Red Hat MicroShift 4.17.49 Security Update Allows Unauthorized Access

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

7.5

Red Hat MicroShift 4.17.49 Security Update Allows Unauthorized Access

RHSA-2026:2746

Summary

A security update for Red Hat MicroShift 4.17.49 addresses a vulnerability that could potentially allow an attacker to access the system without proper authorization. This could happen if an attacker exploits a weakness in the way MicroShift handles certain requests. To protect your system, update to the latest version of Red Hat MicroShift as soon as possible.

What to do

Update redhat microshift to version 0:4.17.49-202602161401.p0.g708a69a.assembly.4.17.49.el9.
Update redhat microshift-greenboot to version 0:4.17.49-202602161401.p0.g708a69a.assembly.4.17.49.el9.
Update redhat microshift-low-latency to version 0:4.17.49-202602161401.p0.g708a69a.assembly.4.17.49.el9.
Update redhat microshift-multus to version 0:4.17.49-202602161401.p0.g708a69a.assembly.4.17.49.el9.
Update redhat microshift-multus-release-info to version 0:4.17.49-202602161401.p0.g708a69a.assembly.4.17.49.el9.
Update redhat microshift-networking to version 0:4.17.49-202602161401.p0.g708a69a.assembly.4.17.49.el9.
Update redhat microshift-olm to version 0:4.17.49-202602161401.p0.g708a69a.assembly.4.17.49.el9.
Update redhat microshift-olm-release-info to version 0:4.17.49-202602161401.p0.g708a69a.assembly.4.17.49.el9.
Update redhat microshift-release-info to version 0:4.17.49-202602161401.p0.g708a69a.assembly.4.17.49.el9.
Update redhat microshift-selinux to version 0:4.17.49-202602161401.p0.g708a69a.assembly.4.17.49.el9.

Affected software

Vendor	Product	Affected versions	Fix available
redhat	microshift	<= 0:4.17.49-202602161401.p0.g708a69a.assembly.4.17.49.el9	0:4.17.49-202602161401.p0.g708a69a.assembly.4.17.49.el9
redhat	microshift-greenboot	<= 0:4.17.49-202602161401.p0.g708a69a.assembly.4.17.49.el9	0:4.17.49-202602161401.p0.g708a69a.assembly.4.17.49.el9
redhat	microshift-low-latency	<= 0:4.17.49-202602161401.p0.g708a69a.assembly.4.17.49.el9	0:4.17.49-202602161401.p0.g708a69a.assembly.4.17.49.el9
redhat	microshift-multus	<= 0:4.17.49-202602161401.p0.g708a69a.assembly.4.17.49.el9	0:4.17.49-202602161401.p0.g708a69a.assembly.4.17.49.el9
redhat	microshift-multus-release-info	<= 0:4.17.49-202602161401.p0.g708a69a.assembly.4.17.49.el9	0:4.17.49-202602161401.p0.g708a69a.assembly.4.17.49.el9
redhat	microshift-networking	<= 0:4.17.49-202602161401.p0.g708a69a.assembly.4.17.49.el9	0:4.17.49-202602161401.p0.g708a69a.assembly.4.17.49.el9
redhat	microshift-olm	<= 0:4.17.49-202602161401.p0.g708a69a.assembly.4.17.49.el9	0:4.17.49-202602161401.p0.g708a69a.assembly.4.17.49.el9
redhat	microshift-olm-release-info	<= 0:4.17.49-202602161401.p0.g708a69a.assembly.4.17.49.el9	0:4.17.49-202602161401.p0.g708a69a.assembly.4.17.49.el9
redhat	microshift-release-info	<= 0:4.17.49-202602161401.p0.g708a69a.assembly.4.17.49.el9	0:4.17.49-202602161401.p0.g708a69a.assembly.4.17.49.el9
redhat	microshift-selinux	<= 0:4.17.49-202602161401.p0.g708a69a.assembly.4.17.49.el9	0:4.17.49-202602161401.p0.g708a69a.assembly.4.17.49.el9

Original title

Red Hat Security Advisory: Red Hat build of MicroShift 4.17.49 security update

osv CVSS3.1 7.5

https://access.redhat.com/errata/RHSA-2026:2746 Vendor Advisory
https://access.redhat.com/security/updates/classification/#moderate Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2418900 Third Party Advisory
https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_2746.j... Vendor Advisory
https://access.redhat.com/security/cve/CVE-2025-65637 Third Party Advisory
https://www.cve.org/CVERecord?id=CVE-2025-65637 Vendor Advisory
https://nvd.nist.gov/vuln/detail/CVE-2025-65637 Vendor Advisory
https://github.com/mjuanxd/logrus-dos-poc Third Party Advisory
https://github.com/mjuanxd/logrus-dos-poc/blob/main/README.md Third Party Advisory
https://github.com/sirupsen/logrus/issues/1370 Third Party Advisory
https://github.com/sirupsen/logrus/pull/1376 Third Party Advisory
https://github.com/sirupsen/logrus/releases/tag/v1.8.3 Third Party Advisory
https://github.com/sirupsen/logrus/releases/tag/v1.9.1 Third Party Advisory
https://github.com/sirupsen/logrus/releases/tag/v1.9.3 Third Party Advisory
https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMSIRUPSENLOGRUS-5564391 Third Party Advisory

Published: 23 Feb 2026 · Updated: 6 Mar 2026 · First seen: 6 Mar 2026