{
  "threat_severity" : "Important",
  "public_date" : "2026-04-28T09:11:44Z",
  "bugzilla" : {
    "description" : "Apache Thrift: c_glib: Apache Thrift c_glib: Denial of Service via specially crafted requests",
    "id" : "2463410",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2463410"
  },
  "cvss3" : {
    "cvss3_base_score" : "7.5",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
    "status" : "verified"
  },
  "cwe" : "CWE-763",
  "details" : [ "Mismatched Memory Management Routines vulnerability in Apache Thrift c_glib language bindings.\nThis issue affects Apache Thrift: before 0.23.0.\nUsers are recommended to upgrade to version 0.23.0, which fixes the issue.\nDescription: Specially crafted requests can crash an c_glib-based Thrift server with a clean but fatal \"free(): invalid pointer\" error message.", "A flaw was found in Apache Thrift c_glib language bindings. A remote attacker could send specially crafted requests to a c_glib-based Thrift server, leading to a mismatched memory management routines vulnerability. This could cause the server to crash with a \"free(): invalid pointer\" error, resulting in a Denial of Service (DoS)." ],
  "affected_release" : [ {
    "product_name" : "Cryostat 4 on RHEL 9",
    "release_date" : "2026-06-22T00:00:00Z",
    "advisory" : "RHSA-2026:28010",
    "cpe" : "cpe:/a:redhat:cryostat:4::el9",
    "package" : "cryostat/cryostat-storage-rhel9:4.2.0-16"
  }, {
    "product_name" : "Red Hat Advanced Cluster Management for Kubernetes 2.15",
    "release_date" : "2026-06-08T00:00:00Z",
    "advisory" : "RHSA-2026:24539",
    "cpe" : "cpe:/a:redhat:acm:2.15::el9",
    "package" : "rhacm2/acm-grafana-rhel9:1780677003"
  }, {
    "product_name" : "Red Hat Advanced Cluster Management for Kubernetes 2.16",
    "release_date" : "2026-06-11T00:00:00Z",
    "advisory" : "RHSA-2026:25273",
    "cpe" : "cpe:/a:redhat:acm:2.16::el9",
    "package" : "rhacm2/acm-grafana-rhel9:1780926805"
  }, {
    "product_name" : "Red Hat OpenShift distributed tracing 3.10.0",
    "release_date" : "2026-06-18T00:00:00Z",
    "advisory" : "RHSA-2026:27126",
    "cpe" : "cpe:/a:redhat:openshift_distributed_tracing:3.10::el9",
    "package" : "rhosdt/tempo-rhel9:1781589494"
  } ],
  "package_state" : [ {
    "product_name" : "Multicluster Global Hub",
    "fix_state" : "Not affected",
    "package_name" : "multicluster-globalhub/multicluster-globalhub-grafana-rhel9",
    "cpe" : "cpe:/a:redhat:multicluster_globalhub"
  }, {
    "product_name" : "OpenShift Service Mesh 2",
    "fix_state" : "Not affected",
    "package_name" : "openshift-service-mesh/istio-rhel8-operator",
    "cpe" : "cpe:/a:redhat:service_mesh:2"
  }, {
    "product_name" : "Red Hat Advanced Cluster Management for Kubernetes 2",
    "fix_state" : "Will not fix",
    "package_name" : "redhat-user-workloads/grafana-acm-212",
    "cpe" : "cpe:/a:redhat:acm:2"
  }, {
    "product_name" : "Red Hat Advanced Cluster Management for Kubernetes 2",
    "fix_state" : "Affected",
    "package_name" : "redhat-user-workloads/grafana-acm-213",
    "cpe" : "cpe:/a:redhat:acm:2"
  }, {
    "product_name" : "Red Hat AI Inference Server",
    "fix_state" : "Will not fix",
    "package_name" : "rhaiis/vllm-cpu-rhel9",
    "cpe" : "cpe:/a:redhat:ai_inference_server:3"
  }, {
    "product_name" : "Red Hat AI Inference Server",
    "fix_state" : "Will not fix",
    "package_name" : "rhaiis/vllm-tpu-rhel9",
    "cpe" : "cpe:/a:redhat:ai_inference_server:3"
  }, {
    "product_name" : "Red Hat Ceph Storage 5",
    "fix_state" : "Out of support scope",
    "package_name" : "rhceph/snmp-notifier-rhel8",
    "cpe" : "cpe:/a:redhat:ceph_storage:5"
  }, {
    "product_name" : "Red Hat Ceph Storage 6",
    "fix_state" : "Out of support scope",
    "package_name" : "rhceph/rhceph-6-dashboard-rhel9",
    "cpe" : "cpe:/a:redhat:ceph_storage:6"
  }, {
    "product_name" : "Red Hat Ceph Storage 6",
    "fix_state" : "Out of support scope",
    "package_name" : "rhceph/snmp-notifier-rhel9",
    "cpe" : "cpe:/a:redhat:ceph_storage:6"
  }, {
    "product_name" : "Red Hat Ceph Storage 8",
    "fix_state" : "Out of support scope",
    "package_name" : "rhceph/grafana-rhel9",
    "cpe" : "cpe:/a:redhat:ceph_storage:8"
  }, {
    "product_name" : "Red Hat Ceph Storage 8",
    "fix_state" : "Out of support scope",
    "package_name" : "rhceph/snmp-notifier-rhel9",
    "cpe" : "cpe:/a:redhat:ceph_storage:8"
  }, {
    "product_name" : "Red Hat Ceph Storage 9",
    "fix_state" : "Out of support scope",
    "package_name" : "rhceph/alloy-rhel10",
    "cpe" : "cpe:/a:redhat:ceph_storage:9"
  }, {
    "product_name" : "Red Hat Ceph Storage 9",
    "fix_state" : "Out of support scope",
    "package_name" : "rhceph/grafana-rhel10",
    "cpe" : "cpe:/a:redhat:ceph_storage:9"
  }, {
    "product_name" : "Red Hat Ceph Storage 9",
    "fix_state" : "Out of support scope",
    "package_name" : "rhceph/snmp-notifier-rhel10",
    "cpe" : "cpe:/a:redhat:ceph_storage:9"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "fix_state" : "Not affected",
    "package_name" : "grafana",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8"
  }, {
    "product_name" : "Red Hat OpenShift AI (RHOAI)",
    "fix_state" : "Not affected",
    "package_name" : "rhoai/odh-model-registry-rhel9",
    "cpe" : "cpe:/a:redhat:openshift_ai"
  }, {
    "product_name" : "Red Hat OpenShift Container Platform 4",
    "fix_state" : "Affected",
    "package_name" : "openshift4/cnf-tests-rhel8",
    "cpe" : "cpe:/a:redhat:openshift:4"
  }, {
    "product_name" : "Red Hat OpenShift Container Platform 4",
    "fix_state" : "Not affected",
    "package_name" : "openshift4/oc-mirror-plugin-rhel9",
    "cpe" : "cpe:/a:redhat:openshift:4"
  }, {
    "product_name" : "Red Hat OpenShift Container Platform 4",
    "fix_state" : "Affected",
    "package_name" : "openshift4/ztp-site-generate-rhel8",
    "cpe" : "cpe:/a:redhat:openshift:4"
  }, {
    "product_name" : "Red Hat OpenShift Container Platform 4",
    "fix_state" : "Affected",
    "package_name" : "redhat-user-workloads/cnf-tests-4-15",
    "cpe" : "cpe:/a:redhat:openshift:4"
  }, {
    "product_name" : "Red Hat OpenShift Container Platform 4",
    "fix_state" : "Affected",
    "package_name" : "redhat-user-workloads/ztp-site-generate-4-15",
    "cpe" : "cpe:/a:redhat:openshift:4"
  }, {
    "product_name" : "Red Hat OpenShift Container Platform 4",
    "fix_state" : "Affected",
    "package_name" : "redhat-user-workloads/ztp-site-generate-4-16",
    "cpe" : "cpe:/a:redhat:openshift:4"
  }, {
    "product_name" : "Red Hat OpenShift distributed tracing 3",
    "fix_state" : "Affected",
    "package_name" : "rhosdt/opentelemetry-collector-rhel9",
    "cpe" : "cpe:/a:redhat:openshift_distributed_tracing:3"
  }, {
    "product_name" : "Red Hat OpenShift distributed tracing 3",
    "fix_state" : "Affected",
    "package_name" : "rhosdt/tempo-jaeger-query-rhel9",
    "cpe" : "cpe:/a:redhat:openshift_distributed_tracing:3"
  }, {
    "product_name" : "Red Hat OpenShift distributed tracing 3",
    "fix_state" : "Affected",
    "package_name" : "rhosdt/tempo-query-rhel9",
    "cpe" : "cpe:/a:redhat:openshift_distributed_tracing:3"
  }, {
    "product_name" : "Red Hat OpenStack Platform 18.0",
    "fix_state" : "Not affected",
    "package_name" : "rhoso-operators/openstack-operator-bundle",
    "cpe" : "cpe:/a:redhat:openstack:18.0"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2025-48431\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-48431\nhttp://www.openwall.com/lists/oss-security/2026/04/28/8\nhttps://lists.apache.org/thread/lb4j0zyd5f3g36cos0wql925przpnwql" ],
  "name" : "CVE-2025-48431",
  "csaw" : false
}