Red Hat issued a security advisory (RHSA-2026:7385) for Red Hat Hardened Images RPMs that includes fixes and enhancements addressing a collection of 37 CVEs, including CVE-2025-22873. The vulnerabilities span multiple categories such as CWE-22 (Path Traversal), CWE-400 (Resource Exhaustion), CWE-476 (NULL Pointer Dereference), and others. The advisory references an update available for the affected RPM packages on Red Hat Hardened Images, including specific architectures like aarch64. While no explicit patch links are provided in the input, the vendor advisory directs users to Red Hat's image update site for applying the update. No active exploitation has been reported.

The vulnerabilities addressed are of high severity and cover a wide range of potential security issues that could affect the integrity, availability, or security posture of systems running Red Hat Hardened Images RPMs. The exact impact depends on the specific CVE and underlying weakness but collectively represent significant risk if unpatched. No known exploits in the wild have been reported, reducing immediate risk but underscoring the importance of applying the update.

Red Hat has released an update for the Red Hat Hardened Images RPMs that includes fixes for the identified vulnerabilities. Users should apply the update as detailed in the official advisory at https://images.redhat.com/. Since this is an official vendor update, applying it is the recommended remediation. Patch status is effectively confirmed by the availability of this update. No additional mitigation steps are indicated by the vendor advisory.