
أصدر المركز الوطني الإرشادي للأمن السيبراني (Saudi CERT) تحذير أمني بتاريخ اليوم 18 نوفمبر 2021 على النحو التالي:
مستوى الخطورة ● متوسط
رقم التحذير: 2021-3899
القطاع المستهدف: الكل
الوصف:
أصدرت Red Hat عدّة تحديثات لمعالجة عددٍ من الثغرات في المنتجات التالية:
- OpenShift Virtualization 2.6.8
- Red Hat Container Native Virtualization 2.6 for RHEL 8 x86_64
- Red Hat Container Native Virtualization 2.6 for RHEL 7 x86_64
- devtoolset-10-annobin
- Red Hat Software Collections (for RHEL Server) 1 for RHEL 7.7 x86_64
- Red Hat Software Collections (for RHEL Server for System Z) 1 for RHEL 7.7 s390x
- Red Hat Software Collections (for RHEL Server for IBM Power LE) 1 for RHEL 7.7 ppc64le
- Red Hat Software Collections (for RHEL Server for IBM Power) 1 for RHEL 7.7 ppc64
- Red Hat Software Collections (for RHEL Server) 1 for RHEL 7 x86_64
- Red Hat Software Collections (for RHEL Server for System Z) 1 for RHEL 7 s390x
- Red Hat Software Collections (for RHEL Server for IBM Power LE) 1 for RHEL 7 ppc64le
- Red Hat Software Collections (for RHEL Server for IBM Power) 1 for RHEL 7 ppc64
- Red Hat Software Collections (for RHEL Workstation) 1 for RHEL 7 x86_64
- devtoolset-10-binutils
- Red Hat Software Collections (for RHEL Server) 1 for RHEL 7.7 x86_64
- Red Hat Software Collections (for RHEL Server for System Z) 1 for RHEL 7.7 s390x
- Red Hat Software Collections (for RHEL Server for IBM Power LE) 1 for RHEL 7.7 ppc64le
- Red Hat Software Collections (for RHEL Server for IBM Power) 1 for RHEL 7.7 ppc64
- Red Hat Software Collections (for RHEL Server) 1 for RHEL 7 x86_64
- Red Hat Software Collections (for RHEL Server for System Z) 1 for RHEL 7 s390x
- Red Hat Software Collections (for RHEL Server for IBM Power LE) 1 for RHEL 7 ppc64le
- Red Hat Software Collections (for RHEL Server for IBM Power) 1 for RHEL 7 ppc64
- Red Hat Software Collections (for RHEL Workstation) 1 for RHEL 7 x86_64
- OpenShift Virtualization 2.6.8 RPMs
- Red Hat Container Native Virtualization 2.6 for RHEL 8 x86_64
- Red Hat Container Native Virtualization 2.6 for RHEL 7 x86_64
- Openshift Logging 5.2.3
- Red Hat OpenShift Container Platform 4.8 for RHEL 8 x86_64
- Openshift Logging 5.1.4
- Red Hat OpenShift Container Platform 4.8 for RHEL 8 x86_64
التهديدات:
يمكن للمهاجم استغلال الثغرات من خلال تنفيذ برمجيات خبيثة.
الإجراءات الوقائية:
يوصي المركز بتحديث المنتجات المتأثرة، حيث أصدرت Red Hat توضيحًا لهذه التحديثات:
- https://access.redhat.com/errata/RHSA-2021:4725
- https://access.redhat.com/errata/RHSA-2021:4724
- https://access.redhat.com/errata/RHSA-2021:4723
- https://access.redhat.com/errata/RHSA-2021:4722
- https://access.redhat.com/errata/RHSA-2021:4032
- https://access.redhat.com/errata/RHSA-2021:4628



