Description:

Red Hat has released a security update to address a vulnerabilities in the following products:

• dotNET on RHEL (for RHEL Server) 1 x86_64
• dotNET on RHEL (for RHEL Workstation) 1 x86_64
• dotNET on RHEL (for RHEL Compute Node) 1 x86_64
• Red Hat OpenShift Service Mesh 2.0 for RHEL 8 x86_64
• Red Hat OpenShift Service Mesh for Power 2.0 for RHEL 8 ppc64le
• Red Hat OpenShift Service Mesh for IBM Z 2.0 for RHEL 8 s390x
• Red Hat OpenShift Service Mesh 1.1 for RHEL 8 x86_64
• Red Hat OpenShift Service Mesh for Power 1.1 for RHEL 8 ppc64le
• Red Hat OpenShift Service Mesh for IBM Z 1.1 for RHEL 8 s390x
• Red Hat Enterprise Linux for x86_64 - Extended Update Support 7.7 x86_64
• Red Hat Enterprise Linux Server - AUS 7.7 x86_64
• Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 7.7 s390x
• Red Hat Enterprise Linux for Power, big endian - Extended Update Support 7.7 ppc64
• Red Hat Enterprise Linux EUS Compute Node 7.7 x86_64
• Red Hat Enterprise Linux for Power, little endian - Extended Update Support 7.7 ppc64le
• Red Hat Enterprise Linux Server - TUS 7.7 x86_64
• Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 7.7 ppc64le

Attacker could exploit these vulnerabilities by doing the following:

• Bypass of a protection mechanism
• Escalation of privilege

Best practice and Recommendations:

The CERT team encourages users to review Red Hat security advisory and apply the necessary updates:

• https://access.redhat.com/errata/RHSA-2021:1547
• https://access.redhat.com/errata/RHSA-2021:1546
• https://access.redhat.com/errata/RHSA-2021:1544
• https://access.redhat.com/errata/RHSA-2021:1540
• https://access.redhat.com/errata/RHSA-2021:1538
• https://access.redhat.com/errata/RHSA-2021:1531