VDB
RHSA-2025%3A0832
RHSA-2025%3A0832
PUBLISHED
CVSS 7.800000190734863 HIGH
A flaw was found in the tempfile.TemporaryDirectory class in python3/cpython3. The class may dereference symbolic links during permission-related errors, resulting in users that run privileged programs being able to modify permissions of files referenced by the symbolic link.
Risk Scores
CVSS 3.1
7.800000190734863
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat | rhcos@sha256:e2715538db20b6d971b16b7c52d2137113aefc4830440cb257e570cc31b4de86_x86_64 as a component of Red Hat OpenShift Container Platform 4.12 | *, *, rhcos@sha256:e2715538db20b6d971b16b7c52d2137113aefc4830440cb257e570cc31b4de86_x86_64 |
| Red Hat | openshift4/oc-mirror-plugin-rhel8@sha256:6b3b209bac78e19a10cae1a695ef9eda467d63267408807d6d17ce29330331e4_amd64 as a component of Red Hat OpenShift Container Platform 4.12 | openshift4/oc-mirror-plugin-rhel8@sha256:6b3b209bac78e19a10cae1a695ef9eda467d63267408807d6d17ce29330331e4_amd64, openshift4/oc-mirror-plugin-rhel8@sha256:6b3b209bac78e19a10cae1a695ef9eda467d63267408807d6d17ce29330331e4_amd64, * |
| Red Hat | openshift4/ose-nutanix-machine-controllers-rhel8@sha256:2c753982551504bf5177f83d537b47a5239a4368f45fe1e025102c23e38681e8_amd64 as a component of Red Hat OpenShift Container Platform 4.12 | openshift4/ose-nutanix-machine-controllers-rhel8@sha256:2c753982551504bf5177f83d537b47a5239a4368f45fe1e025102c23e38681e8_amd64, openshift4/ose-nutanix-machine-controllers-rhel8@sha256:2c753982551504bf5177f83d537b47a5239a4368f45fe1e025102c23e38681e8_amd64, openshift4/ose-nutanix-machine-controllers-rhel8@sha256:2c753982551504bf5177f83d537b47a5239a4368f45fe1e025102c23e38681e8_amd64 |
| Red Hat | openshift4/ose-operator-lifecycle-manager@sha256:2a3c3dbbcdbcb06fcf6cfcfbd7c8814348732171af789a08c56c34df88884b82_amd64 as a component of Red Hat OpenShift Container Platform 4.12 | openshift4/ose-operator-lifecycle-manager@sha256:2a3c3dbbcdbcb06fcf6cfcfbd7c8814348732171af789a08c56c34df88884b82_amd64, *, * |
| Red Hat | openshift4/ose-installer@sha256:88c983b01cff2ee2fb3a9fe2ab3f04b3aad9288734426046f365b9092d302929_amd64 as a component of Red Hat OpenShift Container Platform 4.12 | openshift4/ose-installer@sha256:88c983b01cff2ee2fb3a9fe2ab3f04b3aad9288734426046f365b9092d302929_amd64, openshift4/ose-installer@sha256:88c983b01cff2ee2fb3a9fe2ab3f04b3aad9288734426046f365b9092d302929_amd64, openshift4/ose-installer@sha256:88c983b01cff2ee2fb3a9fe2ab3f04b3aad9288734426046f365b9092d302929_amd64 |
| Red Hat | openshift4/ose-baremetal-machine-controllers@sha256:4dae70d81c731a9fcf182d5319fd43cfcededdbdc7385a18400ca86bc2b7d92f_amd64 as a component of Red Hat OpenShift Container Platform 4.12 | *, *, * |
| Red Hat | openshift4/oc-mirror-plugin-rhel8@sha256:6b3b209bac78e19a10cae1a695ef9eda467d63267408807d6d17ce29330331e4_amd64 as a component of Red Hat OpenShift Container Platform 4.12 | openshift4/oc-mirror-plugin-rhel8@sha256:6b3b209bac78e19a10cae1a695ef9eda467d63267408807d6d17ce29330331e4_amd64, openshift4/oc-mirror-plugin-rhel8@sha256:6b3b209bac78e19a10cae1a695ef9eda467d63267408807d6d17ce29330331e4_amd64, * |
| Red Hat | openshift4/ose-cluster-version-operator@sha256:0107d7cca7e45386e05c715b6c7d23974c69f2132a86cffdbc22f902cff93d4e_amd64 as a component of Red Hat OpenShift Container Platform 4.12 | openshift4/ose-cluster-version-operator@sha256:0107d7cca7e45386e05c715b6c7d23974c69f2132a86cffdbc22f902cff93d4e_amd64, openshift4/ose-cluster-version-operator@sha256:0107d7cca7e45386e05c715b6c7d23974c69f2132a86cffdbc22f902cff93d4e_amd64, openshift4/ose-cluster-version-operator@sha256:0107d7cca7e45386e05c715b6c7d23974c69f2132a86cffdbc22f902cff93d4e_amd64 |
| Red Hat | rhcos@sha256:e2715538db20b6d971b16b7c52d2137113aefc4830440cb257e570cc31b4de86_x86_64 as a component of Red Hat OpenShift Container Platform 4.12 | rhcos@sha256:e2715538db20b6d971b16b7c52d2137113aefc4830440cb257e570cc31b4de86_x86_64, rhcos@sha256:e2715538db20b6d971b16b7c52d2137113aefc4830440cb257e570cc31b4de86_x86_64, rhcos@sha256:e2715538db20b6d971b16b7c52d2137113aefc4830440cb257e570cc31b4de86_x86_64 |
| Red Hat | openshift4/ose-nutanix-machine-controllers-rhel8@sha256:2c753982551504bf5177f83d537b47a5239a4368f45fe1e025102c23e38681e8_amd64 as a component of Red Hat OpenShift Container Platform 4.12 | *, *, * |
| Red Hat | openshift4/ose-docker-builder@sha256:b2c7f40116d217c3b39a38e53988dd72aeb32c7250cd9a8c1125686485ef887c_amd64 as a component of Red Hat OpenShift Container Platform 4.12 | openshift4/ose-docker-builder@sha256:b2c7f40116d217c3b39a38e53988dd72aeb32c7250cd9a8c1125686485ef887c_amd64, *, * |
| Red Hat | openshift4/ose-operator-lifecycle-manager@sha256:2a3c3dbbcdbcb06fcf6cfcfbd7c8814348732171af789a08c56c34df88884b82_amd64 as a component of Red Hat OpenShift Container Platform 4.12 | openshift4/ose-operator-lifecycle-manager@sha256:2a3c3dbbcdbcb06fcf6cfcfbd7c8814348732171af789a08c56c34df88884b82_amd64, *, openshift4/ose-operator-lifecycle-manager@sha256:2a3c3dbbcdbcb06fcf6cfcfbd7c8814348732171af789a08c56c34df88884b82_amd64 |
| Red Hat | openshift4/ose-operator-registry@sha256:4ed8196c1caa5101001b302818cb74068db130a3850a5b9c9d219223e00a7c44_amd64 as a component of Red Hat OpenShift Container Platform 4.12 | openshift4/ose-operator-registry@sha256:4ed8196c1caa5101001b302818cb74068db130a3850a5b9c9d219223e00a7c44_amd64, openshift4/ose-operator-registry@sha256:4ed8196c1caa5101001b302818cb74068db130a3850a5b9c9d219223e00a7c44_amd64, openshift4/ose-operator-registry@sha256:4ed8196c1caa5101001b302818cb74068db130a3850a5b9c9d219223e00a7c44_amd64 |
| Red Hat | openshift4/ose-ironic-rhel9@sha256:86b1d13fe787b8c1f22dd0ccd7af3c8f99b0dc0baa9a7dc9f627cb9609eef770_amd64 as a component of Red Hat OpenShift Container Platform 4.12 | *, openshift4/ose-ironic-rhel9@sha256:86b1d13fe787b8c1f22dd0ccd7af3c8f99b0dc0baa9a7dc9f627cb9609eef770_amd64, openshift4/ose-ironic-rhel9@sha256:86b1d13fe787b8c1f22dd0ccd7af3c8f99b0dc0baa9a7dc9f627cb9609eef770_amd64 |
| Red Hat | openshift4/ose-ironic-machine-os-downloader-rhel9@sha256:1890b1da10883d2995bd2585647d126d146f49732442ef0bd22d69d41a6ee56b_amd64 as a component of Red Hat OpenShift Container Platform 4.12 | openshift4/ose-ironic-machine-os-downloader-rhel9@sha256:1890b1da10883d2995bd2585647d126d146f49732442ef0bd22d69d41a6ee56b_amd64, openshift4/ose-ironic-machine-os-downloader-rhel9@sha256:1890b1da10883d2995bd2585647d126d146f49732442ef0bd22d69d41a6ee56b_amd64, * |
| Red Hat | openshift4/ose-kuryr-cni-rhel8@sha256:935d855e895729b572b4a8b312704cec4a215e1aea6201ebc7f3241d85f0029c_amd64 as a component of Red Hat OpenShift Container Platform 4.12 | *, *, openshift4/ose-kuryr-cni-rhel8@sha256:935d855e895729b572b4a8b312704cec4a215e1aea6201ebc7f3241d85f0029c_amd64 |
| Red Hat | openshift4/ose-docker-builder@sha256:b2c7f40116d217c3b39a38e53988dd72aeb32c7250cd9a8c1125686485ef887c_amd64 as a component of Red Hat OpenShift Container Platform 4.12 | *, openshift4/ose-docker-builder@sha256:b2c7f40116d217c3b39a38e53988dd72aeb32c7250cd9a8c1125686485ef887c_amd64, * |
| Red Hat | openshift4/ose-kuryr-controller-rhel8@sha256:93727bc97db674dc84a35ea3ae1ccd35c50fac9bd997500aa0ecd07e5dfafc25_amd64 as a component of Red Hat OpenShift Container Platform 4.12 | openshift4/ose-kuryr-controller-rhel8@sha256:93727bc97db674dc84a35ea3ae1ccd35c50fac9bd997500aa0ecd07e5dfafc25_amd64, openshift4/ose-kuryr-controller-rhel8@sha256:93727bc97db674dc84a35ea3ae1ccd35c50fac9bd997500aa0ecd07e5dfafc25_amd64, openshift4/ose-kuryr-controller-rhel8@sha256:93727bc97db674dc84a35ea3ae1ccd35c50fac9bd997500aa0ecd07e5dfafc25_amd64 |
| Red Hat | openshift4/ose-openshift-apiserver-rhel8@sha256:2b51f7a6b335445ccead3e05a3ea052f603d7687c29e4ab0a9d33a9442af8af5_amd64 as a component of Red Hat OpenShift Container Platform 4.12 | *, openshift4/ose-openshift-apiserver-rhel8@sha256:2b51f7a6b335445ccead3e05a3ea052f603d7687c29e4ab0a9d33a9442af8af5_amd64, * |
| Red Hat | openshift4/ose-docker-builder@sha256:b2c7f40116d217c3b39a38e53988dd72aeb32c7250cd9a8c1125686485ef887c_amd64 as a component of Red Hat OpenShift Container Platform 4.12 |
…and 18 more
Timeline
- Feb 6, 2025 CVE Published
- Apr 25, 2026 Distribution Patch
- Apr 25, 2026 Distribution Patch
- Apr 25, 2026 Security Advisory
- Apr 25, 2026 Security Advisory
- Apr 25, 2026 Security Advisory
- Apr 25, 2026 Security Advisory
- Apr 25, 2026 Security Advisory
- Apr 25, 2026 Security Advisory
- Jul 5, 2026 CVE Updated
References
- https://access.redhat.com/errata/RHSA-2025:0832 advisory
- https://access.redhat.com/security/updates/classification/#important advisory
- https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2243296 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2268273 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2276518 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2333122 issue
- https://issues.redhat.com/browse/OCPBUGS-45333 advisory
- https://issues.redhat.com/browse/OCPBUGS-47544 advisory
- https://issues.redhat.com/browse/OCPBUGS-47644 advisory
- https://issues.redhat.com/browse/OCPBUGS-48325 advisory
- https://issues.redhat.com/browse/OCPBUGS-48549 advisory
- https://issues.redhat.com/browse/OCPBUGS-48568 advisory
- https://issues.redhat.com/browse/OCPBUGS-49345 advisory
- https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_0832.json advisory
- https://access.redhat.com/security/cve/CVE-2023-6597 advisory
- https://www.cve.org/CVERecord?id=CVE-2023-6597 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2023-6597 advisory
- https://access.redhat.com/security/cve/CVE-2023-39325 advisory
- https://www.cve.org/CVERecord?id=CVE-2023-39325 advisory
…and 18 more