This advisory covers security fixes in Red Hat OpenShift Container Platform 4.15.58 for two out-of-bounds read vulnerabilities in libxml2: CVE-2025-32414 and CVE-2025-32415. Both issues involve improper memory access in libxml2 components, specifically including xmlSchemaIDCFillNodeTables. The update addresses these bugs by providing patched container images and RPM packages. The advisory applies to multiple architectures including x86_64, s390x, ppc64le, and aarch64. Red Hat rates the security impact as moderate and recommends upgrading to the fixed versions using the OpenShift CLI or web console. The vendor advisory does not provide a CVSS score but confirms the moderate severity and absence of known exploits.

The vulnerabilities involve out-of-bounds reads in the libxml2 library used within OpenShift Container Platform, which could lead to memory corruption or information disclosure under certain conditions. The security impact is rated moderate by Red Hat Product Security. There are no reports of active exploitation in the wild. The vulnerabilities affect multiple architectures and versions of OpenShift Container Platform 4.15. Users running affected versions are at risk until they apply the updates.

Red Hat has released updated container images and RPM packages for OpenShift Container Platform 4.15.58 that fix these vulnerabilities. Users should upgrade their OpenShift clusters to these updated versions as soon as they become available in their release channels. Upgrades can be performed using the OpenShift CLI (oc) or the web console. Detailed upgrade instructions are available in Red Hat's official documentation. Since this is an official fix, applying the update fully mitigates the vulnerabilities. There are no indications that additional mitigations are required beyond applying the update.