Red Hat Updates
1715Warning Date
Severity Level
Warning Number
Target Sector
2 September, 2020
● High
2020-1713
All
Description:
Red Hat has released security updates to address vulnerabilities in the following products:
- virt:8.2 and virt-devel:8.2
- Red Hat Enterprise Linux Advanced Virtualization (for RHEL Server for IBM System Z)
- Red Hat Enterprise Linux Advanced Virtualization
- Red Hat JBoss Fuse/A-MQ 6.3 R17
- Red Hat JBoss Middleware
- Libvncserve
- Red Hat Enterprise Linux Server - Update Services for SAP Solutions
- kernel
- Red Hat Enterprise Linux Server – TUS
- OpenShift Container Platform 4.4.19 openshift
- Red Hat OpenShift Container Platform
- OpenShift Container Platform 4.4.19 openshift-enterprise-hyperkube-container
- Red Hat OpenShift Container Platform for IBM Z and LinuxONE
- Red Hat OpenShift Container Platform for Power
- Red Hat OpenShift Container Platform
- Ansible
- Red Hat Ansible Engine
Threats:
Attacker could exploit these vulnerabilities by doing the following:
- Denial of service attack (DoS)
- Execute arbitrary code
- Escalation of privilege
- Unauthorized disclosure of information
Best practice and Recommendations:
The CERT team encourages users to review Red Hat security advisory and apply the necessary updates:
- https://access.redhat.com/errata/RHSA-2020:3586
- https://access.redhat.com/errata/RHSA-2020:3587
- https://access.redhat.com/errata/RHSA-2020:3588
- https://access.redhat.com/errata/RHSA-2020:3598
- https://access.redhat.com/errata/RHSA-2020:3579
- https://access.redhat.com/errata/RHSA-2020:3580
- https://access.redhat.com/errata/RHSA-2020:3600
- https://access.redhat.com/errata/RHSA-2020:3601
- https://access.redhat.com/errata/RHSA-2020:3602