Advisory for RedHat Security Updates

  • NIC-CERT/2022-10/424
  • Date: 2022-10-10
  • CVE ID: Multiple
  • Severity: High

A. Description:

A vulnerability has been found in redhat products which could allow an attacker to take control of the affected system.

B. Security Issues Fixed:

Red Hat has rolled out security updates which consist of OpenVSwitch, squid, expat.

C. Affected Products & Solution:

CVE

Product

Synopsis

CVE-2022-2132

Red Hat Enterprise Linux Fast Datapath 7 x86_64

Red Hat Enterprise Linux Fast Datapath (for RHEL Server for IBM Power LE) 7 ppc64le

Red Hat Enterprise Linux Fast Datapath (for IBM z Systems) 7 s390x

openvswitch2.11 security update

CVE-2022-41318

Red Hat Enterprise Linux for x86_64 9 x86_64

Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.0 x86_64

Red Hat Enterprise Linux for IBM z Systems 9 s390x

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.0 s390x

Red Hat Enterprise Linux for Power, little endian 9 ppc64le

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.0 ppc64le

Red Hat Enterprise Linux for ARM 64 9 aarch64

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.0 aarch64

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0 ppc64le

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0 x86_64

Red Hat Enterprise Linux Server for ARM 64 - 4 years of updates 9.0 aarch64

Red Hat Enterprise Linux Server for IBM z Systems - 4 years of updates 9.0 s390x

squid security update

CVE-2022-40674

Red Hat Enterprise Linux for x86_64 9 x86_64

Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.0 x86_64

Red Hat Enterprise Linux for IBM z Systems 9 s390x

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.0 s390x

Red Hat Enterprise Linux for Power, little endian 9 ppc64le

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.0 ppc64le

Red Hat Enterprise Linux for ARM 64 9 aarch64

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.0 aarch64

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0 ppc64le

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0 x86_64

Red Hat Enterprise Linux Server for ARM 64 - 4 years of updates 9.0 aarch64

Red Hat Enterprise Linux Server for IBM z Systems - 4 years of updates 9.0 s390x

expat security update

CVE-2021-22569

CVE-2021-37136

CVE-2021-37137

CVE-2021-41269

CVE-2022-0235

CVE-2022-0536

CVE-2022-0981

CVE-2022-21724

CVE-2022-23647

CVE-2022-24771

CVE-2022-24772

CVE-2022-24773

CVE-2022-25647

CVE-2022-25857

CVE-2022-25858

CVE-2022-26520

CVE-2022-31129

CVE-2022-37734

Red Hat Integration - Service Registry 1 x86_64

Service Registry (container images) release and security update [2.3.0.GA]

CVE-2022-40674

Red Hat Enterprise Linux Server 7 x86_64

Red Hat Enterprise Linux Workstation 7 x86_64

Red Hat Enterprise Linux Desktop 7 x86_64

Red Hat Enterprise Linux for IBM z Systems 7 s390x

Red Hat Enterprise Linux for Power, big endian 7 ppc64

Red Hat Enterprise Linux for Scientific Computing 7 x86_64

Red Hat Enterprise Linux for Power, little endian 7 ppc64le

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.1 ppc64le

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.1 x86_64

Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.2 x86_64

Red Hat Enterprise Linux Server - AUS 8.2 x86_64

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.2 s390x

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.2 ppc64le

Red Hat Enterprise Linux Server - TUS 8.2 x86_64

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.2 aarch64

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.2 ppc64le

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.2 x86_64

Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.4 x86_64

Red Hat Enterprise Linux Server - AUS 8.4 x86_64

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.4 s390x

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.4 ppc64le

Red Hat Enterprise Linux Server - TUS 8.4 x86_64

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.4 aarch64

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.4 ppc64le

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.4 x86_64

expat security update

CVE-2022-25857

Red Hat Enterprise Linux for x86_64 8 x86_64

Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.6 x86_64

Red Hat Enterprise Linux Server - AUS 8.6 x86_64

Red Hat Enterprise Linux for IBM z Systems 8 s390x

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.6 s390x

Red Hat Enterprise Linux for Power, little endian 8 ppc64le

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.6 ppc64le

Red Hat Enterprise Linux Server - TUS 8.6 x86_64

Red Hat Enterprise Linux for ARM 64 8 aarch64

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.6 aarch64

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.6 ppc64le

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.6 x86_64

prometheus-jmx-exporter security update

CVE-2022-1259 CVE-2022-2053 CVE-2022-25857

JBoss Enterprise Application Platform Text-Only Advisories x86_64

Red Hat JBoss Enterprise Application Platform 7.4.7 Security update

CVE-2022-25857 CVE-2022-37734 CVE-2022-38749 CVE-2022-38750 CVE-2022-38751 CVE-2022-38752

Red Hat Openshift Application Runtimes Text-Only Advisories x86_64

Red Hat build of Eclipse Vert.x 4.3.3 security update

CVE-2020-36518 CVE-2022-24823 CVE-2022-25647 CVE-2022-34917

Red Hat JBoss Middleware Text-Only Advisories for MIDDLEWARE 1 x86_64

Red Hat AMQ Streams 2.2.0 release and security update

CVE-2022-41318

Red Hat Enterprise Linux Server 7 x86_64

Red Hat Enterprise Linux Workstation 7 x86_64

Red Hat Enterprise Linux for IBM z Systems 7 s390x

Red Hat Enterprise Linux for Power, big endian 7 ppc64

Red Hat Enterprise Linux for Power, little endian 7 ppc64le

squid security update

CVE-2020-7746

CVE-2020-36518

CVE-2021-23436

CVE-2021-44906

CVE-2022-0235

CVE-2022-0722

CVE-2022-1365

CVE-2022-1650

CVE-2022-2458

CVE-2022-21363

CVE-2022-21724

CVE-2022-23437

CVE-2022-23913

CVE-2022-24771

CVE-2022-24772

CVE-2022-24785

CVE-2022-26520

CVE-2022-31129

Red Hat JBoss Middleware Text-Only Advisories for MIDDLEWARE 1 x86_64

Red Hat Process Automation Manager 7.13.1 security update

CVE-2020-36518

CVE-2021-42392

CVE-2021-43797

CVE-2022-0084

CVE-2022-0225

CVE-2022-0866

CVE-2022-2256

CVE-2022-2668

Red Hat Single Sign-On Text-Only Advisories x86_64

Red Hat Single Sign-On 7.5.3 security update

CVE-2022-3080

CVE-2022-38177

CVE-2022-38178

Red Hat Enterprise Linux for x86_64 8 x86_64

Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.6 x86_64

Red Hat Enterprise Linux Server - AUS 8.6 x86_64

Red Hat Enterprise Linux for IBM z Systems 8 s390x

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.6 s390x

Red Hat Enterprise Linux for Power, little endian 8 ppc64le

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.6 ppc64le

Red Hat Enterprise Linux Server - TUS 8.6 x86_64

Red Hat Enterprise Linux for ARM 64 8 aarch64

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.6 ppc64le

Red Hat CodeReady Linux Builder for x86_64 8 x86_64

Red Hat CodeReady Linux Builder for Power, little endian 8 ppc64le

Red Hat CodeReady Linux Builder for ARM 64 8 aarch64

Red Hat CodeReady Linux Builder for IBM z Systems 8 s390x

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.6 aarch64

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.6 x86_64

Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.6 x86_64

Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.6 ppc64le

Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 8.6 s390x

Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.6 aarch64

bind9.16 security update

CVE-2022-38177

CVE-2022-38178

Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.2 x86_64

Red Hat Enterprise Linux Server - AUS 8.2 x86_64

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.2 s390x

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.2 ppc64le

Red Hat Enterprise Linux Server - TUS 8.2 x86_64

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.2 aarch64

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.2 ppc64le

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.2 x86_64

Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.4 x86_64

Red Hat Enterprise Linux Server - AUS 8.4 x86_64

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.4 s390x

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.4 ppc64le

Red Hat Enterprise Linux Server - TUS 8.4 x86_64

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.4 aarch64

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.4 ppc64le

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.4 x86_64

Red Hat Enterprise Linux for x86_64 8 x86_64

Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.6 x86_64

Red Hat Enterprise Linux Server - AUS 8.6 x86_64

Red Hat Enterprise Linux for IBM z Systems 8 s390x

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.6 s390x

Red Hat Enterprise Linux for Power, little endian 8 ppc64le

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.6 ppc64le

Red Hat Enterprise Linux Server - TUS 8.6 x86_64

Red Hat Enterprise Linux for ARM 64 8 aarch64

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.6 aarch64

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.6 ppc64le

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.6 x86_64

bind security update

CVE-2022-41318

Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.2 x86_64

Red Hat Enterprise Linux Server - AUS 8.2 x86_64

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.2 s390x

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.2 ppc64le

Red Hat Enterprise Linux Server - TUS 8.2 x86_64

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.2 aarch64

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.2 ppc64le

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.2 x86_64

Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.4 x86_64

Red Hat Enterprise Linux Server - AUS 8.4 x86_64

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.4 s390x

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.4 ppc64le

Red Hat Enterprise Linux Server - TUS 8.4 x86_64

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.4 aarch64

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.4 ppc64le

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.4 x86_64

Red Hat Enterprise Linux for x86_64 8 x86_64

Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.6 x86_64

Red Hat Enterprise Linux Server - AUS 8.6 x86_64

Red Hat Enterprise Linux for IBM z Systems 8 s390x

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.6 s390x

Red Hat Enterprise Linux for Power, little endian 8 ppc64le

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.6 ppc64le

Red Hat Enterprise Linux Server - TUS 8.6 x86_64

Red Hat Enterprise Linux for ARM 64 8 aarch64

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.6 aarch64

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.6 ppc64le

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.6 x86_64

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.1 ppc64le

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.1 x86_64

squid:4 security update

Users are advised to visit following URL and follow the steps to apply fixes.

https://access.redhat.com/articles/11258

D. References:

https://access.redhat.com/security/security-updates/#/

https://access.redhat.com/security/updates/classification/#important