Red Hat Security Advisory: OpenShift Container Platform 4.14.63 packages and security update
Red Hat OpenShift Container Platform 4. 14. 63 includes a security update addressing a vulnerability in the golang archive/tar package (CVE-2025-58183) involving unbounded memory allocation when parsing GNU sparse maps. This issue could potentially lead to resource exhaustion. The update is rated as having moderate security impact. Users of OpenShift Container Platform 4. 14 are advised to upgrade to the updated packages and container images when available through official release channels. Detailed upgrade instructions are provided by Red Hat. No known exploits are reported in the wild at this time.
AI Analysis
Technical Summary
This advisory addresses a vulnerability (CVE-2025-58183) in the golang archive/tar package used within Red Hat OpenShift Container Platform 4.14. The flaw involves unbounded memory allocation when parsing GNU sparse map files, which could lead to excessive resource consumption. The update is included in OpenShift Container Platform 4.14.63 RPM packages and container images. Red Hat has rated the security impact as moderate and recommends upgrading to these updated packages. The advisory provides links to official errata and upgrade documentation for cluster administrators.
Potential Impact
The vulnerability allows unbounded memory allocation during the parsing of GNU sparse maps in the golang archive/tar package, potentially causing resource exhaustion. This could affect the stability or availability of affected OpenShift Container Platform deployments. No evidence of active exploitation is reported. The impact is rated moderate by Red Hat Product Security.
Mitigation Recommendations
A security update is available in Red Hat OpenShift Container Platform 4.14.63 packages and container images. Users should upgrade their OpenShift clusters to these updated versions via the OpenShift CLI or web console following Red Hat's official upgrade documentation. No additional mitigations are specified or required beyond applying the update.
Red Hat Security Advisory: OpenShift Container Platform 4.14.63 packages and security update
Description
Red Hat OpenShift Container Platform 4. 14. 63 includes a security update addressing a vulnerability in the golang archive/tar package (CVE-2025-58183) involving unbounded memory allocation when parsing GNU sparse maps. This issue could potentially lead to resource exhaustion. The update is rated as having moderate security impact. Users of OpenShift Container Platform 4. 14 are advised to upgrade to the updated packages and container images when available through official release channels. Detailed upgrade instructions are provided by Red Hat. No known exploits are reported in the wild at this time.
Weaknesses
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This advisory addresses a vulnerability (CVE-2025-58183) in the golang archive/tar package used within Red Hat OpenShift Container Platform 4.14. The flaw involves unbounded memory allocation when parsing GNU sparse map files, which could lead to excessive resource consumption. The update is included in OpenShift Container Platform 4.14.63 RPM packages and container images. Red Hat has rated the security impact as moderate and recommends upgrading to these updated packages. The advisory provides links to official errata and upgrade documentation for cluster administrators.
Potential Impact
The vulnerability allows unbounded memory allocation during the parsing of GNU sparse maps in the golang archive/tar package, potentially causing resource exhaustion. This could affect the stability or availability of affected OpenShift Container Platform deployments. No evidence of active exploitation is reported. The impact is rated moderate by Red Hat Product Security.
Mitigation Recommendations
A security update is available in Red Hat OpenShift Container Platform 4.14.63 packages and container images. Users should upgrade their OpenShift clusters to these updated versions via the OpenShift CLI or web console following Red Hat's official upgrade documentation. No additional mitigations are specified or required beyond applying the update.
Technical Details
- Gcve Source
- db.gcve.eu
- Csaf Category
- csaf_security_advisory
- Csaf Version
- 2.0
- Publisher
- Red Hat Product Security
- Advisory Id
- RHSA-2026:5086
- Cve Count
- 1
- Additional Cves
- []
- Cvss Version
- null
Threat ID: 6a160976e29bf47b506411aa
Added to database: 5/26/2026, 8:58:30 PM
Last enriched: 5/26/2026, 10:11:26 PM
Last updated: 5/27/2026, 4:52:56 AM
Views: 2
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.