关键漏洞信息 漏洞概述 漏洞ID: RHSA-2025:19894 发布日期: 2025-11-13 更新日期: 2025-11-13 漏洞严重性 重要性: 重要 受影响产品 Red Hat OpenShift Container Platform 4.12 for RHEL 9 x86_64 Red Hat OpenShift Container Platform 4.12 for RHEL 8 x86_64 Red Hat OpenShift Container Platform for Power 4.12 for RHEL 9 ppc64le Red Hat OpenShift Container Platform for Power 4.12 for RHEL 8 ppc64le Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.12 for RHEL 9 s390x Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.12 for RHEL 8 s390x Red Hat OpenShift Container Platform for ARM 64 4.12 for RHEL 9 aarch64 Red Hat OpenShift Container Platform for ARM 64 4.12 for RHEL 8 aarch64 修复措施 BZ - 2372373: CVE-2025-49794 libxml: Heap use after free (UAF) leads to Denial of service (DoS) BZ - 2372385: CVE-2025-49796 libxml: Type confusion leads to Denial of service (DoS) BZ - 2380149: CVE-2025-6965 sqlite: Integer Truncation in SQLite BZ - 2380949: CVE-2025-5994 unbound: Unbound Cache poisoning BZ - 2392595: CVE-2025-58060 cups: Authentication Bypass in CUPS Authorization Handling BZ - 2393152: CVE-2025-9566 podman: Podman kube play command may overwrite host files CVEs CVE-2025-5994 CVE-2025-6965 CVE-2025-9566 CVE-2025-49794 CVE-2025-49796 CVE-2025-58060 参考链接 https://access.redhat.com/security/updates/classification/#important