Advisory for RedHat Security Updates

  • NIC-CERT/2022-10/430
  • Date: 2022-10-12
  • CVE ID: Multiple
  • Severity: Low

A. Description:

A vulnerability has been found in redhat products which could allow an attacker to take control of the affected system.

B. Security Issues Fixed:

Red Hat has rolled out various security updates which consist of OpenShift Virtualization, expat, kernel, ruby.

C. Affected Products & Solution:

CVE

Product

Synopsis

CVE-2018-25032

CVE-2022-0494

CVE-2022-1271

CVE-2022-1353

CVE-2022-1798

CVE-2022-2526

CVE-2022-23852

CVE-2022-29154

Red Hat Container Native Virtualization 4.8 for RHEL 8 x86_64

Red Hat Container Native Virtualization 4.8 for RHEL 7 x86_64

OpenShift Virtualization 4.8.7 Images bug fixes and security update

CVE-2022-40674

Red Hat Enterprise Linux for x86_64 8 x86_64

Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.6 x86_64

Red Hat Enterprise Linux Server - AUS 8.6 x86_64

Red Hat Enterprise Linux for IBM z Systems 8 s390x

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.6 s390x

Red Hat Enterprise Linux for Power, little endian 8 ppc64le

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.6 ppc64le

Red Hat Enterprise Linux Server - TUS 8.6 x86_64

Red Hat Enterprise Linux for ARM 64 8 aarch64

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.6 aarch64

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.6 ppc64le

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.6 x86_64

expat security update

CVE-2022-2588

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.1 ppc64le

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.1 x86_64

kpatch-patch security update

CVE-2022-2588

CVE-2022-21123

CVE-2022-21125

CVE-2022-21166

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.1 ppc64le

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.1 x86_64

kernel security update

CVE-2021-41816

CVE-2021-41817

CVE-2021-41819

CVE-2022-28738

CVE-2022-28739

Red Hat Software Collections (for RHEL Server) 1 for RHEL 7 x86_64

Red Hat Software Collections (for RHEL Server for System Z) 1 for RHEL 7 s390x

Red Hat Software Collections (for RHEL Server for IBM Power LE) 1 for RHEL 7 ppc64le

Red Hat Software Collections (for RHEL Workstation) 1 for RHEL 7 x86_64

rh-ruby30-ruby security, bug fix, and enhancement update

CVE-2021-41816

CVE-2021-41817

CVE-2021-41819

CVE-2022-28739

Red Hat Software Collections (for RHEL Server) 1 for RHEL 7 x86_64

Red Hat Software Collections (for RHEL Server for System Z) 1 for RHEL 7 s390x

Red Hat Software Collections (for RHEL Server for IBM Power LE) 1 for RHEL 7 ppc64le

Red Hat Software Collections (for RHEL Workstation) 1 for RHEL 7 x86_64

rh-ruby27-ruby security, bug fix, and enhancement update

Users are advised to visit following URL and follow the steps to apply fixes.

https://access.redhat.com/articles/11258

D. References:

https://access.redhat.com/security/security-updates/#/

https://access.redhat.com/security/updates/classification/#important