Red Hat Security Advisory: OpenShift Container Platform 4.16.40 bug fix and security update
Red Hat OpenShift Container Platform 4. 16. 40 includes important security updates addressing use-after-free vulnerabilities in the libxslt library (CVE-2024-55549 and CVE-2025-24855). These vulnerabilities relate to memory management issues in libxslt functions xsltGetInheritedNsList and numbers. c. The update is recommended for all OpenShift Container Platform 4. 16 users to mitigate potential security risks. Instructions and updated container images are available through Red Hat's official release channels and documentation.
AI Analysis
Technical Summary
This advisory covers security fixes in Red Hat OpenShift Container Platform 4.16.40, specifically addressing use-after-free vulnerabilities in the libxslt library. The vulnerabilities (CVE-2024-55549 and CVE-2025-24855) involve improper memory handling in libxslt functions xsltGetInheritedNsList and numbers.c, which could lead to security issues. The update includes new container images and RPM packages to remediate these flaws. Users of OpenShift Container Platform 4.16 are advised to upgrade using the OpenShift CLI or web console following Red Hat's upgrade documentation.
Potential Impact
The vulnerabilities involve use-after-free conditions in libxslt, which can lead to memory corruption and potentially allow attackers to cause application crashes or execute arbitrary code. Red Hat rates the security impact as important, indicating a high severity level. There are no known exploits in the wild at this time. The vulnerabilities affect multiple architectures supported by OpenShift Container Platform 4.16.
Mitigation Recommendations
Red Hat has released updated container images and RPM packages as part of OpenShift Container Platform 4.16.40 to fix these vulnerabilities. All users of OpenShift Container Platform 4.16 should upgrade to these updated packages and images as soon as they are available in the appropriate release channel. Upgrades can be performed using the OpenShift CLI (oc) or the web console. Detailed upgrade instructions are provided in Red Hat's official documentation. Patch status is confirmed as available and remediation is official.
Red Hat Security Advisory: OpenShift Container Platform 4.16.40 bug fix and security update
Description
Red Hat OpenShift Container Platform 4. 16. 40 includes important security updates addressing use-after-free vulnerabilities in the libxslt library (CVE-2024-55549 and CVE-2025-24855). These vulnerabilities relate to memory management issues in libxslt functions xsltGetInheritedNsList and numbers. c. The update is recommended for all OpenShift Container Platform 4. 16 users to mitigate potential security risks. Instructions and updated container images are available through Red Hat's official release channels and documentation.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This advisory covers security fixes in Red Hat OpenShift Container Platform 4.16.40, specifically addressing use-after-free vulnerabilities in the libxslt library. The vulnerabilities (CVE-2024-55549 and CVE-2025-24855) involve improper memory handling in libxslt functions xsltGetInheritedNsList and numbers.c, which could lead to security issues. The update includes new container images and RPM packages to remediate these flaws. Users of OpenShift Container Platform 4.16 are advised to upgrade using the OpenShift CLI or web console following Red Hat's upgrade documentation.
Potential Impact
The vulnerabilities involve use-after-free conditions in libxslt, which can lead to memory corruption and potentially allow attackers to cause application crashes or execute arbitrary code. Red Hat rates the security impact as important, indicating a high severity level. There are no known exploits in the wild at this time. The vulnerabilities affect multiple architectures supported by OpenShift Container Platform 4.16.
Mitigation Recommendations
Red Hat has released updated container images and RPM packages as part of OpenShift Container Platform 4.16.40 to fix these vulnerabilities. All users of OpenShift Container Platform 4.16 should upgrade to these updated packages and images as soon as they are available in the appropriate release channel. Upgrades can be performed using the OpenShift CLI (oc) or the web console. Detailed upgrade instructions are provided in Red Hat's official documentation. Patch status is confirmed as available and remediation is official.
Technical Details
- Gcve Source
- db.gcve.eu
- Csaf Category
- csaf_security_advisory
- Csaf Version
- 2.0
- Publisher
- Red Hat Product Security
- Advisory Id
- RHSA-2025:4731
- Cve Count
- 3
- Additional Cves
- ["CVE-2025-22869","CVE-2025-24855"]
- Cvss Version
- null
Threat ID: 6a160972e29bf47b5063a3c9
Added to database: 5/26/2026, 8:58:26 PM
Last enriched: 5/27/2026, 12:36:08 AM
Last updated: 5/27/2026, 4:48:07 AM
Views: 2
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.