Red Hat Product Errata RHSA-2025:13671 - Security Advisory
Issued:
2025-08-12
Updated:
2025-08-12

RHSA-2025:13671 - Security Advisory

Synopsis

Moderate: Updated 7.1 container image is now available in the Red Hat Ecosystem Catalog

Type/Severity

Security Advisory: Moderate

Topic

Updated rhceph-7.1 container image is now available in the Red Hat Ecosystem Catalog.

Description

Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services.

This new container image is based on Red Hat Ceph Storage 7.1 and Red Hat Enterprise Linux 8.10, 9.4, 9.5.

Security Fix(es):

  • net/http: Request smuggling due to acceptance of invalid chunked data in net/http (CVE-2025-22871)

All users of Red Hat Ceph Storage are advised to pull new images from the Red Hat Ecosystem catalog, which provides security fixes.

Solution

Before applying this update, make sure all previously released errata relevant to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/2789521

For supported configurations, refer to:

https://access.redhat.com/articles/1548993

Affected Products

  • Red Hat Enterprise Linux for x86_64 9 x86_64
  • Red Hat Enterprise Linux for IBM z Systems 9 s390x
  • Red Hat Enterprise Linux for Power, little endian 9 ppc64le

Fixes

  • BZ - 2358493 - CVE-2025-22871 net/http: Request smuggling due to acceptance of invalid chunked data in net/http

ppc64le

rhceph/grafana-rhel9@sha256:7c893a65867115da701a9222dea3d31e4f3809b857781c076a9764facbc9a113
rhceph/grafana-rhel10@sha256:7c893a65867115da701a9222dea3d31e4f3809b857781c076a9764facbc9a113
rhceph/keepalived-rhel9@sha256:ab291dfd59526f18a092dcfccdf1843c06b615696087230c943d8a520cfc2619
rhceph/rhceph-7-rhel9@sha256:5cdec6a42b16104b2b12c2fa61cedb10610a9021cad17b9cb8ef02eab0f33704
rhceph/rhceph-haproxy-rhel9@sha256:60d9c1f40ff65ac978b5efbc183665bc153fa915b8170ba430a3c42a7a2d60b1
rhceph/rhceph-promtail-rhel9@sha256:b793bbf412e03da3c49a0fcf3b7c501507fdae02fefd330336e2642b75fca1b9
rhceph/snmp-notifier-rhel9@sha256:6fba423acaabbb10c382cd7231f8514bc4bcd191595016d117b0baa76b9af2e0

s390x

rhceph/grafana-rhel9@sha256:a3f03f8f96603d8e493294f1bfcdc45fbbdfb3c860b0928e1b606246ed98bc93
rhceph/grafana-rhel10@sha256:a3f03f8f96603d8e493294f1bfcdc45fbbdfb3c860b0928e1b606246ed98bc93
rhceph/keepalived-rhel9@sha256:e007308a4a8395f737faba5305622cde74a3bd16bb9ef6a09b264515ee69c305
rhceph/rhceph-7-rhel9@sha256:01009b9ff1add5a401ea0d6105c0024b1a4d593bcd78d6109c46433216414cb1
rhceph/rhceph-haproxy-rhel9@sha256:abd13a21e4225e6b85254e14c23e76bcbc21a769de12415d712d960fc2a8d37b
rhceph/rhceph-promtail-rhel9@sha256:d9bce6d4815dccd1c34920966f026db99ee62768050e7c8099ec10eacb806632
rhceph/snmp-notifier-rhel9@sha256:b00b130883fd4910243c23a7bfe5fb3f46a29af535b97a1e31dafeda2e7bca88

x86_64

rhceph/grafana-rhel9@sha256:f986faff3d696b907ec531e216b162e7259c1f9c9a2e34186a3ea562ccc28a94
rhceph/grafana-rhel10@sha256:f986faff3d696b907ec531e216b162e7259c1f9c9a2e34186a3ea562ccc28a94
rhceph/keepalived-rhel9@sha256:a5bfbfa51b658f05e549dc2d128a5e9ba90e3cac10ef4f7b1507e73f1ce3a9cd
rhceph/rhceph-7-rhel9@sha256:0728ea0f73187d09257cd757de426dcb0f653d045fc17ef84590c32c524b312c
rhceph/rhceph-haproxy-rhel9@sha256:cff029244cda2e30f5940f05ca2335bdbf01e64f11b0d1b8f8dcf032ded3225f
rhceph/rhceph-promtail-rhel9@sha256:463185023a91bef87f63c81d172614b408de4c6f310cb468b8993fe83b591029
rhceph/snmp-notifier-rhel9@sha256:b74eb62ccffed853f34d6968bfdd3413dd7287725a324f81f1196a1cb16c34f4

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.