Red Hat Updates
2473Warning Date
Severity Level
Warning Number
Target Sector
9 March, 2021
● High
2021-2585
All
Description:
Red Hat has released security updates to address several vulnerabilities in the following products:
- nodejs:10
- Red Hat Enterprise Linux Server – TUS
- Red Hat Enterprise Linux for x86_64 - Extended Update Support
- nodejs:12
- Red Hat Enterprise Linux for x86_64 - Extended Update Support
- Red Hat Enterprise Linux Server – TUS
- nodejs:14
- Red Hat Enterprise Linux for x86_64
- screen
- Red Hat Enterprise Linux Workstation
- virt:8.2 and virt-devel:8.2
- Red Hat Enterprise Linux Advanced Virtualization (for RHEL Server for IBM System Z)
- Red Hat Enterprise Linux Advanced Virtualization
- Red Hat Enterprise Linux Advanced Virtualization (for RHEL Server for IBM Power LE)
Threats:
Attacker could exploit these vulnerabilities by doing the following:
- Escalation of privilege
- Execute arbitrary code
- Denial of service attack (DoS)
Best practice and Recommendations:
The CERT team encourages users to review Red Hat security advisory and apply the necessary updates:
- https://access.redhat.com/errata/RHSA-2021:0738
- https://access.redhat.com/errata/RHSA-2021:0739
- https://access.redhat.com/errata/RHSA-2021:0740
- https://access.redhat.com/errata/RHSA-2021:0741
- https://access.redhat.com/errata/RHSA-2021:0742
- https://access.redhat.com/errata/RHSA-2021:0743
- https://access.redhat.com/errata/RHSA-2021:0744