Your review has been sent successfully

Red Hat Alert

2766
Classification
These posts contain security alerts, including digital loopholes, electronic attacks, technical updates, and they are classified base on the level of severity.

Critical

High

Medium

Low

Most Viewed Warnings

Dell EMC Alert

● Critical

F5 Alert

● High

IBM Alert

● Critical

Fortinet Alert

● High

Red Hat Alert

● High

حملات تصيدية تستهدف مايكروسوفت تيمز (Microsoft Teams)

● High

Warning Date

Severity Level

Warning Number

Target Sector

9 February, 2023

● Critical

2023-5448

All

Description:

Red Hat has released security alerts to address several vulnerabilities in the following product:

  • Red Hat Enterprise Linux Desktop
  • Red Hat Enterprise Linux for ARM 64
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support
  • Red Hat Enterprise Linux for IBM z Systems
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support
  • Red Hat Enterprise Linux for Power, big endian
  • Red Hat Enterprise Linux for Power, little endian
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support
  • Red Hat Enterprise Linux for Scientific Computing
  • Red Hat Enterprise Linux for x86_64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions
  • Red Hat Enterprise Linux Server
  • Red Hat Enterprise Linux Server - AUS
  • Red Hat Enterprise Linux Server - TUS
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions
  • Red Hat Enterprise Linux Workstation
  • Red Hat Fuse
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Container Platform for ARM 64
  • Red Hat OpenShift Container Platform for IBM Z and LinuxONE
  • Red Hat OpenShift Container Platform for Power
  • Red Hat Software Collections (for RHEL Server for IBM Power LE)
  • Red Hat Software Collections (for RHEL Server for System Z)
  • Red Hat Software Collections (for RHEL Server)
  • Red Hat Software Collections (for RHEL Workstation)
Threats:

An attacker could exploit these vulnerabilities by doing the following:

  • Privilege Elevation
  • Insufficient Entropy
  • Sandbox Bypass
  • Denial of Service Attack
  • Improper Authorization
  • CSRF Protection Bypass
  • Java Unsafe Deserialization
  • Stored XSS
  • Cross-site Request Forgery (CSRF)
  • Sensitive Information Disclosure
  • Lack of authentication mechanism in Git Plugin
  • Server-Side Request Forgery (SSRF)
  • use-after-free Leads to privilege elevation
  • Session Fixation
  • Use of Weak Hash
Best practice and Recommendations:

The CERT team encourages users to review Red Hat security advisory and update the affected product:

Last updated at 9 February, 2023

Rate the content

rate-icon
up icon