The Qualys Research Labs discovered a buffer overflow in the dynamic
loader's processing of the GLIBC_TUNABLES environment variable An
attacker can exploit this flaw for privilege escalation
Details can be found in the Qualys advisory at
wwwqualyscom/2023/10/03/cve-2023-4911/looney-tunables-local-privilege-escalation-glibc-ld-sotxt
For ...
Description<!---->A buffer overflow was discovered in the GNU C Library's dynamic loader ldso while processing the GLIBC_TUNABLES environment variable This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privilegesA buffe ...
Synopsis
Important: Migration Toolkit for Runtimes security update
Type/Severity
Security Advisory: Important
Topic
Migration Toolkit for Runtimes 121 releaseRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating ...
Synopsis
Moderate: Red Hat Virtualization Host 44z SP 1 security update
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for redhat-release-virtualization-host and redhat-virtualization-host is now available for ...
Synopsis
Important: glibc security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for glibc is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a secu ...
概要
Important: Updated IBM Business Automation Manager Open Editions 804 SP1 Images
タイプ/重大度
Security Advisory: Important
トピック
An update is now available for IBM Business Automation Manager Open Editions including images for Red Hat OpenShift Container Platform
説明
IBM Business Automation Manager Open Editions is ...
Synopsis
Important: Fence Agents Remediation Operator 021 security update
Type/Severity
Security Advisory: Important
Topic
This is an updated version for the fence-agents-remediation-operator-bundle-container and the fence-agents-remediation-operator-container It is now available for Fence Agents Remediation 02 for RHEL 8Red Hat Product ...
Synopsis
Important: OpenShift Virtualization 4128 Images security update
Type/Severity
Security Advisory: Important
Topic
Red Hat OpenShift Virtualization release 4128 is now available with updates to packages and images that fix several bugs and add enhancementsRed Hat Product Security has rated this update as having a security impact o ...
Synopsis
Important: Cryostat security update
Type/Severity
Security Advisory: Important
Topic
An update is now available for Cryostat 2 on RHEL 8Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available ...
概要
Important: OpenShift Container Platform 41317 bug fix and security update
タイプ/重大度
Security Advisory: Important
トピック
Red Hat OpenShift Container Platform release 41317 is now available with updates to packages and images that fix several bugs and add enhancementsThis release includes a security update for Red Ha ...
Synopsis
Important: glibc security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for glibc is now available for Red Hat Enterprise Linux 86 Extended Update SupportRed Hat Product Security has rated th ...
Synopsis
Important: Red Hat OpenShift Pipelines 1106 release and security update
Type/Severity
Security Advisory: Important
Topic
Red Hat OpenShift Pipelines 1106 has been releasedRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, which gives a ...
Synopsis
Important: Node Health Check Operator 061 security update
Type/Severity
Security Advisory: Important
Topic
This is an updated version for the node-healthcheck-must-gather-container, the node-healthcheck-operator-bundle-container, the node-healthcheck-operator-container, and the node-remediation-console-container It is now availabl ...
Synopsis
Important: OpenShift Container Platform 413 low-latency extras security update
Type/Severity
Security Advisory: Important
Topic
An update for cnf-tests-container, dpdk-base-container, performance-addon-operator-must-gather NUMA-aware secondary scheduler and numaresources-operator is now available for Red Hat OpenShift Container Plat ...
Synopsis
Important: Red Hat OpenShift Enterprise security update
Type/Severity
Security Advisory: Important
Topic
Red Hat OpenShift Container Platform low-latency extras release 412, which provides an update for cnf-tests-container, performance-addon-operator-must-gather-rhel8-container, NUMA-aware secondary scheduler and numaresources-opera ...
Synopsis
Important: Secondary Scheduler Operator for Red Hat OpenShift 120
Type/Severity
Security Advisory: Important
Topic
Secondary Scheduler Operator for Red Hat OpenShift 120
Description
The Secondary Scheduler Operator for Red Hat OpenShift is an optionaloperator that makes it possible to deploy a secondary scheduler byproviding a ...
Synopsis
Important: Kernel Module Management security update
Type/Severity
Security Advisory: Important
Topic
This is an update for the Red Hat OpenShift Kernel Module Management 11 operator and images to address CVE-2023-44487 which Red Hat has assessed as being Important (sees accessredhatcom/security/cve/CVE-2023-44487 for detai ...
Synopsis
Important: Migration Toolkit for Applications security update
Type/Severity
Security Advisory: Important
Topic
An update is now available for MTA-61-RHEL-8Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity ...
Synopsis
Important: Release of OpenShift Serverless 1302
Type/Severity
Security Advisory: Important
Topic
Red Hat OpenShift Serverless version 1302 is now availableRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severit ...
Synopsis
Important: Migration Toolkit for Applications security and bug fix update
Type/Severity
Security Advisory: Important
Topic
Migration Toolkit for Applications 621 releaseRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, which gives a deta ...
Synopsis
Important: glibc security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for glibc is now available for Red Hat Enterprise Linux 9Red Hat Product Security has rated this update as having a secu ...
Synopsis
Important: OpenShift Container Platform 41241 security and extras update
Type/Severity
Security Advisory: Important
Topic
Red Hat OpenShift Container Platform release 41241 is now available with updates to packages and images that fix several bugsThis release includes a security update for Red Hat OpenShift Container Platform 4 ...
Synopsis
Important: OpenShift Virtualization 4117 Images security and bug fix update
Type/Severity
Security Advisory: Important
Topic
Red Hat OpenShift Virtualization release 4117 is now available with updates to packages and images that fix several bugs and add enhancementsRed Hat Product Security has rated this update as having a secur ...
Synopsis
Important: Network Observability security update
Type/Severity
Security Advisory: Important
Topic
An update for network-observability-console-plugin-container, network-observability-ebpf-agent-container, network-observability-flowlogs-pipeline-container, network-observability-operator-bundle-container, and network-observability-opera ...
Synopsis
Important: Logging Subsystem 577 - Red Hat OpenShift security update
Type/Severity
Security Advisory: Important
Topic
Logging Subsystem 577 - Red Hat OpenShiftRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed sev ...
Synopsis
Important: Logging Subsystem 5612 - Red Hat OpenShift security update
Type/Severity
Security Advisory: Important
Topic
Logging Subsystem 5612 - Red Hat OpenShiftRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed s ...
Synopsis
Important: Red Hat OpenShift Service Mesh for 238 security update
Type/Severity
Security Advisory: Important
Topic
An update is now available for Red Hat OpenShift Service Mesh 23 for RHEL 8Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base sc ...
Synopsis
Important: Red Hat OpenShift Service Mesh for 2211 security update
Type/Severity
Security Advisory: Important
Topic
An update is now available for Red Hat OpenShift Service Mesh 22 for RHEL 8Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base s ...
概述
Important: Red Hat OpenStack Platform 1625 security update
类型/严重性
Security Advisory: Important
标题
An update for osp-director-agent-container, osp-director-downloader-container, osp-director-operator-bundle-container, and osp-director-operator-container is now available for Red Hat OpenStack Platform 1625Red Hat Produ ...
Synopsis
Important: RHACS 41 enhancement and security update
Type/Severity
Security Advisory: Important
Topic
Updated images are now available for Red Hat Advanced Cluster Security (RHACS) The updated image includes new features and bug fixesRed Hat Product Security has rated this update as having a security impact of Important A Common V ...
Synopsis
Important: Self Node Remediation Operator 051 security update
Type/Severity
Security Advisory: Important
Topic
This is an updated version of the Self Node Remediation Operator This Operator is delivered by Red Hat Workload AvailabilityRed Hat Product Security has rated this update as having a security impact of Important A Commo ...
Synopsis
Important: Red Hat OpenShift Service Mesh for 244 security update
Type/Severity
Security Advisory: Important
Topic
An update is now available for Red Hat OpenShift Service Mesh 24 for RHEL 8Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base sc ...
Synopsis
Important: Node Health Check Operator 041
Type/Severity
Security Advisory: Important
Topic
This is an updated version of the Node Health Check Operator This Operator is delivered by Red Hat Workload AvailabilityRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring ...
Synopsis
Important: Node Maintenance Operator 521 security update
Type/Severity
Security Advisory: Important
Topic
This is an updated version of the Node Maintenance Operator This Operator is delivered by Red Hat Workload AvailabilityRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerab ...
Synopsis
Important: Node Maintenance Operator 501 security update
Type/Severity
Security Advisory: Important
Topic
This is an updated version of the Node Maintenance Operator This Operator is delivered by Red Hat Workload AvailabilityRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerab ...
Synopsis
Important: Red Hat OpenStack Platform 1711 (director-operator) security update
Type/Severity
Security Advisory: Important
Topic
An update for osp-director-agent-container, osp-director-downloader-container, osp-director-operator-bundle-container, and osp-director-operator-container is now available for Red Hat OpenStack Platform 17 ...
Synopsis
Important: OpenShift Container Platform 41152 bug fix and security update
Type/Severity
Security Advisory: Important
Topic
Red Hat OpenShift Container Platform release 41152 is now available with updates to packages and images that fix several bugs and add enhancementsThis release includes a security update for Red Hat OpenShift ...
Synopsis
Important: OpenShift Container Platform 41239 bug fix and security update
Type/Severity
Security Advisory: Important
Topic
Red Hat OpenShift Container Platform release 41239 is now available with updates to packages and images that fix several bugs and add enhancementsThis release includes a security update for Red Hat OpenShift ...
Synopsis
Important: glibc security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for glibc is now available for Red Hat Enterprise Linux 90 Extended Update SupportRed Hat Product Security has rated th ...
Synopsis
Important: Red Hat OpenShift Pipelines Operator security update
Type/Severity
Security Advisory: Important
Topic
An update is now available for OpenShift-Pipelines-111-RHEL-8Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, which gives a ...
Synopsis
Important: OpenShift Virtualization 4135 Images security update
Type/Severity
Security Advisory: Important
Topic
Red Hat OpenShift Virtualization release 4135 is now available with updates to packages and images that fix several bugs and add enhancementsRed Hat Product Security has rated this update as having a security impact o ...
Synopsis
Important: Self Node Remediation Operator 071 security update
Type/Severity
Security Advisory: Important
Topic
This is an updated version of the Self Node Remediation Operator This Operator is delivered by Red Hat Workload AvailabilityRed Hat Product Security has rated this update as having a security impact of Important A Commo ...
概要
Important: OpenShift Container Platform 411 low-latency extras update
タイプ/重大度
Security Advisory: Important
トピック
An update for cnf-tests-container, dpdk-base-container and performance-addon-operator-must-gather-rhel8-container is now available for Red Hat OpenShift Container Platform 411 Secondary scheduler builds ...
Synopsis
Important: cert-manager Operator for Red Hat OpenShift 1121
Type/Severity
Security Advisory: Important
Topic
cert-manager Operator for Red Hat OpenShift 1121Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed sever ...