This advisory covers Red Hat OpenShift Container Platform 4.18.27, which addresses six security vulnerabilities across multiple components. The issues include a double free vulnerability in libarchive, cache poisoning in unbound DNS resolver, integer truncation in SQLite, a potential host file overwrite via podman kube play command, and two denial of service vulnerabilities in libxml caused by heap use after free and type confusion. The update is distributed as container images and RPM packages, with instructions for upgrading clusters via OpenShift CLI or web console. The vendor classifies the update as having an Important security impact and strongly recommends applying the fixes to affected OpenShift Container Platform 4.18 deployments.

The vulnerabilities fixed in this release could lead to memory corruption (double free), cache poisoning, integer truncation errors, potential overwriting of host files, and denial of service conditions. These issues may impact the stability and security of OpenShift Container Platform environments, potentially allowing attackers to disrupt services or corrupt data. However, no known exploits in the wild have been reported at this time. The overall security impact is rated Important by Red Hat.

Red Hat has released updated container images and RPM packages for OpenShift Container Platform 4.18.27 that address these vulnerabilities. All users of OpenShift Container Platform 4.18 are advised to upgrade to these updated packages and images as soon as they are available in their respective release channels. Upgrades can be performed using the OpenShift CLI (oc) or the web console. Detailed upgrade instructions are available in the official Red Hat documentation. Since this is an on-premise/private cloud deployment product, remediation is managed by the user applying the vendor-provided updates.