Security Warnings

Classification
These posts contain security warnings, including digital loopholes, electronic attacks, technical updates, and they are classified base on the level of severity.

Critical

High

Medium

Low

Red Hat Updates

90

Warning Date: 13 January, 2021

Severity Level ● High

Warning Number: 2021-2318

Target Sector: All

Description:

Red Hat has released security updates to address multiple vulnerabilities in the following products:

  • Red Hat build of Quarkus 1.7.6
    • Red Hat Build of Quarkus Text-Only Advisories x86_64
  • Red Hat Ceph Storage 4.2
    • Red Hat Enterprise Linux Server 7 x86_64
    • Red Hat Ceph Storage MON 4 for RHEL 8 x86_64
    • Red Hat Ceph Storage MON 4 for RHEL 7 x86_64
    • Red Hat Ceph Storage OSD 4 for RHEL 8 x86_64
    • Red Hat Ceph Storage OSD 4 for RHEL 7 x86_64
    • Red Hat Enterprise Linux for x86_64 8 x86_64
    • Red Hat Ceph Storage for Power 4 for RHEL 8 ppc64le
    • Red Hat Ceph Storage for Power 4 for RHEL 7 ppc64le
    • Red Hat Ceph Storage MON for Power 4 for RHEL 8 ppc64le
    • Red Hat Ceph Storage MON for Power 4 for RHEL 7 ppc64le
    • Red Hat Ceph Storage OSD for Power 4 for RHEL 8 ppc64le
    • Red Hat Ceph Storage OSD for Power 4 for RHEL 7 ppc64le
    • Red Hat Ceph Storage for IBM z Systems 4 s390x
    • Red Hat Ceph Storage MON for IBM z Systems 4 s390x
    • Red Hat Ceph Storage OSD for IBM z Systems 4 s390x
  • kernel
    • Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.2 x86_64
    • Red Hat Enterprise Linux Server - AUS 8.2 x86_64
    • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.2 s390x
    • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.2 ppc64le
    • Red Hat Enterprise Linux Server - TUS 8.2 x86_64
    • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.2 aarch64
    • Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.2 ppc64le
    • Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.2 x86_64
    • Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.2 x86_64
    • Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.2 ppc64le
    • Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.2 aarch64

Threats:

Attacker could exploit these vulnerabilities by doing the following:

  • Denial of service (DoS)
  • Execute arbitrary code

Best practice and Recommendations:

The CERT team encourages users to review Red Hat security advisory and apply the necessary updates:

Last updated at 13 January, 2021