Red Hat Security Advisory: OpenShift Container Platform 4.12.84 packages and security update
Red Hat OpenShift Container Platform 4. 12. 84 includes updates addressing three security vulnerabilities related to container escape issues in the runc component. These vulnerabilities involve mount race conditions, malicious configuration exploitation, and arbitrary write gadgets leading to container escape and denial of service. The vendor rates the security impact of these issues as low despite the high severity classification in the advisory metadata. No known exploits are reported in the wild. Users of OpenShift Container Platform 4. 12 are advised to upgrade to the updated packages and images when available through official release channels.
AI Analysis
Technical Summary
This advisory covers security updates for Red Hat OpenShift Container Platform 4.12.84 that fix three vulnerabilities (CVE-2025-31133, CVE-2025-52565, CVE-2025-52881) in the runc container runtime. The issues include container escape via mount race conditions, exploitation of /dev/console mounts with malicious configurations, and arbitrary write operations leading to container escape and denial of service. The update includes RPM packages and container images to remediate these issues. The vendor rates the security impact as low and no CVSS scores are provided in the advisory. Users should upgrade using the OpenShift CLI or web console following official upgrade instructions.
Potential Impact
The vulnerabilities allow potential container escape and denial of service due to race conditions and malicious configurations in the runc runtime. While the advisory metadata classifies the severity as high, Red Hat Product Security rates the security impact as low. There are no known exploits in the wild at this time. Successful exploitation could affect container isolation integrity within OpenShift Container Platform 4.12 deployments.
Mitigation Recommendations
Red Hat has released updated RPM packages and container images for OpenShift Container Platform 4.12.84 that address these vulnerabilities. Users are advised to upgrade to these updated packages and images as soon as they are available in the appropriate release channels. Upgrades can be performed using the OpenShift CLI (oc) or web console following the official cluster upgrade documentation. Patch status is confirmed by the vendor advisory, and applying these updates fully mitigates the vulnerabilities.
Red Hat Security Advisory: OpenShift Container Platform 4.12.84 packages and security update
Description
Red Hat OpenShift Container Platform 4. 12. 84 includes updates addressing three security vulnerabilities related to container escape issues in the runc component. These vulnerabilities involve mount race conditions, malicious configuration exploitation, and arbitrary write gadgets leading to container escape and denial of service. The vendor rates the security impact of these issues as low despite the high severity classification in the advisory metadata. No known exploits are reported in the wild. Users of OpenShift Container Platform 4. 12 are advised to upgrade to the updated packages and images when available through official release channels.
Weaknesses
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This advisory covers security updates for Red Hat OpenShift Container Platform 4.12.84 that fix three vulnerabilities (CVE-2025-31133, CVE-2025-52565, CVE-2025-52881) in the runc container runtime. The issues include container escape via mount race conditions, exploitation of /dev/console mounts with malicious configurations, and arbitrary write operations leading to container escape and denial of service. The update includes RPM packages and container images to remediate these issues. The vendor rates the security impact as low and no CVSS scores are provided in the advisory. Users should upgrade using the OpenShift CLI or web console following official upgrade instructions.
Potential Impact
The vulnerabilities allow potential container escape and denial of service due to race conditions and malicious configurations in the runc runtime. While the advisory metadata classifies the severity as high, Red Hat Product Security rates the security impact as low. There are no known exploits in the wild at this time. Successful exploitation could affect container isolation integrity within OpenShift Container Platform 4.12 deployments.
Mitigation Recommendations
Red Hat has released updated RPM packages and container images for OpenShift Container Platform 4.12.84 that address these vulnerabilities. Users are advised to upgrade to these updated packages and images as soon as they are available in the appropriate release channels. Upgrades can be performed using the OpenShift CLI (oc) or web console following the official cluster upgrade documentation. Patch status is confirmed by the vendor advisory, and applying these updates fully mitigates the vulnerabilities.
Technical Details
- Gcve Source
- db.gcve.eu
- Csaf Category
- csaf_security_advisory
- Csaf Version
- 2.0
- Publisher
- Red Hat Product Security
- Advisory Id
- RHSA-2026:0315
- Cve Count
- 3
- Additional Cves
- ["CVE-2025-52565","CVE-2025-52881"]
- Cvss Version
- null
Threat ID: 6a160970e29bf47b50637ca3
Added to database: 5/26/2026, 8:58:24 PM
Last enriched: 5/27/2026, 12:50:39 AM
Last updated: 5/27/2026, 4:48:15 AM
Views: 2
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.