This security advisory from Red Hat Product Security covers multiple vulnerabilities affecting Red Hat Ceph Storage container images. The affected images are based on ubi9 and Ceph 8.1. The advisory references three CVEs (CVE-2025-4598, CVE-2025-9714, CVE-2025-59375) associated with CWEs 364 (Race Condition), 606 (Unchecked Input for Loop Condition), and 770 (Allocation of Resources Without Limits or Throttling). The update involves new container images that incorporate fixes for these vulnerabilities. The vendor provides updated container images for various architectures (amd64, arm64, s390x, ppc64le) available from the Red Hat container registry. No CVSS score is provided, but the vendor rates the severity as high.

The vulnerabilities addressed in this advisory are rated high severity by Red Hat. They involve issues such as race conditions, unchecked input for loop conditions, and resource allocation without limits, which could potentially lead to denial of service or other impacts if exploited. However, there are no known exploits in the wild at the time of the advisory. The impact is limited to affected versions of Red Hat Ceph Storage container images prior to the update.

Red Hat has released updated container images that fix the vulnerabilities. Users should download and deploy the updated images from the Red Hat container registry using the "podman pull" command as specified in the advisory. Since this is not a cloud service, remediation is the responsibility of the user deploying these containers. Patch status is confirmed by the vendor advisory, indicating an official fix is available.