The vulnerability arises from the TrustyAI component in Red Hat OpenShift AI 2.25, which creates a role named 'trustyai-service-operator-lmeval-user-role' and a cluster role binding 'trustyai-service-operator-default-lmeval-user-rolebinding' applied to the 'system:authenticated' group. This configuration grants all authenticated users and service accounts permissions to get, list, and watch pods in any namespace, as well as access to persistent volume claims and lmevaljobs, resulting in incorrect privilege assignment and potential unauthorized information exposure. The CVSS v3.1 base score is 5.0 (medium severity) with vector AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N. Red Hat has released updated images in version 2.25.5 of OpenShift AI to address this issue, with upgrade instructions available in the vendor documentation.

The vulnerability allows any authenticated user or service account on the cluster to view pods across all namespaces and access certain resources like persistent volume claims and lmevaljobs. This could lead to unauthorized information disclosure within the cluster. There is no indication of privilege escalation, integrity, or availability impact. No known exploits in the wild have been reported.

Red Hat has released updated images for Red Hat OpenShift AI version 2.25.5 that address this vulnerability. Administrators should follow the official upgrade instructions provided in the Red Hat OpenShift AI documentation to update their clusters and apply the errata update. Patch status is confirmed by the vendor advisory indicating updated images are available. No other specific mitigation steps are provided or required beyond applying the update.