Red Hat Updates
1849Warning Date
Severity Level
Warning Number
Target Sector
14 July, 2021
● Medium
2021-3178
All
Description:
Red Hat has released security updates to address several vulnerabilities in the following products:
- OpenShift Container Platform 4.6.38
- Red Hat OpenShift Container Platform 4.6 for RHEL 8 x86_64
- Red Hat OpenShift Container Platform for Power 4.6 for RHEL 8 ppc64le
- Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.6 for RHEL 8 s390x
- OpenShift Serverless 1.16.0
- Red Hat Openshift Serverless 1 x86_64
- OpenShift Serverless Client kn 1.16.0
- Red Hat Openshift Serverless 1 x86_64
- Red Hat OpenShift Serverless for IBM Power, little endian 1 ppc64le
- Red Hat OpenShift Serverless for IBM Z and LinuxONE 1 s390x
- Red Hat JBoss Enterprise Application Platform 7.3.8
- JBoss Enterprise Application Platform Text-Only Advisories x86_64
- Red Hat JBoss Enterprise Application Platform 7.3.8 on RHEL 8
- JBoss Enterprise Application Platform 7.3 for RHEL 8 x86_64
- Red Hat JBoss Enterprise Application Platform 7.3.8 on RHEL 7
- JBoss Enterprise Application Platform 7.3 for RHEL 7 x86_64
- Red Hat JBoss Enterprise Application Platform 7.3.8 on RHEL 6
- JBoss Enterprise Application Platform 7.3 for RHEL 6 x86_64
Threats:
Attacker could exploit these vulnerabilities by doing the following:
- Remote command execution
- Memory corruption
- Cross-site scripting (XSS)
Best practice and Recommendations:
The CERT team encourages users to review Red Hat security advisory and apply the necessary updates:
- https://access.redhat.com/errata/RHSA-2021:2643
- https://access.redhat.com/errata/RHSA-2021:2705
- https://access.redhat.com/errata/RHSA-2021:2704
- https://access.redhat.com/errata/RHSA-2021:2696
- https://access.redhat.com/errata/RHSA-2021:2694
- https://access.redhat.com/errata/RHSA-2021:2693
- https://access.redhat.com/errata/RHSA-2021:2692