This advisory covers security fixes in Red Hat OpenShift Container Platform 4.19.9 for two Git-related vulnerabilities: CVE-2025-48384 (arbitrary code execution) and CVE-2025-48385 (arbitrary file writes). These vulnerabilities affect the Git component used within OpenShift, potentially allowing malicious code execution or unauthorized file modifications. The update includes new container images and RPM packages that address these issues. Red Hat recommends all users running OpenShift Container Platform 4.19 to upgrade to these updated packages and images available through their release channels. The advisory references detailed upgrade documentation and image digests for multiple architectures. The severity is rated as Important by Red Hat, and no CVSS score is provided.

Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary code or write files within the OpenShift Container Platform environment via Git operations. This could lead to unauthorized actions or compromise of the platform. However, no known exploits in the wild have been reported. The update mitigates these risks by fixing the underlying Git vulnerabilities.

Red Hat has released updated container images and RPM packages for OpenShift Container Platform 4.19.9 that fix these vulnerabilities. Users should upgrade to these updated versions as soon as they are available in their release channels. Upgrades can be performed using the OpenShift CLI (oc) or the web console. Detailed upgrade instructions are provided by Red Hat at https://docs.redhat.com/en/documentation/openshift_container_platform/4.19/html-single/updating_clusters/index#updating-cluster-cli. Since this is an official fix, applying the update fully mitigates the vulnerabilities.