Description:

Red Hat has released security updates to address vulnerabilities in the following products:

• Red Hat CodeReady Linux Builder for Power, little endian 8 ppc64le.
• Red Hat Enterprise Linux Workstation 7 x86_64.
• Red Hat Enterprise Linux Desktop 7 x86_64.
• Red Hat Enterprise Linux for IBM z Systems 7 s390x, 8 s390x.
• Red Hat Enterprise Linux for Power, big endian 7 ppc64, Extended Update Support 7.7 ppc64.
• Red Hat Enterprise Linux for Scientific Computing 7 x86_64.
• Red Hat Enterprise Linux for Power, little endian 7 ppc64le, 8 ppc64le, Extended Update Support 7.7 ppc64le.
• Red Hat Enterprise Linux for IBM z Systems 7 s390x, Extended Update Support 7.7 s390x.
• Red Hat Enterprise Linux EUS Compute Node 7.7 x86_64.
• Red Hat Enterprise Linux for x86_64 8 x86_64.
• Red Hat Enterprise Linux for ARM 64 8 aarch64.
• Red Hat CodeReady Linux Builder for x86_64 8 x86_64.
• Red Hat Enterprise Linux Server 7 x86_64, Extended Update Support 7.7 x86_64, AUS 7.7 x86_64, TUS 7.7 x86_, (for IBM Power LE) - Update Services for SAP Solutions 7.7 ppc64le, Update Services for SAP Solutions 7.7 x86_64.

Threats:

Attacker could exploit these vulnerabilities by doing the following:

• Denial of service attack (DoS).
• Escalation of privilege.
• Unauthorized disclosure of information.
• Execute arbitrary code

Best practice and Recommendations:

The CERT team encourages users to review Red Hat security advisory and apply the necessary updates: https://access.redhat.com/security/security-updates/#/