Advisory for RedHat Security Updates

  • NIC-CERT/2022-08/334
  • Date: 2022-08-01
  • CVE ID: Multiple
  • Severity: Critical

A. Description:

A vulnerability has been found in redhat products which could allow an attacker to take control of the affected system.

B. Security Issues Fixed:

Red Hat has rolled out various security updates which consist of RHEL Server and Workstation, OpenJDK Java, Red Hat Open Shift, SQL injection, improper restriction etc.

C. Affected Products & Solution:

CVE

Product

Synopsis

CVE-2021-46659 CVE-2021-46661 CVE-2021-46663 CVE-2021-46664 CVE-2021-46665 CVE-2021-46668 CVE-2021-46669 CVE-2022-24048 CVE-2022-24050 CVE-2022-24051 CVE-2022-24052 CVE-2022-27376 CVE-2022-27377 CVE-2022-27378 CVE-2022-27379 CVE-2022-27380 CVE-2022-27381 CVE-2022-27382 CVE-2022-27383 CVE-2022-27384 CVE-2022-27386 CVE-2022-27387 CVE-2022-27444 CVE-2022-27445 CVE-2022-27446 CVE-2022-27447 CVE-2022-27448 CVE-2022-27449 CVE-2022-27451 CVE-2022-27452 CVE-2022-27455 CVE-2022-27456 CVE-2022-27457 CVE-2022-27458 CVE-2022-31622 CVE-2022-31623 CVE-2022-32083 CVE-2022-32085 CVE-2022-32086 CVE-2022-32087 CVE-2022-32088

Red Hat Software Collections (for RHEL Server) 1 for RHEL 7 x86_64

Red Hat Software Collections (for RHEL Workstation) 1 for RHEL 7 x86_64

rh-mariadb105-galera and rh-mariadb105-mariadb security and bugfix update

CVE-2022-21540 CVE-2022-21541 CVE-2022-21549 CVE-2022-34169

OpenJDK Java (for Middleware) 1 x86_64

OpenJDK 17.0.4 Security Update for Portable Linux Builds and Windows Builds

CVE-2022-21540 CVE-2022-21541 CVE-2022-34169

OpenJDK Java (for Middleware) 1 x86_64

OpenJDK 11.0.16 security update for Portable Linux Builds and Windows Builds

CVE-2022-21540 CVE-2022-21541 CVE-2022-34169

OpenJDK Java (for Middleware) 1 x86_64

OpenJDK 8u342 Windows builds release and security update

CVE-2018-25032 CVE-2021-3634 CVE-2021-40528 CVE-2022-1271 CVE-2022-22576 CVE-2022-27774 CVE-2022-27776 CVE-2022-27782 CVE-2022-29526 CVE-2022-29824

Secondary Scheduler Operator for Red Hat OpenShift (OSSO) 1.0 x86_64

Secondary Scheduler Operator for Red Hat OpenShift 1.0.1 security update

CVE-2022-34265

Red Hat Update Infrastructure 4 x86_64

Django 3.2.14 Security Update

CVE-2022-21540

CVE-2022-21541

CVE-2022-21549

CVE-2022-34169

Red Hat Enterprise Linux for x86_64 9 x86_64

Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.0 x86_64

Red Hat Enterprise Linux for IBM z Systems 9 s390x

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.0 s390x

Red Hat Enterprise Linux for Power, little endian 9 ppc64le

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.0 ppc64le

Red Hat Enterprise Linux for ARM 64 9 aarch64

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0 ppc64le

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0 x86_64

Red Hat CodeReady Linux Builder for x86_64 9 x86_64

Red Hat CodeReady Linux Builder for Power, little endian 9 ppc64le

Red Hat CodeReady Linux Builder for ARM 64 9 aarch64

Red Hat CodeReady Linux Builder for IBM z Systems 9 s390x

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.0 aarch64

Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 9.0 x86_64

Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 9.0 ppc64le

Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 9.0 s390x

Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 9.0 aarch64

Red Hat Enterprise Linux Server for ARM 64 - 4 years of updates 9.0 aarch64

Red Hat Enterprise Linux Server for IBM z Systems - 4 years of updates 9.0 s390x

Users are advised to visit following URL and follow the steps to apply fixes.

https://access.redhat.com/articles/11258

https://access.redhat.com/documentation/en-us/openjdk/17/html/installing_and_using_openjdk_17_on_rhel/installing-openjdk11-on-rhel8_openjdk#installing-jdk11-on-rhel-using-archive_openjdk

https://access.redhat.com/documentation/en-us/openjdk/17/html/installing_and_using_openjdk_17_for_windows/index

https://access.redhat.com/documentation/en-us/openjdk/11/html/installing_and_using_openjdk_11_for_windows/index

https://docs.openshift.com/container-platform/4.10/nodes/scheduling/secondary_scheduler/nodes-secondary-scheduler-release-notes.html#secondary-scheduler-operator-release-notes-1.0.1

D. References:

https://access.redhat.com/security/security-updates/#/

https://access.redhat.com/security/updates/classification/#important