6_s390x",
          "Red Hat OpenShift AI 2.21:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:9f7620cc36c23dbf8528ecc04742861a65e867b338c582b84055559ab553f857_amd64",
          "Red Hat OpenShift AI 2.21:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:db339d2d4f86af4efa695ef193d19e26b25fec80017fa2780833a4cd944e383b_arm64"
        ],
        "known_not_affected": [
          "Red Hat OpenShift AI 2.21:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:0a4f139cdacd228206c5a5a6b34b57ea87b040a58a46534ebc5daeda7d70cb19_amd64",
          "Red Hat OpenShift AI 2.21:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:301a5939cc80923b789f9efaf96601b32d067472750afb22a7d001822b235ab0_ppc64le",
          "Red Hat OpenShift AI 2.21:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:c25cf00dde02c342509a9617a3d1b55ec72236a6dacd2f38f9331ea4d8701fa5_s390x",
          "Red Hat OpenShift AI 2.21:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:dd32ff192490d1832df545699f66b80911f55d6ee36ead72b6a745dd7d4938e3_arm64",
          "Red Hat OpenShift AI 2.21:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:687c8eeed55f021ecaab1307f0e88b5b16d91f72d63b3d7168d7bbee90e8947b_amd64",
          "Red Hat OpenShift AI 2.21:registry.redhat.io/rhoai/odh-operator-bundle@sha256:e9612ec99daa171c403b5ddf37788526e5375b83987e5de9b1ebe519198607b4_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-10725"
        },
        {
          "category": "external",
          "summary": "RHBZ#2396641",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2396641"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-10725",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-10725"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-10725",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-10725"
        }
      ],
      "release_date": "2025-09-29T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-09-29T17:16:12+00:00",
          "details": "For Red Hat OpenShift AI 2.21.0 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
          "product_ids": [
            "Red Hat OpenShift AI 2.21:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:66e2c3916ae1cdb08edab90f0868965b26991ce43fb120db7f2d05311d90c9c8_ppc64le",
            "Red Hat OpenShift AI 2.21:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:799b0f8dc02e0e081582f5f6594f0a224aee1472c260f31058c78f54d005d7c6_s390x",
            "Red Hat OpenShift AI 2.21:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:9f7620cc36c23dbf8528ecc04742861a65e867b338c582b84055559ab553f857_amd64",
            "Red Hat OpenShift AI 2.21:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:db339d2d4f86af4efa695ef193d19e26b25fec80017fa2780833a4cd944e383b_arm64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHBA-2025:16983"
        },
        {
          "category": "workaround",
          "details": "* Remove the ClusterRoleBinding that associates the kueue-batch-user-role with the system:authenticated group. The permission to create jobs should be granted on a more granular, as-needed basis to specific users or groups, adhering to the principle of least privilege.\n\n* Avoid granting broad permissions to system-level groups.",
          "product_ids": [
            "Red Hat OpenShift AI 2.21:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:0a4f139cdacd228206c5a5a6b34b57ea87b040a58a46534ebc5daeda7d70cb19_amd64",
            "Red Hat OpenShift AI 2.21:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:301a5939cc80923b789f9efaf96601b32d067472750afb22a7d001822b235ab0_ppc64le",
            "Red Hat OpenShift AI 2.21:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:c25cf00dde02c342509a9617a3d1b55ec72236a6dacd2f38f9331ea4d8701fa5_s390x",
            "Red Hat OpenShift AI 2.21:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:dd32ff192490d1832df545699f66b80911f55d6ee36ead72b6a745dd7d4938e3_arm64",
            "Red Hat OpenShift AI 2.21:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:687c8eeed55f021ecaab1307f0e88b5b16d91f72d63b3d7168d7bbee90e8947b_amd64",
            "Red Hat OpenShift AI 2.21:registry.redhat.io/rhoai/odh-operator-bundle@sha256:e9612ec99daa171c403b5ddf37788526e5375b83987e5de9b1ebe519198607b4_amd64",
            "Red Hat OpenShift AI 2.21:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:66e2c3916ae1cdb08edab90f0868965b26991ce43fb120db7f2d05311d90c9c8_ppc64le",
            "Red Hat OpenShift AI 2.21:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:799b0f8dc02e0e081582f5f6594f0a224aee1472c260f31058c78f54d005d7c6_s390x",
            "Red Hat OpenShift AI 2.21:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:9f7620cc36c23dbf8528ecc04742861a65e867b338c582b84055559ab553f857_amd64",
            "Red Hat OpenShift AI 2.21:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:db339d2d4f86af4efa695ef193d19e26b25fec80017fa2780833a4cd944e383b_arm64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.9,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat OpenShift AI 2.21:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:0a4f139cdacd228206c5a5a6b34b57ea87b040a58a46534ebc5daeda7d70cb19_amd64",
            "Red Hat OpenShift AI 2.21:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:301a5939cc80923b789f9efaf96601b32d067472750afb22a7d001822b235ab0_ppc64le",
            "Red Hat OpenShift AI 2.21:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:c25cf00dde02c342509a9617a3d1b55ec72236a6dacd2f38f9331ea4d8701fa5_s390x",
            "Red Hat OpenShift AI 2.21:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:dd32ff192490d1832df545699f66b80911f55d6ee36ead72b6a745dd7d4938e3_arm64",
            "Red Hat OpenShift AI 2.21:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:687c8eeed55f021ecaab1307f0e88b5b16d91f72d63b3d7168d7bbee90e8947b_amd64",
            "Red Hat OpenShift AI 2.21:registry.redhat.io/rhoai/odh-operator-bundle@sha256:e9612ec99daa171c403b5ddf37788526e5375b83987e5de9b1ebe519198607b4_amd64",
            "Red Hat OpenShift AI 2.21:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:66e2c3916ae1cdb08edab90f0868965b26991ce43fb120db7f2d05311d90c9c8_ppc64le",
            "Red Hat OpenShift AI 2.21:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:799b0f8dc02e0e081582f5f6594f0a224aee1472c260f31058c78f54d005d7c6_s390x",
            "Red Hat OpenShift AI 2.21:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:9f7620cc36c23dbf8528ecc04742861a65e867b338c582b84055559ab553f857_amd64",
            "Red Hat OpenShift AI 2.21:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:db339d2d4f86af4efa695ef193d19e26b25fec80017fa2780833a4cd944e383b_arm64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "openshift-ai: Overly Permissive ClusterRole Allows Authenticated Users to Escalate Privileges to Cluster Admin"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Michael Whale",
            "Antony Di Scala"
          ]
        }
      ],
      "cve": "CVE-2025-57852",
      "cwe": {
        "id": "CWE-276",
        "name": "Incorrect Default Permissions"
      },
      "discovery_date": "2025-08-26T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat OpenShift AI 2.21:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:0a4f139cdacd228206c5a5a6b34b57ea87b040a58a46534ebc5daeda7d70cb19_amd64",
            "Red Hat OpenShift AI 2.21:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:301a5939cc80923b789f9efaf96601b32d067472750afb22a7d001822b235ab0_ppc64le",
            "Red Hat OpenShift AI 2.21:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:c25cf00dde02c342509a9617a3d1b55ec72236a6dacd2f38f9331ea4d8701fa5_s390x",
            "Red Hat OpenShift AI 2.21:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:dd32ff192490d1832df545699f66b80911f55d6ee36ead72b6a745dd7d4938e3_arm64",
            "Red Hat OpenShift AI 2.21:registry.redhat.io/rhoai/odh-operator-bundle@sha256:e9612ec99daa171c403b5ddf37788526e5375b83987e5de9b1ebe519198607b4_amd64",
            "Red Hat OpenShift AI 2.21:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:66e2c3916ae1cdb08edab90f0868965b26991ce43fb120db7f2d05311d90c9c8_ppc64le",
            "Red Hat OpenShift AI 2.21:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:799b0f8dc02e0e081582f5f6594f0a224aee1472c260f31058c78f54d005d7c6_s390x",
            "Red Hat OpenShift AI 2.21:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:9f7620cc36c23dbf8528ecc04742861a65e867b338c582b84055559ab553f857_amd64",
            "Red Hat OpenShift AI 2.21:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:db339d2d4f86af4efa695ef193d19e26b25fec80017fa2780833a4cd944e383b_arm64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2391105"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A container privilege escalation flaw was found in KServe ModelMesh container images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an affected container, even as a non-root user, can leverage their membership in the root group to modify the /etc/passwd file. This could allow the attacker to add a new user with any arbitrary UID, including UID 0, leading to full root privileges within the container.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openshift-ai: privilege escalation via excessive /etc/passwd permissions",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat Security Ratings classify this as a Low and not Moderate in Red Hat OpenShift AI due to the restrictive SCC profile used for the ModelMesh containers. The restricted-v2 profile fully mitigates this vulnerability by dropping the SETUID and SETGID privileges, blocking the two system calls from processes within the container and preventing privilege escalation.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat OpenShift AI 2.21:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:687c8eeed55f021ecaab1307f0e88b5b16d91f72d63b3d7168d7bbee90e8947b_amd64"
        ],
        "known_not_affected": [
          "Red Hat OpenShift AI 2.21:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:0a4f139cdacd228206c5a5a6b34b57ea87b040a58a46534ebc5daeda7d70cb19_amd64",
          "Red Hat OpenShift AI 2.21:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:301a5939cc80923b789f9efaf96601b32d067472750afb22a7d001822b235ab0_ppc64le",
          "Red Hat OpenShift AI 2.21:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:c25cf00dde02c342509a9617a3d1b55ec72236a6dacd2f38f9331ea4d8701fa5_s390x",
          "Red Hat OpenShift AI 2.21:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:dd32ff192490d1832df545699f66b80911f55d6ee36ead72b6a745dd7d4938e3_arm64",
          "Red Hat OpenShift AI 2.21:registry.redhat.io/rhoai/odh-operator-bundle@sha256:e9612ec99daa171c403b5ddf37788526e5375b83987e5de9b1ebe519198607b4_amd64",
          "Red Hat OpenShift AI 2.21:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:66e2c3916ae1cdb08edab90f0868965b26991ce43fb120db7f2d05311d90c9c8_ppc64le",
          "Red Hat OpenShift AI 2.21:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:799b0f8dc02e0e081582f5f6594f0a224aee1472c260f31058c78f54d005d7c6_s390x",
          "Red Hat OpenShift AI 2.21:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:9f7620cc36c23dbf8528ecc04742861a65e867b338c582b84055559ab553f857_amd64",
          "Red Hat OpenShift AI 2.21:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:db339d2d4f86af4efa695ef193d19e26b25fec80017fa2780833a4cd944e383b_arm64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-57852"
        },
        {
          "category": "external",
          "summary": "RHBZ#2391105",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2391105"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-57852",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-57852"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-57852",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-57852"
        }
      ],
      "release_date": "2025-09-30T14:25:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-09-29T17:16:12+00:00",
          "details": "For Red Hat OpenShift AI 2.21.0 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
          "product_ids": [
            "Red Hat OpenShift AI 2.21:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:687c8eeed55f021ecaab1307f0e88b5b16d91f72d63b3d7168d7bbee90e8947b_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHBA-2025:16983"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "LOW",
            "baseScore": 5.2,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:H/A:L",
            "version": "3.1"
          },
          "products": [
            "Red Hat OpenShift AI 2.21:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:0a4f139cdacd228206c5a5a6b34b57ea87b040a58a46534ebc5daeda7d70cb19_amd64",
            "Red Hat OpenShift AI 2.21:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:301a5939cc80923b789f9efaf96601b32d067472750afb22a7d001822b235ab0_ppc64le",
            "Red Hat OpenShift AI 2.21:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:c25cf00dde02c342509a9617a3d1b55ec72236a6dacd2f38f9331ea4d8701fa5_s390x",
            "Red Hat OpenShift AI 2.21:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:dd32ff192490d1832df545699f66b80911f55d6ee36ead72b6a745dd7d4938e3_arm64",
            "Red Hat OpenShift AI 2.21:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:687c8eeed55f021ecaab1307f0e88b5b16d91f72d63b3d7168d7bbee90e8947b_amd64",
            "Red Hat OpenShift AI 2.21:registry.redhat.io/rhoai/odh-operator-bundle@sha256:e9612ec99daa171c403b5ddf37788526e5375b83987e5de9b1ebe519198607b4_amd64",
            "Red Hat OpenShift AI 2.21:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:66e2c3916ae1cdb08edab90f0868965b26991ce43fb120db7f2d05311d90c9c8_ppc64le",
            "Red Hat OpenShift AI 2.21:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:799b0f8dc02e0e081582f5f6594f0a224aee1472c260f31058c78f54d005d7c6_s390x",
            "Red Hat OpenShift AI 2.21:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:9f7620cc36c23dbf8528ecc04742861a65e867b338c582b84055559ab553f857_amd64",
            "Red Hat OpenShift AI 2.21:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:db339d2d4f86af4efa695ef193d19e26b25fec80017fa2780833a4cd944e383b_arm64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "openshift-ai: privilege escalation via excessive /etc/passwd permissions"
    }
  ]
}

fkie_cve-2025-57852

Vulnerability from fkie_nvd

Published

2025-09-30 15:15

Modified

2025-10-01 10:15

Severity ?

5.2 (Medium) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:H/A:L

Summary

References

▼	URL	Tags
	secalert@redhat.com	https://access.redhat.com/errata/RHBA-2025:16983
	secalert@redhat.com	https://access.redhat.com/errata/RHBA-2025:16984
	secalert@redhat.com	https://access.redhat.com/security/cve/CVE-2025-57852
	secalert@redhat.com	https://bugzilla.redhat.com/show_bug.cgi?id=2391105

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A container privilege escalation flaw was found in KServe ModelMesh container images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an affected container, even as a non-root user, can leverage their membership in the root group to modify the /etc/passwd file. This could allow the attacker to add a new user with any arbitrary UID, including UID 0, leading to full root privileges within the container."
    }
  ],
  "id": "CVE-2025-57852",
  "lastModified": "2025-10-01T10:15:31.500",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "LOCAL",
          "availabilityImpact": "LOW",
          "baseScore": 5.2,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:H/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 0.5,
        "impactScore": 4.7,
        "source": "secalert@redhat.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-09-30T15:15:53.720",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHBA-2025:16983"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHBA-2025:16984"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/security/cve/CVE-2025-57852"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2391105"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Received",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-276"
        }
      ],
      "source": "secalert@redhat.com",
      "type": "Secondary"
    }
  ]
}

ghsa-33j5-frrm-3wg2

Vulnerability from github

Published

2025-09-30 15:30

Modified

2025-10-01 12:30

Severity ?

5.2 (Medium) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:H/A:L

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2025-57852"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-276"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-09-30T15:15:53Z",
    "severity": "MODERATE"
  },
  "details": "A container privilege escalation flaw was found in KServe ModelMesh container images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an affected container, even as a non-root user, can leverage their membership in the root group to modify the /etc/passwd file. This could allow the attacker to add a new user with any arbitrary UID, including UID 0, leading to full root privileges within the container.",
  "id": "GHSA-33j5-frrm-3wg2",
  "modified": "2025-10-01T12:30:27Z",
  "published": "2025-09-30T15:30:30Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-57852"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHBA-2025:16983"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHBA-2025:16984"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/security/cve/CVE-2025-57852"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2391105"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:H/A:L",
      "type": "CVSS_V3"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2025-57852 (GCVE-0-2025-57852)

Vulnerability from cvelistv5

rhba-2025:16984

Vulnerability from csaf_redhat

rhba-2025:16983

Vulnerability from csaf_redhat

fkie_cve-2025-57852

Vulnerability from fkie_nvd

ghsa-33j5-frrm-3wg2

Vulnerability from github

Tags

Sightings

Nomenclature