This advisory covers a security update for Red Hat OpenShift Data Foundation version 4.20.9 that addresses five vulnerabilities: CVE-2024-5042, CVE-2025-22870, CVE-2025-47913, CVE-2025-47914, and CVE-2025-58181. The vulnerabilities relate to issues categorized under CWE-250 (Execution with Unnecessary Privileges), CWE-20 (Improper Input Validation), CWE-125 (Out-of-bounds Read), and CWE-770 (Allocation of Resources Without Limits or Throttling). The update includes security fixes, enhancements, and bug fixes but does not specify individual vulnerability details or CVSS metrics. The vendor advisory (RHSA-2026:6503) recommends applying this update after prior errata are installed.

The vulnerabilities addressed are considered high severity by Red Hat, indicating significant potential impact if exploited. However, no known exploits in the wild have been reported. The affected product is Red Hat OpenShift Data Foundation 4.20.9 and related components. The impact includes potential risks associated with privilege misuse, improper input validation, out-of-bounds memory access, and resource allocation issues, which could affect system stability or security if left unpatched.

Red Hat has released the OpenShift Data Foundation 4.20.9 update containing security fixes for the identified vulnerabilities. Users should apply this update promptly after ensuring all previously released relevant errata have been applied. Detailed update instructions are available in Red Hat's official documentation. No indication is given that the vulnerabilities are already mitigated or require no action; therefore, applying the update is the recommended remediation. Since this is not a cloud service, remediation is managed by the user applying the update.