Key Information Announcement ID: RHSA-2025:10294 Type/Severity: Security Advisory - Important Subject: Red Hat OpenShift Container Platform release 4.17.25 has been released, including updates to multiple packages and images, fixing several vulnerabilities and adding enhancements. Affected Products: - Red Hat OpenShift Container Platform 4.17 for RHEL 9 x86_64 - Red Hat OpenShift Container Platform 4.17 for RHEL 8 x86_64 - Red Hat OpenShift Container Platform 4.17 for RHEL 8 s390x - Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.17 for RHEL 9 s390x - Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.17 for RHEL 8 s390x - Red Hat OpenShift Container Platform for ARM 64 4.17 for RHEL 8 aarch64 - Red Hat OpenShift Container Platform for ARM 64 4.17 for RHEL 9 aarch64 Fixed Vulnerabilities: - CVE-2022-7888: When building OpenShift with openshift-apiserver-controller-manager, it allowed overwriting Node Pull Credentials. - CVE-2022-7888: Unexpected memory consumption occurred during token signing in galery.org/q/saml2/jwks. - CVE-2022-40022: glibc static binaries may incorrectly search LD_LIBRARY_PATH. - CVE-2022-40027: net/http package leaks and contention due to invalid cached data. - Multiple other CVEs, addressing various security issues. References: Includes multiple links, such as Common Vulnerability Scoring System (CVSS) base scores, detailed security ratings, etc.