Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

Red Hat Enterprise Linux 8 RHSA-2021-1983-01: Critical DoS Risk Mitigation

red hat
Calendar Grey May 18, 2021
Dist Redhat Esm H88
Ubuntu Linux 20.04 has released a critical patch for the network manager:NM2 addressing a potential DDoS vulnerability. Keep informed!
An update for the idm:DL1 module is now available for Red Hat Enterprise Linux 8

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Summary

Red Hat Identity Management (IdM) is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments.
Security Fix(es):
* slapi-nis: NULL dereference (DoS) with specially crafted Binding DN (CVE-2021-3480)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Topics%20covered

Topics Covered

security advisory security update critical DoS Red Hat Enterprise risk mitigation idm module

References

https://access.redhat.com/security/cve/CVE-2021-3480 https://access.redhat.com/security/updates/classification/#important

Package List

Red Hat Enterprise Linux AppStream (v. 8):
Source: bind-dyndb-ldap-11.6-2.module+el8.4.0+9328+4ec4e316.src.rpm custodia-0.6.0-3.module+el8.1.0+4098+f286395e.src.rpm ipa-4.9.2-3.module+el8.4.0+10412+5ecb5b37.src.rpm ipa-healthcheck-0.7-3.module+el8.4.0+9007+5084bdd8.src.rpm opendnssec-2.1.7-1.module+el8.4.0+9007+5084bdd8.src.rpm python-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.src.rpm python-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.src.rpm python-qrcode-5.1-12.module+el8.1.0+4098+f286395e.src.rpm python-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.src.rpm pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.src.rpm slapi-nis-0.56.6-2.module+el8.4.0+10615+2234cc2c.src.rpm softhsm-2.6.0-5.module+el8.4.0+10227+076cd560.src.rpm
aarch64: bind-dyndb-ldap-11.6-2.module+el8.4.0+9328+4ec4e316.aarch64.rpm bind-dyndb-ldap-debuginfo-11.6-2.module+el8.4.0+9328+4ec4e316.aarch64.rpm bind-dyndb-ldap-debugsource-11.6-2.module+el8.4.0+9328+4ec4e316.aarch64.rpm ipa-client-4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64.rpm ipa-client-debuginfo-4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64.rpm ipa-client-epn-4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64.rpm ipa-client-samba-4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64.rpm ipa-debuginfo-4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64.rpm

Read the Full Advisory


Severity
important
Lowest
Low
Medium
High
Critical

Advisory ID: RHSA-2021:1983-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2021:1983
Issue date: 2021-05-18

Topic

An update for the idm:DL1 module is now available for Red Hat EnterpriseLinux 8.Red Hat Product Security has rated this update as having a security impactof Important. A Common Vulnerability Scoring System (CVSS) base score,which gives a detailed severity rating, is available for each vulnerabilityfrom the CVE link(s) in the References section.

Topics%20covered

Topics Covered

security advisory security update critical DoS Red Hat Enterprise risk mitigation idm module

Relevant Releases Architectures

Red Hat Enterprise Linux AppStream (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64

Bugs Fixed

1944640 - CVE-2021-3480 slapi-nis: NULL dereference (DoS) with specially crafted Binding DN

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here