Red Hat Product Errata RHSA-2025:13775 - Security Advisory
Issued:
2025-08-12
Updated:
2025-08-12

RHSA-2025:13775 - Security Advisory

Synopsis

Moderate: mod_security security update

Type/Severity

Security Advisory: Moderate

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for mod_security is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

ModSecurity is an open source intrusion detection and prevention engine for web applications.

Security Fix(es):

  • mod_security: ModSecurity Denial of Service Vulnerability (CVE-2025-48866)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux Server - AUS 9.2 x86_64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.2 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.2 x86_64
  • Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.2 aarch64
  • Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.2 s390x

Fixes

  • BZ - 2369827 - CVE-2025-48866 mod_security: ModSecurity Denial of Service Vulnerability

Red Hat Enterprise Linux Server - AUS 9.2

SRPM
mod_security-2.9.6-1.el9_2.2.src.rpm SHA-256: 4b5f2a39b1fbbe57bba705057850853a67e1509b7c4d7535633fd7f156194b6a
x86_64
mod_security-2.9.6-1.el9_2.2.x86_64.rpm SHA-256: cff46d4d0f665ae5faf17d54b0b102268792dfdd5afd26d89c31e1b49903c449
mod_security-debuginfo-2.9.6-1.el9_2.2.x86_64.rpm SHA-256: cfc1050d2c4246561d5baf1c3bc107c5345e25e2b6836c49cb3699adf7b7dbc3
mod_security-debugsource-2.9.6-1.el9_2.2.x86_64.rpm SHA-256: 50fe50a509f21a00b7197ca6f46c24f998e5a80935f8bbc00b4388ec03c08e07
mod_security-mlogc-2.9.6-1.el9_2.2.x86_64.rpm SHA-256: 95d5cd15bb674f66e99b5b9fe28c6aea8ea62cfa7332a58d4014a0ed3fb9c223
mod_security-mlogc-debuginfo-2.9.6-1.el9_2.2.x86_64.rpm SHA-256: 19aca36decfa2c503f7aebdb67944fc05ce3d4fe02dcd5b2d6b9a4f14701071a

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.2

SRPM
mod_security-2.9.6-1.el9_2.2.src.rpm SHA-256: 4b5f2a39b1fbbe57bba705057850853a67e1509b7c4d7535633fd7f156194b6a
ppc64le
mod_security-2.9.6-1.el9_2.2.ppc64le.rpm SHA-256: 1160a3a91a8a63faa289a7c14d0be9ae05d729a9fd85de2fae1c6795d82aa892
mod_security-debuginfo-2.9.6-1.el9_2.2.ppc64le.rpm SHA-256: 07113c9bb0aad54a4c05b9b100dcf994e81876354bb6995eadc3d8ea983ce77b
mod_security-debugsource-2.9.6-1.el9_2.2.ppc64le.rpm SHA-256: f3e4e55806da77f9fecbfa25bcb68e3d8bfd5fb498e48ccdb76e3ba6729b8a6b
mod_security-mlogc-2.9.6-1.el9_2.2.ppc64le.rpm SHA-256: c5ca76a02a44266a7074e75ae53bb4deae578debc526c4baafbd214703516fda
mod_security-mlogc-debuginfo-2.9.6-1.el9_2.2.ppc64le.rpm SHA-256: 5215578c0d26dd6348a199dd5e342a3b6f6504e8a37e9c7c63e2381708dd4008

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.2

SRPM
mod_security-2.9.6-1.el9_2.2.src.rpm SHA-256: 4b5f2a39b1fbbe57bba705057850853a67e1509b7c4d7535633fd7f156194b6a
x86_64
mod_security-2.9.6-1.el9_2.2.x86_64.rpm SHA-256: cff46d4d0f665ae5faf17d54b0b102268792dfdd5afd26d89c31e1b49903c449
mod_security-debuginfo-2.9.6-1.el9_2.2.x86_64.rpm SHA-256: cfc1050d2c4246561d5baf1c3bc107c5345e25e2b6836c49cb3699adf7b7dbc3
mod_security-debugsource-2.9.6-1.el9_2.2.x86_64.rpm SHA-256: 50fe50a509f21a00b7197ca6f46c24f998e5a80935f8bbc00b4388ec03c08e07
mod_security-mlogc-2.9.6-1.el9_2.2.x86_64.rpm SHA-256: 95d5cd15bb674f66e99b5b9fe28c6aea8ea62cfa7332a58d4014a0ed3fb9c223
mod_security-mlogc-debuginfo-2.9.6-1.el9_2.2.x86_64.rpm SHA-256: 19aca36decfa2c503f7aebdb67944fc05ce3d4fe02dcd5b2d6b9a4f14701071a

Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.2

SRPM
mod_security-2.9.6-1.el9_2.2.src.rpm SHA-256: 4b5f2a39b1fbbe57bba705057850853a67e1509b7c4d7535633fd7f156194b6a
aarch64
mod_security-2.9.6-1.el9_2.2.aarch64.rpm SHA-256: 843c78334cb67ef550239dd3d8e2fc324110339745112ace2bb2b63225f523d2
mod_security-debuginfo-2.9.6-1.el9_2.2.aarch64.rpm SHA-256: 00d6a451ecda01c6acfa98d65cbb62bfe8c46fef9456bb8e7a8840e7deaff682
mod_security-debugsource-2.9.6-1.el9_2.2.aarch64.rpm SHA-256: 8afb21637b72d778c431ea8c131c5e7d40a9843c0a9597b04b1da32f3a5536ac
mod_security-mlogc-2.9.6-1.el9_2.2.aarch64.rpm SHA-256: 74d7b1de7656778f35e1b691d5100516ff7f8670349463f6c9e187602f89e2f2
mod_security-mlogc-debuginfo-2.9.6-1.el9_2.2.aarch64.rpm SHA-256: e39ae9eb0e50fc349e4397618ad043afc9cd4e30930aea135e4ea3026f42bd27

Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.2

SRPM
mod_security-2.9.6-1.el9_2.2.src.rpm SHA-256: 4b5f2a39b1fbbe57bba705057850853a67e1509b7c4d7535633fd7f156194b6a
s390x
mod_security-2.9.6-1.el9_2.2.s390x.rpm SHA-256: 63efd8fc84afeeebbc35390f56fad1e89df890d66e8efa0f18633c6f6e3ab226
mod_security-debuginfo-2.9.6-1.el9_2.2.s390x.rpm SHA-256: f470be52c77a6237ad28a36a2465f8aab86ea34098bbc4564296cd6c78b24b2e
mod_security-debugsource-2.9.6-1.el9_2.2.s390x.rpm SHA-256: 29cf5c1e1e378e2bb25d5e6aa2c8bc697fca54c7c34e6f15770d67d498acd407
mod_security-mlogc-2.9.6-1.el9_2.2.s390x.rpm SHA-256: 5e1b70a381ba02f597840267445f9df78de3e3a96dc998a3b66f394c788c6cc3
mod_security-mlogc-debuginfo-2.9.6-1.el9_2.2.s390x.rpm SHA-256: 5594976cd869e5da385867a23ae81f19013125c3b1a54dc578152f26d1b3d969

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.