Red Hat Security Advisory: lasso security update
A critical security vulnerability (CVE-2025-47151) affecting the lasso library used in Red Hat Enterprise Linux 8 has been addressed. The vulnerability is a type confusion issue in Entr'ouvert Lasso, which implements Liberty Alliance Single Sign-On standards including SAML and SAML2. Red Hat has released updated packages to fix this issue for multiple architectures and variants of Red Hat Enterprise Linux 8. The advisory provides detailed package updates and instructions for remediation.
AI Analysis
Technical Summary
The lasso library, which supports Liberty Alliance Single Sign-On standards such as SAML and SAML2, contains a type confusion vulnerability identified as CVE-2025-47151. This vulnerability could potentially impact the handling of SAML-based federations. Red Hat Product Security has rated this vulnerability as critical and has issued updated lasso packages for Red Hat Enterprise Linux 8 across various architectures. The advisory references a security update (RHSA-2025:21628) that addresses this issue by patching the affected packages.
Potential Impact
The vulnerability involves type confusion in the lasso library, which could lead to unexpected behavior or security issues in applications relying on SAML-based single sign-on functionality. The exact impact details and exploitation scenarios are not provided in the advisory. The issue is rated critical by Red Hat, indicating a significant security risk if unpatched.
Mitigation Recommendations
Red Hat has released updated lasso packages for Red Hat Enterprise Linux 8 that fix this vulnerability. Users should apply the security update RHSA-2025:21628 as detailed in the Red Hat advisory and article https://access.redhat.com/articles/11258. The update is available for multiple architectures including x86_64, s390x, ppc64le, and aarch64. Applying these official patches is the recommended remediation. No indication of alternative mitigations or workarounds is provided.
Red Hat Security Advisory: lasso security update
Description
A critical security vulnerability (CVE-2025-47151) affecting the lasso library used in Red Hat Enterprise Linux 8 has been addressed. The vulnerability is a type confusion issue in Entr'ouvert Lasso, which implements Liberty Alliance Single Sign-On standards including SAML and SAML2. Red Hat has released updated packages to fix this issue for multiple architectures and variants of Red Hat Enterprise Linux 8. The advisory provides detailed package updates and instructions for remediation.
Affected software
Weaknesses
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The lasso library, which supports Liberty Alliance Single Sign-On standards such as SAML and SAML2, contains a type confusion vulnerability identified as CVE-2025-47151. This vulnerability could potentially impact the handling of SAML-based federations. Red Hat Product Security has rated this vulnerability as critical and has issued updated lasso packages for Red Hat Enterprise Linux 8 across various architectures. The advisory references a security update (RHSA-2025:21628) that addresses this issue by patching the affected packages.
Potential Impact
The vulnerability involves type confusion in the lasso library, which could lead to unexpected behavior or security issues in applications relying on SAML-based single sign-on functionality. The exact impact details and exploitation scenarios are not provided in the advisory. The issue is rated critical by Red Hat, indicating a significant security risk if unpatched.
Mitigation Recommendations
Red Hat has released updated lasso packages for Red Hat Enterprise Linux 8 that fix this vulnerability. Users should apply the security update RHSA-2025:21628 as detailed in the Red Hat advisory and article https://access.redhat.com/articles/11258. The update is available for multiple architectures including x86_64, s390x, ppc64le, and aarch64. Applying these official patches is the recommended remediation. No indication of alternative mitigations or workarounds is provided.
Technical Details
- Gcve Source
- db.gcve.eu
- Csaf Category
- csaf_security_advisory
- Csaf Version
- 2.0
- Publisher
- Red Hat Product Security
- Advisory Id
- RHSA-2025:21628
- Cve Count
- 1
- Additional Cves
- []
- Cvss Version
- null
Threat ID: 6a3da1dc4853345fc1829a1f
Added to database: 06/25/2026, 21:47:08 UTC
Last enriched: 06/25/2026, 22:21:45 UTC
Last updated: 06/25/2026, 22:21:45 UTC
Views: 3
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.