Advisory for RedHat Security Updates
- NIC-CERT/2022-08/334
- Date: 2022-08-01
- CVE ID: Multiple
- Severity: Critical
Advisory for RedHat Security Updates
A. Description:
A vulnerability has been found in redhat products which could allow an attacker to take control of the affected system.
B. Security Issues Fixed:
Red Hat has rolled out various security updates which consist of RHEL Server and Workstation, OpenJDK Java, Red Hat Open Shift, SQL injection, improper restriction etc.
C. Affected Products & Solution:
|
CVE |
Product |
Synopsis |
|
CVE-2021-46659 CVE-2021-46661 CVE-2021-46663 CVE-2021-46664 CVE-2021-46665 CVE-2021-46668 CVE-2021-46669 CVE-2022-24048 CVE-2022-24050 CVE-2022-24051 CVE-2022-24052 CVE-2022-27376 CVE-2022-27377 CVE-2022-27378 CVE-2022-27379 CVE-2022-27380 CVE-2022-27381 CVE-2022-27382 CVE-2022-27383 CVE-2022-27384 CVE-2022-27386 CVE-2022-27387 CVE-2022-27444 CVE-2022-27445 CVE-2022-27446 CVE-2022-27447 CVE-2022-27448 CVE-2022-27449 CVE-2022-27451 CVE-2022-27452 CVE-2022-27455 CVE-2022-27456 CVE-2022-27457 CVE-2022-27458 CVE-2022-31622 CVE-2022-31623 CVE-2022-32083 CVE-2022-32085 CVE-2022-32086 CVE-2022-32087 CVE-2022-32088 |
Red Hat Software Collections (for RHEL Server) 1 for RHEL 7 x86_64 Red Hat Software Collections (for RHEL Workstation) 1 for RHEL 7 x86_64 |
rh-mariadb105-galera and rh-mariadb105-mariadb security and bugfix update |
|
CVE-2022-21540 CVE-2022-21541 CVE-2022-21549 CVE-2022-34169 |
OpenJDK Java (for Middleware) 1 x86_64 |
OpenJDK 17.0.4 Security Update for Portable Linux Builds and Windows Builds |
|
CVE-2022-21540 CVE-2022-21541 CVE-2022-34169 |
OpenJDK Java (for Middleware) 1 x86_64 |
OpenJDK 11.0.16 security update for Portable Linux Builds and Windows Builds |
|
CVE-2022-21540 CVE-2022-21541 CVE-2022-34169 |
OpenJDK Java (for Middleware) 1 x86_64 |
OpenJDK 8u342 Windows builds release and security update |
|
CVE-2018-25032 CVE-2021-3634 CVE-2021-40528 CVE-2022-1271 CVE-2022-22576 CVE-2022-27774 CVE-2022-27776 CVE-2022-27782 CVE-2022-29526 CVE-2022-29824 |
Secondary Scheduler Operator for Red Hat OpenShift (OSSO) 1.0 x86_64 |
Secondary Scheduler Operator for Red Hat OpenShift 1.0.1 security update |
|
CVE-2022-34265 |
Red Hat Update Infrastructure 4 x86_64 |
Django 3.2.14 Security Update |
|
CVE-2022-21540 CVE-2022-21541 CVE-2022-21549 CVE-2022-34169 |
Red Hat Enterprise Linux for x86_64 9 x86_64 Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.0 x86_64 Red Hat Enterprise Linux for IBM z Systems 9 s390x Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.0 s390x Red Hat Enterprise Linux for Power, little endian 9 ppc64le Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.0 ppc64le Red Hat Enterprise Linux for ARM 64 9 aarch64 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0 ppc64le Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0 x86_64 Red Hat CodeReady Linux Builder for x86_64 9 x86_64 Red Hat CodeReady Linux Builder for Power, little endian 9 ppc64le Red Hat CodeReady Linux Builder for ARM 64 9 aarch64 Red Hat CodeReady Linux Builder for IBM z Systems 9 s390x Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.0 aarch64 Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 9.0 x86_64 Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 9.0 ppc64le Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 9.0 s390x Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 9.0 aarch64 Red Hat Enterprise Linux Server for ARM 64 - 4 years of updates 9.0 aarch64 Red Hat Enterprise Linux Server for IBM z Systems - 4 years of updates 9.0 s390x |
Users are advised to visit following URL and follow the steps to apply fixes.
https://access.redhat.com/articles/11258
https://access.redhat.com/documentation/en-us/openjdk/17/html/installing_and_using_openjdk_17_on_rhel/installing-openjdk11-on-rhel8_openjdk#installing-jdk11-on-rhel-using-archive_openjdk
https://access.redhat.com/documentation/en-us/openjdk/17/html/installing_and_using_openjdk_17_for_windows/index
https://access.redhat.com/documentation/en-us/openjdk/11/html/installing_and_using_openjdk_11_for_windows/index
https://docs.openshift.com/container-platform/4.10/nodes/scheduling/secondary_scheduler/nodes-secondary-scheduler-release-notes.html#secondary-scheduler-operator-release-notes-1.0.1
D. References:
https://access.redhat.com/security/security-updates/#/
https://access.redhat.com/security/updates/classification/#important
