Red Hat Product Errata RHSA-2025:8605 - Security Advisory
Issued:
2025-06-05
Updated:
2025-06-05

RHSA-2025:8605 - Security Advisory

Synopsis

Important: mod_security security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for mod_security is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

ModSecurity is an open source intrusion detection and prevention engine for web applications.

Security Fix(es):

  • modsecurity: ModSecurity Has Possible DoS Vulnerability (CVE-2025-47947)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.6 x86_64
  • Red Hat Enterprise Linux Server - AUS 8.6 x86_64
  • Red Hat Enterprise Linux Server - TUS 8.6 x86_64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.6 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.6 x86_64

Fixes

  • BZ - 2367903 - CVE-2025-47947 modsecurity: ModSecurity Has Possible DoS Vulnerability

Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.6

SRPM
mod_security-2.9.2-9.el8_6.1.src.rpm SHA-256: 5526583a06d3c5dc4bf88f327bb81dec0c22ce8c99be6ea02e9fc54d0bc5aa83
x86_64
mod_security-2.9.2-9.el8_6.1.x86_64.rpm SHA-256: 74f2cce099d4c6cf36e328a26d269e93805f4c4d772eacc4277f8229c2f611e4
mod_security-debuginfo-2.9.2-9.el8_6.1.x86_64.rpm SHA-256: 866923af604cb1c7e0b72cb1f65a43442d82422132f908212d97f4898bf2b89d
mod_security-debugsource-2.9.2-9.el8_6.1.x86_64.rpm SHA-256: 3857d661bf97c2173884200495f0b382bed9a1f93ec997aeea7cc30ff55ae479
mod_security-mlogc-2.9.2-9.el8_6.1.x86_64.rpm SHA-256: 2d0670fe4f3965287a81a8a23ea286aa5f375e7c5530596608a79edc28b6eb9b
mod_security-mlogc-debuginfo-2.9.2-9.el8_6.1.x86_64.rpm SHA-256: 2851636ddacc1bb03a270261eda36671bd432acc08ae119bcba21e4b2ba99408

Red Hat Enterprise Linux Server - AUS 8.6

SRPM
mod_security-2.9.2-9.el8_6.1.src.rpm SHA-256: 5526583a06d3c5dc4bf88f327bb81dec0c22ce8c99be6ea02e9fc54d0bc5aa83
x86_64
mod_security-2.9.2-9.el8_6.1.x86_64.rpm SHA-256: 74f2cce099d4c6cf36e328a26d269e93805f4c4d772eacc4277f8229c2f611e4
mod_security-debuginfo-2.9.2-9.el8_6.1.x86_64.rpm SHA-256: 866923af604cb1c7e0b72cb1f65a43442d82422132f908212d97f4898bf2b89d
mod_security-debugsource-2.9.2-9.el8_6.1.x86_64.rpm SHA-256: 3857d661bf97c2173884200495f0b382bed9a1f93ec997aeea7cc30ff55ae479
mod_security-mlogc-2.9.2-9.el8_6.1.x86_64.rpm SHA-256: 2d0670fe4f3965287a81a8a23ea286aa5f375e7c5530596608a79edc28b6eb9b
mod_security-mlogc-debuginfo-2.9.2-9.el8_6.1.x86_64.rpm SHA-256: 2851636ddacc1bb03a270261eda36671bd432acc08ae119bcba21e4b2ba99408

Red Hat Enterprise Linux Server - TUS 8.6

SRPM
mod_security-2.9.2-9.el8_6.1.src.rpm SHA-256: 5526583a06d3c5dc4bf88f327bb81dec0c22ce8c99be6ea02e9fc54d0bc5aa83
x86_64
mod_security-2.9.2-9.el8_6.1.x86_64.rpm SHA-256: 74f2cce099d4c6cf36e328a26d269e93805f4c4d772eacc4277f8229c2f611e4
mod_security-debuginfo-2.9.2-9.el8_6.1.x86_64.rpm SHA-256: 866923af604cb1c7e0b72cb1f65a43442d82422132f908212d97f4898bf2b89d
mod_security-debugsource-2.9.2-9.el8_6.1.x86_64.rpm SHA-256: 3857d661bf97c2173884200495f0b382bed9a1f93ec997aeea7cc30ff55ae479
mod_security-mlogc-2.9.2-9.el8_6.1.x86_64.rpm SHA-256: 2d0670fe4f3965287a81a8a23ea286aa5f375e7c5530596608a79edc28b6eb9b
mod_security-mlogc-debuginfo-2.9.2-9.el8_6.1.x86_64.rpm SHA-256: 2851636ddacc1bb03a270261eda36671bd432acc08ae119bcba21e4b2ba99408

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.6

SRPM
mod_security-2.9.2-9.el8_6.1.src.rpm SHA-256: 5526583a06d3c5dc4bf88f327bb81dec0c22ce8c99be6ea02e9fc54d0bc5aa83
ppc64le
mod_security-2.9.2-9.el8_6.1.ppc64le.rpm SHA-256: 1aba828f3a87fc6dd65b718a9714047e6fd826cdfebfc9165dcfde762b878c61
mod_security-debuginfo-2.9.2-9.el8_6.1.ppc64le.rpm SHA-256: b3ee060bc01b530c1dd35bedbd07d58f8fc39a73f116e472292b759ce5757abe
mod_security-debugsource-2.9.2-9.el8_6.1.ppc64le.rpm SHA-256: c7e19a5cfba6e8e6b5b385c0d7eff1c6cc0344a6127e0cf76e31bc27d1baae28
mod_security-mlogc-2.9.2-9.el8_6.1.ppc64le.rpm SHA-256: 41e2b973418de6ade50c1afadb7b914b2aeb53587b60a71630f519e5d78c45b5
mod_security-mlogc-debuginfo-2.9.2-9.el8_6.1.ppc64le.rpm SHA-256: 0fc93a502c6a2e1931002208d19e29f41047c18db7297a73ac01ac7481e6d123

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.6

SRPM
mod_security-2.9.2-9.el8_6.1.src.rpm SHA-256: 5526583a06d3c5dc4bf88f327bb81dec0c22ce8c99be6ea02e9fc54d0bc5aa83
x86_64
mod_security-2.9.2-9.el8_6.1.x86_64.rpm SHA-256: 74f2cce099d4c6cf36e328a26d269e93805f4c4d772eacc4277f8229c2f611e4
mod_security-debuginfo-2.9.2-9.el8_6.1.x86_64.rpm SHA-256: 866923af604cb1c7e0b72cb1f65a43442d82422132f908212d97f4898bf2b89d
mod_security-debugsource-2.9.2-9.el8_6.1.x86_64.rpm SHA-256: 3857d661bf97c2173884200495f0b382bed9a1f93ec997aeea7cc30ff55ae479
mod_security-mlogc-2.9.2-9.el8_6.1.x86_64.rpm SHA-256: 2d0670fe4f3965287a81a8a23ea286aa5f375e7c5530596608a79edc28b6eb9b
mod_security-mlogc-debuginfo-2.9.2-9.el8_6.1.x86_64.rpm SHA-256: 2851636ddacc1bb03a270261eda36671bd432acc08ae119bcba21e4b2ba99408

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.