Advisory for RedHat Security Updates

  • NIC-CERT/2022-12/507
  • Date: 2022-12-14
  • CVE ID: Multiple
  • Severity: High

Description:

A vulnerability has been found in redhat products which could allow an attacker to take control of the affected system.

Security Issues Fixed:

Redhat has issued security advisories which contains important updates like Red Hat Enterprise Linux for Power, little endian - Extended Update Support Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions Red Hat Enterprise Linux for IBM z Systems - Extended Update Support Red Hat Enterprise Linux for x86_64 - Extended Update Support Red Hat Enterprise Linux Server for ARM 64 - 4 years of updates Red Hat Enterprise Linux Server for IBM z Systems - 4 years of updates Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions Red Hat Enterprise Linux for ARM 64 - Extended Update Support

Affected Products & Solution:

CVE

Product

Synopsis

CVE-2022-1158

CVE-2022-2639

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.2 ppc64le

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.2 x86_64

kpatch-patch security update

CVE-2022-45403

CVE-2022-45404

CVE-2022-45405

CVE-2022-45406

CVE-2022-45408

CVE-2022-45409

CVE-2022-45410

CVE-2022-45411

CVE-2022-45412

CVE-2022-45416

CVE-2022-45418

CVE-2022-45420

CVE-2022-45421

Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.0 x86_64

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.0 s390x

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.0 ppc64le

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.0 aarch64

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0 ppc64le

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0 x86_64

Red Hat Enterprise Linux Server for ARM 64 - 4 years of updates 9.0 aarch64

Red Hat Enterprise Linux Server for IBM z Systems - 4 years of updates 9.0 s390x

thunderbird security update

CVE-2022-45403

CVE-2022-45404

CVE-2022-45405

CVE-2022-45406

CVE-2022-45408

CVE-2022-45409

CVE-2022-45410

CVE-2022-45411

CVE-2022-45412

CVE-2022-45416

CVE-2022-45418

CVE-2022-45420

CVE-2022-45421

Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.0 x86_64

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.0 s390x

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.0 ppc64le

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.0 aarch64

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0 ppc64le

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0 x86_64

Red Hat Enterprise Linux Server for ARM 64 - 4 years of updates 9.0 aarch64

firefox security update

CVE-2022-2601

CVE-2022-3775

Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.0 x86_64

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.0 ppc64le

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.0 aarch64

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0 ppc64le

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0 x86_64

Red Hat Enterprise Linux Server for ARM 64 - 4 years of updates 9.0 aarch64

grub2 security and bug fix update

CVE-2022-42010

CVE-2022-42011

CVE-2022-42012

Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.0 x86_64

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.0 s390x

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.0 ppc64le

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.0 aarch64

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0 ppc64le

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0 x86_64

Red Hat Enterprise Linux Server for ARM 64 - 4 years of updates 9.0 aarch64

Red Hat Enterprise Linux Server for IBM z Systems - 4 years of updates 9.0 s390x

dbus security update

CVE-2022-0918

CVE-2022-0996

CVE-2022-2850

Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.0 x86_64

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.0 s390x

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.0 ppc64le

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.0 aarch64

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0 ppc64le

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0 x86_64

Red Hat Enterprise Linux Server for ARM 64 - 4 years of updates 9.0 aarch64

Red Hat Enterprise Linux Server for IBM z Systems - 4 years of updates 9.0 s390x

389-ds-base security update

CVE-2022-1158

CVE-2022-2639

CVE-2022-2959

CVE-2022-21123

CVE-2022-21125

CVE-2022-21166

CVE-2022-23816

CVE-2022-23825

CVE-2022-26373

CVE-2022-29900

CVE-2022-29901

CVE-2022-43945

Red Hat Enterprise Linux for Real Time for x86_64 - 4 years of updates 9.0 x86_64

Red Hat Enterprise Linux for Real Time for NFV for x86_64 - 4 years of updates 9.0 x86_64

kernel-rt security and bug fix update

CVE-2022-1158

CVE-2022-2639

CVE-2022-2959

CVE-2022-21123

CVE-2022-21125

CVE-2022-21166

CVE-2022-23816

CVE-2022-23825

CVE-2022-26373

CVE-2022-29900

CVE-2022-29901

CVE-2022-43945

Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.0 x86_64

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.0 s390x

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.0 ppc64le

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.0 aarch64

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0 ppc64le

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0 x86_64

Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 9.0 x86_64

Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 9.0 ppc64le

kernel security and bug fix update

CVE-2019-25058

Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.0 x86_64

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.0 s390x

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.0 ppc64le

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.0 aarch64

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0 ppc64le

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0 x86_64

Red Hat Enterprise Linux Server for ARM 64 - 4 years of updates 9.0 aarch64

Red Hat Enterprise Linux Server for IBM z Systems - 4 years of updates 9.0 s390x

usbguard security update

CVE-2022-3782

CVE-2022-3916

Red Hat Single Sign-On Text-Only Advisories x86_64

Red Hat Single Sign-On 7.6.1 security update

CVE-2016-3709

CVE-2022-1304

CVE-2022-3782

CVE-2022-3916

CVE-2022-22624

CVE-2022-22628

CVE-2022-22629

CVE-2022-22662

CVE-2022-26700

CVE-2022-26709

CVE-2022-26710

CVE-2022-26716

CVE-2022-26717

CVE-2022-26719

CVE-2022-27404

CVE-2022-27405

CVE-2022-27406

CVE-2022-30293

CVE-2022-37434

CVE-2022-42898

Red Hat OpenShift Container Platform 4.10 for RHEL 8 x86_64

Red Hat OpenShift Container Platform 4.9 for RHEL 8 x86_64

Red Hat OpenShift Container Platform for Power 4.10 for RHEL 8 ppc64le

Red Hat OpenShift Container Platform for Power 4.9 for RHEL 8 ppc64le

Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.10 for RHEL 8 s390x

Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.9 for RHEL 8 s390x

updated rh-sso-7/sso76-openshift-rhel8 container and operator related images

CVE-2022-3782

CVE-2022-3916

Red Hat Single Sign-On 7.6 for RHEL 9 x86_64

Red Hat Single Sign-On 7.6.1 security update on RHEL 9

CVE-2022-3782

CVE-2022-3916

Red Hat Single Sign-On 7.6 for RHEL 8 x86_64

Red Hat Single Sign-On 7.6.1 security update on RHEL 8

CVE-2022-3782

CVE-2022-3916

Red Hat Single Sign-On 7.6 for RHEL 7 x86_64

Red Hat Single Sign-On 7.6.1 security update on RHEL 7

CVE-2022-42920

Red Hat Enterprise Linux Server 7 x86_64

Red Hat Enterprise Linux Workstation 7 x86_64

Red Hat Enterprise Linux Desktop 7 x86_64

Red Hat Enterprise Linux for IBM z Systems 7 s390x

Red Hat Enterprise Linux for Power, big endian 7 ppc64

Red Hat Enterprise Linux for Scientific Computing 7 x86_64

Red Hat Enterprise Linux for Power, little endian 7 ppc64le

bcel security update

CVE-2022-1158

CVE-2022-2639

Red Hat Enterprise Linux for Real Time - Telecommunications Update Service 8.2 x86_64

Red Hat Enterprise Linux for Real Time for NFV - Telecommunications Update Service 8.2 x86_64

kernel-rt security and bug fix update

CVE-2022-1158

CVE-2022-2639

Red Hat Enterprise Linux Server - AUS 8.2 x86_64

Red Hat Enterprise Linux Server - TUS 8.2 x86_64

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.2 ppc64le

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.2 x86_64

kernel security and bug fix update

CVE-2022-1292

CVE-2022-2068

JBoss Enterprise Web Server Text-Only Advisories x86_64

Red Hat JBoss Web Server 5.7.1 release and security update

Users are advised to visit following URL and follow the steps to apply fixes.

https://access.redhat.com/articles/11258

References:

https://access.redhat.com/security/security-updates/#/

https://access.redhat.com/security/updates/classification/#important