Red Hat Security Advisory: OpenShift Security Profiles Operator bug fix and enhancement update
Red Hat has released Security Profiles Operator version 0. 10. 0 for OpenShift, addressing multiple bugs and adding enhancements. This update fixes issues that caused pods to fail starting or running due to permission and mount errors. The advisory references two CVEs (CVE-2025-66506 and CVE-2025-66564) related to these bugs. No known exploits are reported in the wild. The update is classified as a high severity security advisory by Red Hat. Users should apply this update after ensuring all prior relevant errata are installed.
AI Analysis
Technical Summary
The OpenShift Security Profiles Operator v0.10.0 update resolves several bugs impacting pod startup and operation, including failures caused by permission errors and invalid arguments related to SELinux profile recording. The update addresses CVE-2025-66506 and CVE-2025-66564, which are linked to these operational issues. The advisory does not provide a CVSS score but classifies the issues as high severity. No known active exploitation has been reported. The update is available for Red Hat OpenShift Enterprise 4 and related components.
Potential Impact
The vulnerabilities cause operational failures in OpenShift Security Profiles Operator pods, potentially disrupting workload creation and pod startup due to permission and mount context errors. While no active exploitation is known, these issues could impact the security profile enforcement and stability of OpenShift clusters, potentially affecting compliance and security posture.
Mitigation Recommendations
An updated OpenShift Security Profiles Operator image (v0.10.0) is available that fixes the identified bugs and enhances functionality. Red Hat recommends applying this update after ensuring all previously released relevant errata are installed. Detailed update instructions are available in the Red Hat OpenShift documentation. No additional mitigation steps are indicated by the vendor.
Red Hat Security Advisory: OpenShift Security Profiles Operator bug fix and enhancement update
Description
Red Hat has released Security Profiles Operator version 0. 10. 0 for OpenShift, addressing multiple bugs and adding enhancements. This update fixes issues that caused pods to fail starting or running due to permission and mount errors. The advisory references two CVEs (CVE-2025-66506 and CVE-2025-66564) related to these bugs. No known exploits are reported in the wild. The update is classified as a high severity security advisory by Red Hat. Users should apply this update after ensuring all prior relevant errata are installed.
Weaknesses
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The OpenShift Security Profiles Operator v0.10.0 update resolves several bugs impacting pod startup and operation, including failures caused by permission errors and invalid arguments related to SELinux profile recording. The update addresses CVE-2025-66506 and CVE-2025-66564, which are linked to these operational issues. The advisory does not provide a CVSS score but classifies the issues as high severity. No known active exploitation has been reported. The update is available for Red Hat OpenShift Enterprise 4 and related components.
Potential Impact
The vulnerabilities cause operational failures in OpenShift Security Profiles Operator pods, potentially disrupting workload creation and pod startup due to permission and mount context errors. While no active exploitation is known, these issues could impact the security profile enforcement and stability of OpenShift clusters, potentially affecting compliance and security posture.
Mitigation Recommendations
An updated OpenShift Security Profiles Operator image (v0.10.0) is available that fixes the identified bugs and enhances functionality. Red Hat recommends applying this update after ensuring all previously released relevant errata are installed. Detailed update instructions are available in the Red Hat OpenShift documentation. No additional mitigation steps are indicated by the vendor.
Technical Details
- Gcve Source
- db.gcve.eu
- Csaf Category
- csaf_security_advisory
- Csaf Version
- 2.0
- Publisher
- Red Hat Product Security
- Advisory Id
- RHSA-2026:2852
- Cve Count
- 2
- Additional Cves
- ["CVE-2025-66564"]
- Cvss Version
- null
Threat ID: 6a16096fe29bf47b50636fd0
Added to database: 5/26/2026, 8:58:23 PM
Last enriched: 5/27/2026, 1:03:55 AM
Last updated: 5/27/2026, 4:49:19 AM
Views: 2
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.