Red Hat Security Advisory: image-builder security update
This advisory addresses multiple security vulnerabilities in the Red Hat image-builder tool, which is used to create customized OS artifacts such as VM images and OSTree commits. The vulnerabilities include a denial of service via crafted certificates (CVE-2025-61729), memory exhaustion during URL query parameter parsing (CVE-2025-61726), and unexpected session resumption in TLS (CVE-2025-68121). These issues affect Red Hat Enterprise Linux 9 across various architectures. Red Hat has released updated packages to fix these vulnerabilities. Users should apply the provided updates to mitigate the risks.
AI Analysis
Technical Summary
The Red Hat image-builder utility, which leverages osbuild to create customized operating system artifacts, contains three security vulnerabilities: CVE-2025-61729 (a denial of service caused by excessive resource consumption via crafted certificates in crypto/x509), CVE-2025-61726 (memory exhaustion in query parameter parsing within the golang net/url package), and CVE-2025-68121 (unexpected session resumption in crypto/tls). These vulnerabilities can lead to resource exhaustion or unexpected TLS behavior. Red Hat has issued an important security advisory (RHSA-2026:3839) with updated packages for Red Hat Enterprise Linux 9 on multiple architectures to address these issues.
Potential Impact
The vulnerabilities can cause denial of service conditions through excessive resource consumption or memory exhaustion, potentially impacting the availability of systems using the image-builder tool. The unexpected session resumption in TLS could affect the security of TLS sessions, though specific impact details are not provided. No known exploits in the wild have been reported. The overall security impact is rated as Important by Red Hat.
Mitigation Recommendations
Red Hat has released updated image-builder packages for Red Hat Enterprise Linux 9 that address these vulnerabilities. Users should apply these official updates as described in Red Hat advisory RHSA-2026:3839 and the linked update article (https://access.redhat.com/articles/11258). Since this is an on-premises product, patching is required by the user or administrator. Patch status is confirmed as available via the vendor advisory.
Red Hat Security Advisory: image-builder security update
Description
This advisory addresses multiple security vulnerabilities in the Red Hat image-builder tool, which is used to create customized OS artifacts such as VM images and OSTree commits. The vulnerabilities include a denial of service via crafted certificates (CVE-2025-61729), memory exhaustion during URL query parameter parsing (CVE-2025-61726), and unexpected session resumption in TLS (CVE-2025-68121). These issues affect Red Hat Enterprise Linux 9 across various architectures. Red Hat has released updated packages to fix these vulnerabilities. Users should apply the provided updates to mitigate the risks.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The Red Hat image-builder utility, which leverages osbuild to create customized operating system artifacts, contains three security vulnerabilities: CVE-2025-61729 (a denial of service caused by excessive resource consumption via crafted certificates in crypto/x509), CVE-2025-61726 (memory exhaustion in query parameter parsing within the golang net/url package), and CVE-2025-68121 (unexpected session resumption in crypto/tls). These vulnerabilities can lead to resource exhaustion or unexpected TLS behavior. Red Hat has issued an important security advisory (RHSA-2026:3839) with updated packages for Red Hat Enterprise Linux 9 on multiple architectures to address these issues.
Potential Impact
The vulnerabilities can cause denial of service conditions through excessive resource consumption or memory exhaustion, potentially impacting the availability of systems using the image-builder tool. The unexpected session resumption in TLS could affect the security of TLS sessions, though specific impact details are not provided. No known exploits in the wild have been reported. The overall security impact is rated as Important by Red Hat.
Mitigation Recommendations
Red Hat has released updated image-builder packages for Red Hat Enterprise Linux 9 that address these vulnerabilities. Users should apply these official updates as described in Red Hat advisory RHSA-2026:3839 and the linked update article (https://access.redhat.com/articles/11258). Since this is an on-premises product, patching is required by the user or administrator. Patch status is confirmed as available via the vendor advisory.
Technical Details
- Gcve Source
- db.gcve.eu
- Csaf Category
- csaf_security_advisory
- Csaf Version
- 2.0
- Publisher
- Red Hat Product Security
- Advisory Id
- RHSA-2026:3839
- Cve Count
- 3
- Additional Cves
- ["CVE-2025-61729","CVE-2025-68121"]
- Cvss Version
- null
Threat ID: 6a160968e29bf47b5062e424
Added to database: 5/26/2026, 8:58:16 PM
Last enriched: 5/26/2026, 9:39:57 PM
Last updated: 5/27/2026, 4:56:42 AM
Views: 2
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.