Description:

Red Hat has released security updates to address several vulnerabilities in the following products:

• Logging Subsystem for Red Hat OpenShift 5 x86_64
• Logging Subsystem for Red Hat OpenShift for IBM Power, little endian 5 ppc64le
• Logging Subsystem for Red Hat OpenShift for IBM Z and LinuxONE 5 s390x
• Logging Subsystem for Red Hat OpenShift for ARM 64 5 aarch64
• Red Hat Satellite 6.9 x86_64
• Red Hat Satellite Capsule 6.9 x86_64
• Red Hat JBoss Core Services Text-Only Advisories x86_64
• Red Hat JBoss Core Services 1 for RHEL 8 x86_64
• Red Hat JBoss Core Services 1 for RHEL 7 x86_64
• Red Hat Enterprise Linux for x86_64 8 x86_64
• Red Hat Enterprise Linux for IBM z Systems 8 s390x
• Red Hat Enterprise Linux for Power, little endian 8 ppc64le
• Red Hat Enterprise Linux for ARM 64 8 aarch64
• Red Hat CodeReady Linux Builder for x86_64 8 x86_64
• Red Hat CodeReady Linux Builder for Power, little endian 8 ppc64le
• Red Hat CodeReady Linux Builder for ARM 64 8 aarch64
• Red Hat CodeReady Linux Builder for IBM z Systems 8 s390x
• Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.1 ppc64le
• Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.1 x86_64
• Red Hat Enterprise Linux for x86_64 8 x86_64
• Red Hat Enterprise Linux for IBM z Systems 8 s390x
• Red Hat Enterprise Linux for Power, little endian 8 ppc64le
• Red Hat Enterprise Linux for ARM 64 8 aarch64
• Red Hat CodeReady Linux Builder for x86_64 8 x86_64
• Red Hat CodeReady Linux Builder for Power, little endian 8 ppc64le
• Red Hat CodeReady Linux Builder for ARM 64 8 aarch64
• Red Hat CodeReady Linux Builder for IBM z Systems 8 s390x
• Red Hat OpenShift Container Platform 4.7 for RHEL 8 x86_64
• Red Hat OpenShift Container Platform 4.7 for RHEL 7 x86_64
• Red Hat OpenShift Container Platform for Power 4.7 for RHEL 8 ppc64le
• Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.7 for RHEL 8 s390x

Threats:

An attacker could exploit these vulnerabilities by doing the following:

• Denial of service attack (DoS)
• Buffer overflow

Best practice and Recommendations:

The CERT team encourages users to review Red Hat security advisory and apply the necessary updates:

• https://access.redhat.com/errata/RHSA-2022:1461
• https://access.redhat.com/errata/RHSA-2022:1478
• https://access.redhat.com/errata/RHSA-2022:1390
• https://access.redhat.com/errata/RHSA-2022:1389
• https://access.redhat.com/errata/RHSA-2022:1442
• https://access.redhat.com/errata/RHSA-2022:1444
• https://access.redhat.com/errata/RHSA-2022:1445
• https://access.redhat.com/errata/RHSA-2022:1440
• https://access.redhat.com/errata/RHSA-2022:1443
• https://access.redhat.com/errata/RHSA-2022:1441
• https://access.redhat.com/errata/RHSA-2022:1336