As BSI stories, an IT safety warning a couple of Red Hat OpenShift vulnerability has obtained an replace. You can examine which merchandise are affected by the safety hole right here at information.de.
Federal Office for Security in Information Technology (BSI) issued an replace on May 21, 2024 for a safety vulnerability in Red Hat OpenShift recognized on August 4, 2021. The safety vulnerability impacts the Linux working system and merchandise Amazon Linux 2, Red Hat Enterprise Linux, Oracle Linux, Gentoo Linux and Red Hat OpenShift.
The newest producer suggestions for updates, workarounds and safety patches for this vulnerability may be discovered right here: Red Hat Security Advisory RHSA-2024:2988 (From 22 May 2024). Some helpful sources are listed later on this article.
OpenShift Red Hat Security Advisory – Risk: Moderate
Risk stage: 3 (reasonable)
CVSS Base Score: 6.5
CVSS provisional rating: 5,7
Remote management: Ja
The Common Vulnerability Scoring System (CVSS) is used to evaluate the severity of vulnerabilities in laptop techniques. The CVSS normal makes it potential to match potential or precise safety dangers primarily based on varied metrics to be able to prioritize countermeasures. The attributes “none”, “low”, “medium”, “excessive” and “extreme” are used to find out the severity ranges of the vulnerability. The Base Score evaluates the necessities of an assault (together with authentication, complexity, privileges, consumer interplay) and its outcomes. For non permanent impact, body situations which will change over time are thought of within the take a look at. According to CVSS, the danger of the vulnerability talked about right here is rated as “reasonable” with 6.5 foundation factors.
Red Hat OpenShift Bug: Vulnerability Enables Denial of Service
Red Hat OpenShift is a “Platform as a Service” (PaaS) resolution for delivering purposes within the cloud.
A distant, unknown attacker might exploit a vulnerability in Red Hat OpenShift to conduct a denial of service assault.
Vulnerabilities are recognized by a CVE (Common Vulnerabilities and Exposures) serial quantity. CVE-2021-34558 on the market.
Systems affected by the safety hole at a look
working system
Linux
Products
Amazon Linux 2 (cpe:/o:amazon:linux_2)
Red Hat Enterprise Linux (cpe:/o:redhat:enterprise_linux)
Oracle Linux (cpe:/o:oracle:linux)
Gentoo Linux (cpe:/o:gentoo:linux)
Red Hat OpenShift (cpe:/a:redhat:openshift)
General suggestions for addressing IT safety gaps
- Users of affected techniques ought to keep up-to-date. When safety holes are recognized, producers are required to repair them shortly by growing a patch or workaround. When new safety updates can be found, set up them instantly.
- For info, see the sources listed within the subsequent part. This usually accommodates extra details about the most recent model of the software program in query and the provision of safety patches or efficiency ideas.
- If you might have any additional questions or uncertainties, please contact your accountable administrator. IT safety managers ought to recurrently test the required sources to see if a brand new safety replace is accessible.
Manufacturer details about updates, patches and workarounds
Here one can find some hyperlinks with details about bug stories, safety fixes and workarounds.
Red Hat Security Advisory RHSA-2024:2988 vom 2024-05-22 (21.05.2024)
For extra info, see:
Red Hat Security Advisory RHSA-2022:7954 vom 2022-11-15 (15.11.2022)
For extra info, see:
Gentoo Linux Security Advisory GLSA-202208-02 vom 2022-08-09 (09.08.2022)
For extra info, see:
Red Hat Security Advisory RHSA-2022:1372 vom 2022-04-14 (13.04.2022)
For extra info, see:
Red Hat Security Advisory RHSA-2022:1329 vom 2022-04-12 (12.04.2022)
For extra info, see:
Red Hat Security Advisory RHSA-2022:0577 vom 2022-03-28 (28.03.2022)
For extra info, see:
Red Hat Security Advisory RHSA-2022:0988 vom 2022-03-24 (24.03.2022)
For extra info, see:
Red Hat Security Advisory RHSA-2022:0998 vom 2022-03-24 (23.03.2022)
For extra info, see:
Red Hat Security Advisory RHSA-2022:0947 vom 2022-03-16 (16.03.2022)
For extra info, see:
Red Hat Security Advisory RHSA-2022:0260 vom 2022-01-25 (25.01.2022)
For extra info, see:
Red Hat Security Advisory RHSA-2022:0237 vom 2022-01-24 (24.01.2022)
For extra info, see:
Red Hat Security Advisory RHSA-2022:0191 vom 2022-01-20 (19.01.2022)
For extra info, see:
Red Hat Security Advisory RHSA-2021:5085 vom 2021-12-13 (13.12.2021)
For extra info, see:
Red Hat Security Advisory RHSA-2021:5086 vom 2021-12-13 (13.12.2021)
For extra info, see:
Red Hat Security Advisory RHSA-2021:4914 vom 2021-12-02 (02.12.2021)
For extra info, see:
Red Hat Security Advisory RHSA-2021:4725 vom 2021-11-17 (17.11.2021)
For extra info, see:
Red Hat Security Advisory RHSA-2021:4722 vom 2021-11-17 (17.11.2021)
For extra info, see:
Red Hat Security Advisory RHSA-2021:4582 vom 2021-11-10 (10.11.2021)
For extra info, see:
Red Hat Security Advisory RHSA-2021:4226 vom 2021-11-09 (09.11.2021)
For extra info, see:
Red Hat Security Advisory RHSA-2021:4104 vom 2021-11-02 (02.11.2021)
For extra info, see:
Red Hat Security Advisory RHSA-2021:3820 vom 2021-10-19 (19.10.2021)
For extra info, see:
Red Hat Security Advisory RHSA-2021:3759 vom 2021-10-18 (18.10.2021)
For extra info, see:
Red Hat Security Advisory RHSA-2021:3733 vom 2021-10-07 (06.10.2021)
For extra info, see:
Red Hat Security Advisory RHSA-2021:3598 vom 2021-09-21 (20.09.2021)
For extra info, see:
Red Hat Security Advisory RHSA-2021:3556 vom 2021-09-17 (16.09.2021)
For extra info, see:
Red Hat Security Advisory RHSA-2021:3555 vom 2021-09-16 (16.09.2021)
For extra info, see:
Red Hat Security Advisory RHSA-2021:3454 vom 2021-09-08 (07.09.2021)
For extra info, see:
Red Hat Security Advisory RHSA-2021:3248 vom 2021-08-31 (31.08.2021)
For extra info, see:
Red Hat Security Advisory RHSA-2021:3361 vom 2021-08-31 (30.08.2021)
For extra info, see:
Red Hat Security Advisory RHSA-2021:3259 vom 2021-08-25 (24.08.2021)
For extra info, see:
Red Hat Security Advisory RHSA-2021:3229 vom 2021-08-20 (19.08.2021)
For extra info, see:
Red Hat Security Advisory RHSA-2021:3009 vom 2021-08-12 (11.08.2021)
For extra info, see:
Red Hat Security Advisory RHSA-2021:3146 vom 2021-08-12 (11.08.2021)
For extra info, see:
Oracle Linux Security Advisory ELSA-2021-3076 vom 2021-08-12 (11.08.2021)
For extra info, see:
Red Hat Security Advisory RHSA-2021:2983 vom 2021-08-10 (10.08.2021)
For extra info, see:
Red Hat Security Advisory RHSA-2021:3076 vom 2021-08-10 (10.08.2021)
For extra info, see:
Red Hat Security Advisory RHSA-2021:2984 vom 2021-08-10 (09.08.2021)
For extra info, see:
Amazon Linux Security Advisory ALAS-2021-1694 vom 2021-08-06 (05.08.2021)
For extra info, see:
Red Hat Security Advisory RHSA-2021:3015 vom 2021-08-04 (04.08.2021)
For extra info, see:
Version historical past of this safety alert
This is the thirty fifth model of this Red Hat OpenShift IT safety advisory. If additional updates are introduced, this doc might be up to date. You can see the modifications made utilizing the model historical past beneath.
August 4, 2021 – First model
August 5, 2021 – New updates from Amazon have been added
08/09/2021 – New updates from Red Hat have been added
08/10/2021 – New updates from Red Hat have been added
August 11, 2021 – New updates from Oracle Linux and Red Hat have been added
08/16/2021 – References added: FEDORA-2021-0113144F35
08/19/2021 – New updates from Red Hat have been added
08/24/2021 – New updates from Red Hat have been added
08/30/2021 – New updates from Red Hat have been added
08/31/2021 – New updates from Red Hat have been added
09/07/2021 – New updates from Red Hat have been added
September 16, 2021 – New updates from Red Hat have been added
09/20/2021 – New updates from Red Hat have been added
October 3, 2021 – References added: FEDORA-2021-C35235C250
October 6, 2021 – New updates from Red Hat have been added
October 18, 2021 – New updates from Red Hat have been added
October 19, 2021 – New updates from Red Hat have been added
November 2, 2021 – New updates from Red Hat have been added
November 9, 2021 – New updates from Red Hat have been added
11/10/2021 – New updates from Red Hat added
November 17, 2021 – New updates from Red Hat have been added
12/02/2021 – New updates from Red Hat have been added
12/13/2021 – New updates from Red Hat added
01/19/2022 – New updates from Red Hat have been added
01/24/2022 – New updates from Red Hat have been added
01/25/2022 – New updates from Red Hat have been added
03/16/2022 – New updates from Red Hat have been added
03/23/2022 – New updates from Red Hat have been added
03/24/2022 – New updates from Red Hat have been added
03/28/2022 – New updates from Red Hat have been added
April 12, 2022 – New updates from Red Hat have been added
April 13, 2022 – New updates from Red Hat have been added
08/09/2022 – New updates from Gentoo added
November 15, 2022 – New updates from Red Hat have been added
May 21, 2024 – New updates from Red Hat added
+++ Editorial word: This doc relies on present BSI information and might be up to date in a data-driven method relying on the standing of the alert. We welcome suggestions and feedback at [email protected]. +++
observe News.de you might be right here Facebook, Twitter, Pinterest once more YouTube? Here one can find sizzling information, present movies and a direct line to the editorial group.
kns/roj/information.de