Security Advisory for Red Hat Security Update

  • NIC-CERT/2022-04/210
  • Date: 2022-04-29
  • CVE ID: Multiple
  • Severity: High

A. Description:

Red Hat has released security updates to fix vulnerabilities in multiple products. An attacker could exploit these vulnerabilities to compromise the target server and execute privileged commands.

B. Security Issues Fixed:

Red Hat has fixed multiple vulnerabilities like Remote Code Execution(RCE) etc.

C. Affected Products & Solution:

CVE

Product

Synopsis

CVE-2022-25235

Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.4 x86_64

Red Hat Enterprise Linux Server - AUS 8.4 x86_64

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.4 s390x

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.4 ppc64le

Red Hat Enterprise Linux Server - TUS 8.4 x86_64

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.4 aarch64

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.4 ppc64le

Red Hat Enterprise Linux Server for x86_64 - Update Services for SAP Solutions 8.4 x86_64

Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.4 x86_64

Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.4 ppc64le

Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 8.4 s390x

Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.4 aarch64

Red Hat Enterprise Linux for ARM 64 8 aarch64

xmlrpc-c security update

CVE-2018-25032

Red Hat Enterprise Linux for x86_64 8 x86_64

Red Hat Enterprise Linux for IBM z Systems 8 s390x

Red Hat Enterprise Linux for Power, little endian 8 ppc64le

Red Hat Enterprise Linux for ARM 64 8 aarch64

Red Hat CodeReady Linux Builder for x86_64 8 x86_64

Red Hat CodeReady Linux Builder for Power, little endian 8 ppc64le

Red Hat CodeReady Linux Builder for ARM 64 8 aarch64

Red Hat CodeReady Linux Builder for IBM z Systems 8 s390x

zlib security update

CVE-2021-44716

Red Hat Gluster Storage Web Administration (for RHEL Server) 3.1 x86_64

web-admin-build security update

CVE-2021-43859

CVE-2022-25173

CVE-2022-25174

CVE-2022-25175

CVE-2022-25176

CVE-2022-25177

CVE-2022-25178

CVE-2022-25179

CVE-2022-25180

CVE-2022-25181

CVE-2022-25182

CVE-2022-25183

CVE-2022-25184

Red Hat OpenShift Container Platform 3.11 x86_64

Red Hat OpenShift Container Platform for Power 3.11 ppc64le

OpenShift Container Platform 3.11.685 security and bug fix update

CVE-2022-0435

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.1 ppc64le

Red Hat Enterprise Linux Server for x86_64 - Update Services for SAP Solutions 8.1 x86_64

kpatch-patch security update

CVE-2022-0852

Convert2RHEL 6 x86_64

Convert2RHEL 7 x86_64

Convert2RHEL 8 x86_64

convert2rhel security update


Users are advised to visit following URL and follow the steps to apply fixes.

https://access.redhat.com/articles/11258


D. References:

https://access.redhat.com/security/security-updates/#/