Description:

Red Hat has released security updates to address vulnerabilities in the following products:

• Red Hat Enterprise Linux Server 7 x86_64, AUS 7.7 x86_64, TUS 7.7 x86_64, Extended Update Support 7.5 x86_64, Update Services for SAP Solutions 7.7 x86_64.
• Red Hat Enterprise Linux for IBM z Systems 7 s390x, 8 s390x, Extended Update Support 7.5 s390x, Extended Update Support 7.7 s390x.
• Red Hat Enterprise Linux for Power, big endian 7 ppc64, Extended Update Support 7.5 ppc64, Extended Update Support 7.7 ppc64.
• Red Hat Enterprise Linux EUS Compute Node 7.5 x86_64.
• Red Hat Enterprise Linux for Power, little endian 7 ppc64le, 8 ppc64le , Extended Update Support 7.5 ppc64le, Extended Update Support 7.7 ppc64le.
• Red Hat Enterprise Linux Desktop 7 x86_64.
• Red Hat Enterprise Linux Workstation 7 x86_64.
• Red Hat Enterprise Linux for Scientific Computing 7 x86_64.
• Red Hat Enterprise Linux EUS Compute Node 7.7 x86_64.
• Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 7.7 ppc64le.
• Red Hat Ceph Storage 3 x86_64, MON 3 x86_64, OSD 3 x86_64, for Power 3 ppc64le, MON for Power 3 ppc64le, OSD for Power 3 ppc64le.
• Red Hat OpenShift Container Platform 4.1 for RHEL 7 x86_64.
• Red Hat Enterprise Linux for x86_64 8 x86_64.
• Red Hat Enterprise Linux for ARM 64 8 aarch64.

Threats:

Attacker could exploit these vulnerabilities by doing the following:

• Unauthorized disclosure of information.
• Unauthorized modification.
• Disruption of service.
• Buffer overflow.
• Denial of service attack (DoS) – remotely.

Best practice and Recommendations:

The CERT team encourages users to review Red Hat security advisory and apply the necessary updates:

https://access.redhat.com/security/security-updates/#/