Red Hat Security Advisory: OpenShift Container Platform 4.17.50 packages and security update
Red Hat OpenShift Container Platform 4. 17. 50 includes security updates addressing two vulnerabilities: CVE-2025-52881 in runc related to container escape and denial of service via arbitrary write gadgets and procfs write redirects, and CVE-2025-61726 in golang's net/url package causing memory exhaustion during query parameter parsing. These issues affect on-premise or private cloud deployments of OpenShift Container Platform 4. 17. Users are advised to upgrade to the updated packages and container images provided in this release to mitigate these vulnerabilities.
AI Analysis
Technical Summary
This advisory covers security fixes in Red Hat OpenShift Container Platform 4.17.50 addressing two vulnerabilities. CVE-2025-52881 involves runc's opencontainers/selinux component, where arbitrary write gadgets and procfs write redirects can lead to container escape and denial of service. CVE-2025-61726 is a memory exhaustion vulnerability in the golang net/url package during query parameter parsing. The update includes RPM packages and container images to remediate these issues. The vendor rates the update as important and recommends upgrading via the OpenShift CLI or web console following official upgrade documentation.
Potential Impact
The vulnerabilities could allow an attacker to escape container isolation and cause denial of service (CVE-2025-52881) or trigger memory exhaustion in URL parsing (CVE-2025-61726). These impacts affect the security and stability of OpenShift Container Platform 4.17 deployments. No known exploits in the wild have been reported. The vendor classifies the security impact as important, indicating a high severity but not critical.
Mitigation Recommendations
Red Hat has released updated packages and container images in OpenShift Container Platform 4.17.50 that fix these vulnerabilities. Users should upgrade to these updated packages and images as soon as they are available in their release channel. Upgrades can be performed using the OpenShift CLI (oc) or web console following the official Red Hat upgrade documentation. No additional mitigation steps are indicated by the vendor beyond applying these updates.
Red Hat Security Advisory: OpenShift Container Platform 4.17.50 packages and security update
Description
Red Hat OpenShift Container Platform 4. 17. 50 includes security updates addressing two vulnerabilities: CVE-2025-52881 in runc related to container escape and denial of service via arbitrary write gadgets and procfs write redirects, and CVE-2025-61726 in golang's net/url package causing memory exhaustion during query parameter parsing. These issues affect on-premise or private cloud deployments of OpenShift Container Platform 4. 17. Users are advised to upgrade to the updated packages and container images provided in this release to mitigate these vulnerabilities.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This advisory covers security fixes in Red Hat OpenShift Container Platform 4.17.50 addressing two vulnerabilities. CVE-2025-52881 involves runc's opencontainers/selinux component, where arbitrary write gadgets and procfs write redirects can lead to container escape and denial of service. CVE-2025-61726 is a memory exhaustion vulnerability in the golang net/url package during query parameter parsing. The update includes RPM packages and container images to remediate these issues. The vendor rates the update as important and recommends upgrading via the OpenShift CLI or web console following official upgrade documentation.
Potential Impact
The vulnerabilities could allow an attacker to escape container isolation and cause denial of service (CVE-2025-52881) or trigger memory exhaustion in URL parsing (CVE-2025-61726). These impacts affect the security and stability of OpenShift Container Platform 4.17 deployments. No known exploits in the wild have been reported. The vendor classifies the security impact as important, indicating a high severity but not critical.
Mitigation Recommendations
Red Hat has released updated packages and container images in OpenShift Container Platform 4.17.50 that fix these vulnerabilities. Users should upgrade to these updated packages and images as soon as they are available in their release channel. Upgrades can be performed using the OpenShift CLI (oc) or web console following the official Red Hat upgrade documentation. No additional mitigation steps are indicated by the vendor beyond applying these updates.
Technical Details
- Gcve Source
- db.gcve.eu
- Csaf Category
- csaf_security_advisory
- Csaf Version
- 2.0
- Publisher
- Red Hat Product Security
- Advisory Id
- RHSA-2026:3416
- Cve Count
- 2
- Additional Cves
- ["CVE-2025-61726"]
- Cvss Version
- null
Threat ID: 6a16096ae29bf47b50630c03
Added to database: 5/26/2026, 8:58:18 PM
Last enriched: 5/26/2026, 9:43:28 PM
Last updated: 5/27/2026, 5:04:05 AM
Views: 2
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.