Description:

Red Hat has released security updates to address several vulnerabilities in the following products:

• Red Hat Virtualization 4 for RHEL 8 x86_64
• Red Hat Virtualization Host 4 for RHEL 8 x86_64
• rh-mariadb102-mariadb and rh-mariadb102-galera
  • Red Hat Software Collections (for RHEL Server) 1 for RHEL 7.7 x86_64
  • Red Hat Software Collections (for RHEL Server) 1 for RHEL 7 x86_64
  • Red Hat Software Collections (for RHEL Workstation) 1 for RHEL 7 x86_64
  • Red Hat Software Collections (for RHEL Workstation) 1 for RHEL 6 x86_64
  • Red Hat Software Collections (for RHEL Server) 1 for RHEL 7.7 x86_64
  • Red Hat Software Collections (for RHEL Server for System Z) 1 for RHEL 7.7 s390x
  • Red Hat Software Collections (for RHEL Server for IBM Power LE) 1 for RHEL 7.7 ppc64le
  • Red Hat Software Collections (for RHEL Server) 1 for RHEL 7.6 x86_64
  • Red Hat Software Collections (for RHEL Server for System Z) 1 for RHEL 7.6 s390x
  • Red Hat Software Collections (for RHEL Server for IBM Power LE) 1 for RHEL 7.6 ppc64le
  • Red Hat Software Collections (for RHEL Server) 1 for RHEL 7 x86_64
  • Red Hat Software Collections (for RHEL Server for System Z) 1 for RHEL 7 s390x
  • Red Hat Software Collections (for RHEL Server for IBM Power LE) 1 for RHEL 7 ppc64le
  • Red Hat Software Collections (for RHEL Server for ARM) 1 aarch64
  • Red Hat Software Collections (for RHEL Workstation) 1 for RHEL 7 x86_64
• qemu-kvm-rhev
  • Red Hat OpenStack 13 x86_64
  • Red Hat OpenStack for IBM Power 13 ppc64le

Threats:

Attacker could exploit these vulnerabilities by executing arbitrary code.

Best practice and Recommendations:

The CERT team encourages users to review Red Hat security advisory and apply the necessary updates:

• https://access.redhat.com/errata/RHSA-2020:4167
• https://access.redhat.com/errata/RHSA-2020:4172
• https://access.redhat.com/errata/RHSA-2020:4173
• https://access.redhat.com/errata/RHSA-2020:4174