Red Hat Updates
1748Warning Date
Severity Level
Warning Number
Target Sector
24 November, 2021
● High
2021-3930
All
Description:
Red Hat has released security updates to address serveral vulnerabilities in the following products:
- OpenShift Serverless Client kn 1.19.0
- Red Hat OpenShift Serverless for IBM Z and LinuxONE
- Red Hat Openshift Serverless
- OpenShift Serverless 1.19.0
- Red Hat Openshift Serverless
- Red Hat Integration Camel Extensions for Quarkus GA
- Red Hat Integration
- kernel
- Red Hat Enterprise Linux Server - AUS
- Red Hat Enterprise Linux Workstation
- kpatch-patch
- Red Hat Enterprise Linux Server - TUS
- kernel-rt
- Red Hat Enterprise Linux for Real Time
- kpatch-patch
- Red Hat Enterprise Linux Server
- Red Hat Enterprise Linux for Power, little endian
- mailman:2.1
- Red Hat Enterprise Linux for x86_64
- Red Hat Enterprise Linux for IBM z Systems
Threats:
An attacker could exploit these vulnerabilities by doing the following:
- Cross-site request forgery (CSRF)
- Denial of service attack (DoS)
- Escalation of privilege
- Sensitive information disclosure
Best practice and Recommendations:
The CERT team encourages users to review Red Hat security advisory and apply the necessary updates:
- https://access.redhat.com/errata/RHSA-2021:4765
- https://access.redhat.com/errata/RHSA-2021:4766
- https://access.redhat.com/errata/RHSA-2021:4767
- https://access.redhat.com/errata/RHSA-2021:4768
- https://access.redhat.com/errata/RHSA-2021:4773
- https://access.redhat.com/errata/RHSA-2021:4774
- https://access.redhat.com/errata/RHSA-2021:4777
- https://access.redhat.com/errata/RHSA-2021:4779
- https://access.redhat.com/errata/RHSA-2021:4798
- https://access.redhat.com/errata/RHSA-2021:4826