الموقع الرسمي للمركز الوطني الإرشادي للأمن السيبراني
تنبيه Red Hat
2474
تاريخ التحذير
مستوى الخطورة
رقم التحذير
القطاع المستهدف
27 فبراير, 2022
● عالي
2022-4437
الكل
أصدرت Red Hat عدّة تحديثات لمعالجة عددٍ من الثغرات في المنتجات التالية:
- python-pillow
- Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.4 x86_64
- Red Hat Enterprise Linux Server - AUS 8.4 x86_64
- Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.4 s390x
- Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.4 ppc64le
- Red Hat Enterprise Linux Server - TUS 8.4 x86_64
- Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.4 aarch64
- Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.4 ppc64le
- Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.4 x86_64
- Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.2 x86_64
- Red Hat Enterprise Linux Server - AUS 8.2 x86_64
- Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.2 s390x
- Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.2 ppc64le
- Red Hat Enterprise Linux Server - TUS 8.2 x86_64
- Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.2 aarch64
- Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.2 ppc64le
- Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.2 x86_64
- Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.1 ppc64le
- Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.1 x86_64
- cyrus-sasl
- Red Hat Enterprise Linux Server 7 x86_64
- Red Hat Enterprise Linux Workstation 7 x86_64
- Red Hat Enterprise Linux Desktop 7 x86_64
- Red Hat Enterprise Linux for IBM z Systems 7 s390x
- Red Hat Enterprise Linux for Power, big endian 7 ppc64
- Red Hat Enterprise Linux for Scientific Computing 7 x86_64
- Red Hat Enterprise Linux for Power, little endian 7 ppc64le
- Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.4 x86_64
- Red Hat Enterprise Linux Server - AUS 8.4 x86_64
- Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.4 s390x
- Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.4 ppc64le
- Red Hat Enterprise Linux Server - TUS 8.4 x86_64
- Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.4 aarch64
- Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.4 ppc64le
- Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.4 x86_64
- OpenShift Container Platform 3.11.634
- Red Hat OpenShift Container Platform 3.11 x86_64
- Red Hat OpenShift Container Platform for Power 3.11 ppc64le
- ruby:2.5
- Red Hat Enterprise Linux for x86_64 8 x86_64
- Red Hat Enterprise Linux for IBM z Systems 8 s390x
- Red Hat Enterprise Linux for Power, little endian 8 ppc64le
- Red Hat Enterprise Linux for ARM 64 8 aarch64
- OpenShift Container Platform 4.6.55
- Red Hat OpenShift Container Platform 4.6 for RHEL 8 x86_64
- Red Hat OpenShift Container Platform 4.6 for RHEL 7 x86_64
- Red Hat OpenShift Container Platform for Power 4.6 for RHEL 8 ppc64le
- Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.6 for RHEL 8 s390x
- Red Hat OpenShift GitOps
- Red Hat OpenShift GitOps 1.3 x86_64
يمكن للمهاجم استغلال الثغرات وتنفيذ ما يلي:
- هجمة تجاوز المسار (Path traversal)
- حقن برمجيات SQL خبيثة
- تنفيذ برمجيات خبيثة
يوصي المركز بتحديث المنتجات المتأثرة، حيث أصدرت Red Hat توضيحًا لهذه التحديثات:
- https://access.redhat.com/errata/RHSA-2022:0665
- https://access.redhat.com/errata/RHSA-2022:0666
- https://access.redhat.com/errata/RHSA-2022:0667
- https://access.redhat.com/errata/RHSA-2022:0668
- https://access.redhat.com/errata/RHSA-2022:0669
- https://access.redhat.com/errata/RHSA-2022:0555
- https://access.redhat.com/errata/RHSA-2022:0672
- https://access.redhat.com/errata/RHSA-2022:0565
- https://access.redhat.com/errata/RHSA-2022:0682
قيم المحتوى
شارك الصفحة
