Your review has been sent successfully

Red Hat Alert

175
Classification
These posts contain security alerts, including digital loopholes, electronic attacks, technical updates, and they are classified base on the level of severity.

Critical

High

Medium

Low

Warning Date

Severity Level

Warning Number

Target Sector

19 May, 2022

● High

2022-4857

All

Description:

Red Hat has released security updates to address several vulnerabilities in the following products,mainly:

  • container-tools:2.0
    • Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.2 x86_64
    • Red Hat Enterprise Linux Server - AUS 8.2 x86_64
    • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.2 s390x
    • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.2 ppc64le
    • Red Hat Enterprise Linux Server - TUS 8.2 x86_64
    • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.2 aarch64
    • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.2 ppc64le
    • Red Hat Enterprise Linux Server for x86_64 - Update Services for SAP Solutions 8.2 x86_64
  • kpatch-patch
    • Red Hat Enterprise Linux Server 7 x86_64
    • Red Hat Enterprise Linux for Power, little endian 7 ppc64le
  • pcs
    • Red Hat Enterprise Linux High Availability for x86_64 8 x86_64
    • Red Hat Enterprise Linux High Availability for x86_64 - Extended Update Support 8.6 x86_64
    • Red Hat Enterprise Linux Resilient Storage for x86_64 8 x86_64
    • Red Hat Enterprise Linux Resilient Storage for x86_64 - Extended Update Support 8.6 x86_64
    • Red Hat Enterprise Linux Resilient Storage for IBM z Systems 8 s390x
    • Red Hat Enterprise Linux High Availability for IBM z Systems 8 s390x
    • Red Hat Enterprise Linux Resilient Storage for Power, little endian 8 ppc64le
    • Red Hat Enterprise Linux Resilient Storage for IBM Power LE - Extended Update Support 8.6 ppc64le
    • Red Hat Enterprise Linux High Availability for Power, little endian 8 ppc64le
    • Red Hat Enterprise Linux High Availability (for IBM Power LE) - Extended Update Support 8.6 ppc64le
    • Red Hat Enterprise Linux High Availability for Power LE - Update Services for SAP Solutions 8.6 ppc64le
    • Red Hat Enterprise Linux High Availability for x86_64 - Update Services for SAP Solutions 8.6 x86_64
    • Red Hat Enterprise Linux High Availability for ARM 64 8 aarch64
    • Red Hat Enterprise Linux High Availability (for IBM z Systems) - Extended Update Support 8.6 s390x
    • Red Hat Enterprise Linux High Availability (for ARM 64) - Extended Update Support 8.6 aarch64
    • Red Hat Enterprise Linux Resilient Storage for IBM z Systems - Extended Update Support 8.6 s390x
    • Red Hat Enterprise Linux High Availability for x86_64 - Telecommunications Update Service 8.6 x86_64
  • Red Hat OpenShift GitOps
    • Red Hat OpenShift GitOps 1.3 x86_64
    • Red Hat OpenShift GitOps 1.5 x86_64
    • Red Hat OpenShift GitOps 1.4 x86_64
  • OpenShift Container Platform 4.9.33
    • Red Hat OpenShift Container Platform 4.9 for RHEL 8 x86_64
    • Red Hat OpenShift Container Platform 4.9 for RHEL 7 x86_64
    • Red Hat OpenShift Container Platform for Power 4.9 for RHEL 8 ppc64le
    • Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.9 for RHEL 8 s390x
    • Red Hat OpenShift Container Platform for ARM 64 4.9 aarch

Threats:

An attacker could exploit these vulnerabilities by doing the following:

  • Cross-site scripting (XSS)
  • Escalation of privilege

Best practice and Recommendations:

The CERT team encourages users to review Red Hat security advisory and apply the necessary updates:

Last updated at 19 May, 2022

Rate the content

rate-icon
up icon