Description:

Red Hat has released security updates to address multiple vulnerabilities in the following products:

• Red Hat OpenShift Container Platform 4.5 for RHEL 8 x86_64
• Red Hat OpenShift Container Platform 4.5 for RHEL 7 x86_64
• Red Hat OpenShift Container Platform for Power 4.5 for RHEL 8 ppc64le
• Red Hat OpenShift Container Platform for Power 4.5 for RHEL 7 ppc64le
• Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.5 for RHEL 8 s390x
• Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.5 for RHEL 7 s390x
• Red Hat OpenShift Container Platform 4.4 for RHEL 7 x86_64
• Red Hat OpenShift Container Platform for Power 4.4 for RHEL 7 ppc64le
• Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.4 for RHEL 7 s390x
• bash
  • Red Hat Enterprise Linux Server - AUS 7.4 x86_64
  • Red Hat Enterprise Linux Server - TUS 7.4 x86_64
  • Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 7.4 ppc64le
  • Red Hat Enterprise Linux Server - Update Services for SAP Solutions 7.4 x86_64
• kernel
  • Red Hat Enterprise Linux Server - AUS 7.4 x86_64
  • Red Hat Enterprise Linux Server - TUS 7.4 x86_64
  • Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 7.4 ppc64le
  • Red Hat Enterprise Linux Server - Update Services for SAP Solutions 7.4 x86_64
• kernel-rt
  • MRG Realtime 2 x86_64

Threats:

Attacker could exploit these vulnerabilities by causing denial of service (DoS).

Best practice and Recommendations:

The CERT team encourages users to review Red Hat security advisory and apply the necessary updates:

• https://access.redhat.com/errata/RHSA-2020:3780
• https://access.redhat.com/errata/RHSA-2020:3783
• https://access.redhat.com/errata/RHSA-2020:3803
• https://access.redhat.com/errata/RHSA-2020:3804
• https://access.redhat.com/errata/RHSA-2020:3810