Red Hat Updates
1761Warning Date
Severity Level
Warning Number
Target Sector
9 September, 2021
● High
2021-3487
All
Description:
Red Hat has released security updates to address several vulnerabilities in the following products:
- Red Hat Virtualization Host
- Red Hat Virtualization 4 for RHEL 8 x86_64
- Red Hat Virtualization Host 4 for RHEL 8 x86_64
- Red Hat Virtualization for IBM Power LE 4 for RHEL 8 ppc64le
- OpenShift Container Platform 4.7.29
- Red Hat OpenShift Container Platform 4.7 for RHEL 8 x86_64
- Red Hat OpenShift Container Platform for Power 4.7 for RHEL 8 ppc64le
- Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.7 for RHEL 8 s390x
- Red Hat JBoss Enterprise Application Platform 7.3.9
- JBoss Enterprise Application Platform 7.3 for RHEL 6 x86_64
- JBoss Enterprise Application Platform 7.3 for RHEL 7 x86_64
- JBoss Enterprise Application Platform 7.3 for RHEL 8 x86_64
- JBoss Enterprise Application Platform Text-Only Advisories x86_64
- Red Hat Automation Platform 1.2.5
- Red Hat Ansible Automation Platform 1.2 x86_64
- Red Hat support for Spring Boot 2.3.10
- Red Hat Openshift Application Runtimes Text-Only Advisories x86_64
Threats:
Attacker could exploit these vulnerabilities by doing the following:
- Command injection
- Information disclosure
Best practice and Recommendations:
The CERT team encourages users to review Red Hat security advisory and apply the necessary updates:
- https://access.redhat.com/errata/RHSA-2021:3459
- https://access.redhat.com/errata/RHSA-2021:3303
- https://access.redhat.com/errata/RHSA-2021:3466
- https://access.redhat.com/errata/RHSA-2021:3467
- https://access.redhat.com/errata/RHSA-2021:3468
- https://access.redhat.com/errata/RHSA-2021:3471
- https://access.redhat.com/errata/RHSA-2021:3473
- https://access.redhat.com/errata/RHSA-2021:3425