This advisory covers security updates in Red Hat OpenShift Container Platform 4.15.48 that fix three vulnerabilities: CVE-2024-53197 addresses potential out-of-bound memory accesses in the kernel ALSA usb-audio driver for Extigy and Mbox devices; CVE-2024-56171 is a use-after-free vulnerability in libxml2; and CVE-2025-24928 is a stack-based buffer overflow in libxml2's xmlSnprintfElements function. The update includes new container images and RPM packages. Red Hat recommends all OpenShift Container Platform 4.15 users upgrade to these updated versions to mitigate these issues. The advisory does not provide CVSS scores but rates the update as important. No known exploits in the wild have been reported. The update applies to multiple architectures including x86_64, s390x, ppc64le, and aarch64.

The vulnerabilities fixed in this update could potentially allow memory corruption issues such as out-of-bound accesses, use-after-free, and buffer overflow, which may lead to application crashes or other unintended behavior. Red Hat rates the security impact as important. No known active exploitation has been reported. The issues affect core components used in OpenShift Container Platform 4.15 deployments, potentially impacting system stability and security if left unpatched.

Red Hat has released updated container images and RPM packages for OpenShift Container Platform 4.15.48 that address these vulnerabilities. Users should upgrade to these updated packages and images as soon as they become available in their release channels. Upgrades can be performed using the OpenShift CLI (oc) or web console. Detailed upgrade instructions are provided by Red Hat at https://docs.redhat.com/en/documentation/openshift_container_platform/4.15/html-single/updating_clusters/index#updating-cluster-cli. Since this is an official security update, applying the vendor-provided fix fully mitigates the vulnerabilities.