Issued:: 2025-06-09
Updated:: 2025-06-09

RHSA-2025:8627 - Security Advisory

Overview
Updated Packages

Synopsis

Important: mod_security security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for mod_security is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

ModSecurity is an open source intrusion detection and prevention engine for web applications.

Security Fix(es):

modsecurity: ModSecurity Has Possible DoS Vulnerability (CVE-2025-47947)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat Enterprise Linux Server - AUS 8.4 x86_64

Fixes

BZ - 2367903 - CVE-2025-47947 modsecurity: ModSecurity Has Possible DoS Vulnerability

CVEs

CVE-2025-47947

References

https://access.redhat.com/security/updates/classification/#important

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server - AUS 8.4

SRPM
mod_security-2.9.2-9.el8_4.1.src.rpm	SHA-256: 2cad4918d78ae304921c86a44f0de3d3733a67f57621d8d601e4b706f308aac2
x86_64
mod_security-2.9.2-9.el8_4.1.x86_64.rpm	SHA-256: 180ef7d2ef19dcc228b1ac299cc8be25c6c9092ab90c0d0cddc7924211e2102d
mod_security-debuginfo-2.9.2-9.el8_4.1.x86_64.rpm	SHA-256: 568494c6c5434f8554837d24d9a403e8aba17b61a2cacc5aaa762b2c5c961895
mod_security-debugsource-2.9.2-9.el8_4.1.x86_64.rpm	SHA-256: 9b3750c793d9d2427a02a6747f2c85e3817cad0d5f4e13d5a98ca817fc4ffd48
mod_security-mlogc-2.9.2-9.el8_4.1.x86_64.rpm	SHA-256: 384c0961dbf772939303b3f1fa56ca315e8839cf7a4b8a5b1929b8fcd2da6424
mod_security-mlogc-debuginfo-2.9.2-9.el8_4.1.x86_64.rpm	SHA-256: cf1e95cc901680efdd7515205cbb3bba294342e30e917d2134f73b28368bf31a

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation