Red Hat Enterprise Linux (yelp): Schwachstelle ermöglicht Offenlegung von Informationen
CVE-2025-3155 is a security vulnerability in the Yelp help browser for the GNOME desktop included in Red Hat Enterprise Linux (RHEL) versions 8. 4 and 9. 0. The vulnerability allows arbitrary file read, potentially exposing sensitive information. Red Hat has issued security advisories RHSA-2025:4450 and RHSA-2025:4451 addressing this issue with updated Yelp packages. The vulnerability is rated with an Important security impact by Red Hat Product Security. Fixed packages are available for multiple architectures including x86_64, ppc64le, aarch64, and s390x. Users of affected RHEL versions should apply the provided updates to remediate the vulnerability.
AI Analysis
Technical Summary
The vulnerability CVE-2025-3155 affects the Yelp help browser in Red Hat Enterprise Linux 8.4 and 9.0. Yelp is used to browse system documentation including man pages and DocBook files. The flaw allows arbitrary file read, which can lead to unauthorized disclosure of information. Red Hat has released security advisories RHSA-2025:4450 and RHSA-2025:4451 that provide updated Yelp packages fixing this issue. The advisories cover multiple RHEL variants and architectures, with detailed package versions and checksums provided. The security impact is rated Important by Red Hat, and users are advised to update to the fixed versions as detailed in the advisories.
Potential Impact
Successful exploitation of this vulnerability allows an attacker to read arbitrary files on the affected system via the Yelp help browser, potentially exposing sensitive information. The issue affects multiple RHEL variants and architectures. There is no indication of known exploits in the wild at this time. The vulnerability is rated Important by Red Hat Product Security, indicating a significant but not critical impact.
Mitigation Recommendations
Red Hat has released official security updates fixing CVE-2025-3155 in Yelp for RHEL 8.4 and 9.0. Users should apply these updates promptly by following the instructions in the Red Hat advisories RHSA-2025:4450 and RHSA-2025:4451 and the referenced article https://access.redhat.com/articles/11258. Applying these updates mitigates the vulnerability. No additional or alternative mitigations are indicated by the vendor.
Red Hat Enterprise Linux (yelp): Schwachstelle ermöglicht Offenlegung von Informationen
Description
CVE-2025-3155 is a security vulnerability in the Yelp help browser for the GNOME desktop included in Red Hat Enterprise Linux (RHEL) versions 8. 4 and 9. 0. The vulnerability allows arbitrary file read, potentially exposing sensitive information. Red Hat has issued security advisories RHSA-2025:4450 and RHSA-2025:4451 addressing this issue with updated Yelp packages. The vulnerability is rated with an Important security impact by Red Hat Product Security. Fixed packages are available for multiple architectures including x86_64, ppc64le, aarch64, and s390x. Users of affected RHEL versions should apply the provided updates to remediate the vulnerability.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The vulnerability CVE-2025-3155 affects the Yelp help browser in Red Hat Enterprise Linux 8.4 and 9.0. Yelp is used to browse system documentation including man pages and DocBook files. The flaw allows arbitrary file read, which can lead to unauthorized disclosure of information. Red Hat has released security advisories RHSA-2025:4450 and RHSA-2025:4451 that provide updated Yelp packages fixing this issue. The advisories cover multiple RHEL variants and architectures, with detailed package versions and checksums provided. The security impact is rated Important by Red Hat, and users are advised to update to the fixed versions as detailed in the advisories.
Potential Impact
Successful exploitation of this vulnerability allows an attacker to read arbitrary files on the affected system via the Yelp help browser, potentially exposing sensitive information. The issue affects multiple RHEL variants and architectures. There is no indication of known exploits in the wild at this time. The vulnerability is rated Important by Red Hat Product Security, indicating a significant but not critical impact.
Mitigation Recommendations
Red Hat has released official security updates fixing CVE-2025-3155 in Yelp for RHEL 8.4 and 9.0. Users should apply these updates promptly by following the instructions in the Red Hat advisories RHSA-2025:4450 and RHSA-2025:4451 and the referenced article https://access.redhat.com/articles/11258. Applying these updates mitigates the vulnerability. No additional or alternative mitigations are indicated by the vendor.
Technical Details
- Gcve Source
- db.gcve.eu
- Csaf Category
- csaf_base
- Csaf Version
- 2.0
- Publisher
- Bundesamt für Sicherheit in der Informationstechnik
- Advisory Id
- WID-SEC-W-2025-0931
- Cve Count
- 1
- Additional Cves
- []
- Cvss Version
- null
Threat ID: 6a27e99e8dd33fbd8516c4d4
Added to database: 6/9/2026, 10:23:26 AM
Last enriched: 6/9/2026, 10:44:25 AM
Last updated: 6/10/2026, 5:16:00 AM
Views: 3
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.