Red Hat OpenShift Service Mesh Flaws Expose Kiali to Denial of Service
Red Hat OpenShift Service Mesh was the subject of multiple security advisories, including a broader notice covering multiple vulnerabilities and a follow-on advisory identifying a flaw in Kiali, the service mesh observability and management component, that could allow denial of service. The issues affect deployments using OpenShift Service Mesh and highlight risk in both the core platform and associated management tooling.
The advisories from dCERT indicate that organizations running Red Hat OpenShift Service Mesh should review vendor guidance and assess exposure in environments where Kiali is enabled, as service disruption could affect visibility and management of mesh traffic. Together, the notices point to a need for prompt patching and validation of Service Mesh components to reduce the chance of outages or abuse of vulnerable functionality.
Timeline
Feb 24, 2026
dCERT publishes Kiali DoS vulnerability advisory for OpenShift Service Mesh
dCERT published Advisory 2026-0472 for Red Hat OpenShift Service Mesh, stating that a vulnerability in Kiali could allow denial of service. No additional exploit or remediation details are included in the reference.
Jan 1, 2026
dCERT publishes advisory on multiple Red Hat OpenShift Service Mesh vulnerabilities
dCERT published Advisory 2025-2592 covering multiple vulnerabilities affecting Red Hat OpenShift Service Mesh. The reference does not provide further technical details or a separate disclosure date beyond publication.
See the full picture in Mallory
Mallory subscribers get deeper analysis on every story, including:
Who’s affected and how
Deep-dive technical analysis
Actionable next steps for your team
IPs, domains, hashes, and more
Ask questions and take action on every story
Filter by topic, classification, timeframe
Get matching stories delivered automatically
Related Entities
Organizations
Affected Products
Sources
Related Stories
Red Hat OpenShift AI flaws exposed cross-namespace Llama services and service account tokens
Red Hat disclosed two high-severity vulnerabilities in OpenShift AI that could let authenticated attackers access other tenants’ resources and sensitive Kubernetes credentials. **CVE-2025-12805** affects the `llama-stack-operator`, where a missing `NetworkPolicy` left the Llama Stack service endpoint reachable across namespaces. Red Hat said a user in one namespace could directly access another user’s Llama Stack instance and potentially view or manipulate sensitive data, with the issue tracked under **CWE-653** and rated `CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N`. A second flaw, **CVE-2026-5483**, impacts the `odh-dashboard` component and can expose Kubernetes Service Account tokens through a Node.js endpoint. Red Hat warned that disclosure of those tokens could enable unauthorized access to Kubernetes resources; the issue is mapped to **CWE-201** and carries the vector `CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H`. Red Hat published CVE records, Bugzilla entries, and errata references for both vulnerabilities, highlighting risks to confidentiality and integrity in multi-tenant OpenShift AI deployments.
3 weeks ago
Multiple Vulnerabilities Disclosed in Red Hat OpenShift Pipelines and Fulcio Component
Red Hat OpenShift Pipelines was the subject of multiple security advisories, including one affecting the **Fulcio** component used by the OpenShift Pipelines Operator. One disclosed flaw was reported to allow **denial of service**, raising the risk of service disruption in environments that rely on the operator’s signing and pipeline-related functionality. A later advisory reported **multiple vulnerabilities** in Red Hat OpenShift Pipelines, indicating broader security exposure beyond the previously disclosed Fulcio issue. Organizations running OpenShift Pipelines should review the affected product versions, assess exposure across pipeline and operator deployments, and prioritize vendor-recommended updates or mitigations to reduce the risk of disruption or further compromise.
1 weeks ago
Critical OpenShift and OpenSSH Flaws Expose Linux Systems to Root Access
Authorities warned that **Red Hat OpenShift Container Platform 4** contains two high-severity vulnerabilities that can lead to code execution and node takeover in enterprise container environments. `CVE-2024-45496` in `ose-openshift-controller-manager-container` carries a **CVSS 9.9** rating and can allow arbitrary code execution on an OpenShift node when a user with developer-level access exploits insufficient restrictions on elevated privileges. `CVE-2024-7387` in `openshift4/ose-docker-builder`, rated **CVSS 9.1**, can enable arbitrary command execution on an OpenShift node and may allow privilege escalation and full control of the affected node. At the time of the alert, mitigations were available but vendor patches had not yet been released. A separate alert highlighted the **regreSSHion** flaw in **OpenSSH**, which can give an attacker unrestricted root-level access on vulnerable Linux and FreeBSD-based systems. The issue affects OpenSSH versions from `8.5p1` up to but not including `9.8p1`, as well as versions earlier than `4.4p1`; OpenBSD-based systems were reported as not vulnerable. Successful exploitation has been confirmed on systems using **glibc**, while systems using **musl libc** were reported as not vulnerable, and the attack currently requires repeated attempts over hours or days. A fix is available in **OpenSSH `9.8p1`**, though some distributors have backported the patch, meaning package version numbers alone may not reliably indicate exposure.
1 weeks ago