Red Hat Security Advisory: Red Hat OpenShift distributed tracing platform (Jaeger) 3.5.2 release
Red Hat OpenShift distributed tracing platform (Jaeger) version 3. 5. 2 includes security improvements addressing three vulnerabilities identified as CVE-2025-7425, CVE-2025-8058, and CVE-2025-32415. The update does not introduce breaking changes, deprecations, or new features. These vulnerabilities relate to issues categorized under CWE-416 (Use After Free), CWE-415 (Double Free), and CWE-125 (Out-of-bounds Read). No known exploits are reported in the wild. The advisory provides guidance to update to version 3. 5. 2 to mitigate these issues. Patch status is confirmed as fixed in this release.
AI Analysis
Technical Summary
This security advisory from Red Hat Product Security announces the release of Red Hat OpenShift distributed tracing platform (Jaeger) 3.5.2, which addresses three security vulnerabilities: CVE-2025-7425, CVE-2025-8058, and CVE-2025-32415. These vulnerabilities involve memory management errors such as use-after-free, double free, and out-of-bounds read conditions (CWE-416, CWE-415, CWE-125). The update provides security improvements without introducing breaking changes or new features. The vendor advisory confirms that upgrading to version 3.5.2 resolves these issues. No exploits are currently known in the wild, and the affected product versions include Red Hat OpenShift distributed tracing 3.5.1 and related container images. The advisory includes detailed references and instructions for applying the update.
Potential Impact
The vulnerabilities fixed in this release could potentially allow attackers to exploit memory corruption issues, which may lead to application crashes or other unintended behavior. However, no known exploits have been reported in the wild. The impact is rated as high severity by the vendor, reflecting the potential risk if these vulnerabilities were exploited.
Mitigation Recommendations
Red Hat has released version 3.5.2 of the OpenShift distributed tracing platform (Jaeger) which includes fixes for the identified vulnerabilities. Users should upgrade to this version following Red Hat's documented procedures for updating OpenShift operators. Since this is an official fix, applying the update fully mitigates the security issues. No additional mitigations are specified or required beyond applying the update.
Red Hat Security Advisory: Red Hat OpenShift distributed tracing platform (Jaeger) 3.5.2 release
Description
Red Hat OpenShift distributed tracing platform (Jaeger) version 3. 5. 2 includes security improvements addressing three vulnerabilities identified as CVE-2025-7425, CVE-2025-8058, and CVE-2025-32415. The update does not introduce breaking changes, deprecations, or new features. These vulnerabilities relate to issues categorized under CWE-416 (Use After Free), CWE-415 (Double Free), and CWE-125 (Out-of-bounds Read). No known exploits are reported in the wild. The advisory provides guidance to update to version 3. 5. 2 to mitigate these issues. Patch status is confirmed as fixed in this release.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This security advisory from Red Hat Product Security announces the release of Red Hat OpenShift distributed tracing platform (Jaeger) 3.5.2, which addresses three security vulnerabilities: CVE-2025-7425, CVE-2025-8058, and CVE-2025-32415. These vulnerabilities involve memory management errors such as use-after-free, double free, and out-of-bounds read conditions (CWE-416, CWE-415, CWE-125). The update provides security improvements without introducing breaking changes or new features. The vendor advisory confirms that upgrading to version 3.5.2 resolves these issues. No exploits are currently known in the wild, and the affected product versions include Red Hat OpenShift distributed tracing 3.5.1 and related container images. The advisory includes detailed references and instructions for applying the update.
Potential Impact
The vulnerabilities fixed in this release could potentially allow attackers to exploit memory corruption issues, which may lead to application crashes or other unintended behavior. However, no known exploits have been reported in the wild. The impact is rated as high severity by the vendor, reflecting the potential risk if these vulnerabilities were exploited.
Mitigation Recommendations
Red Hat has released version 3.5.2 of the OpenShift distributed tracing platform (Jaeger) which includes fixes for the identified vulnerabilities. Users should upgrade to this version following Red Hat's documented procedures for updating OpenShift operators. Since this is an official fix, applying the update fully mitigates the security issues. No additional mitigations are specified or required beyond applying the update.
Technical Details
- Gcve Source
- db.gcve.eu
- Csaf Category
- csaf_security_advisory
- Csaf Version
- 2.0
- Publisher
- Red Hat Product Security
- Advisory Id
- RHSA-2025:13622
- Cve Count
- 3
- Additional Cves
- ["CVE-2025-8058","CVE-2025-32415"]
- Cvss Version
- null
Threat ID: 6a1f4e87e29bf47b5008038c
Added to database: 6/2/2026, 9:43:35 PM
Last enriched: 6/2/2026, 10:05:06 PM
Last updated: 6/3/2026, 5:06:36 AM
Views: 2
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.