QID 240887
Date Published: 2022-11-16
QID 240887: Red Hat Update for ignition security (RHSA-2022:8126)
Ignition is a utility used to manipulate systems during the initramfs.
This includes partitioning disks, formatting partitions, writing files (regular files, systemd units, etc.),
And configuring users.
On first boot, ignition reads its configuration from a source of truth (remote url, network metadata service, hypervisor bridge, etc.)
And applies the configuration...Security Fix(es):
- ignition: configs are accessible from unprivileged containers in vms running on vmware products (cve-2022-1706).
- Red Hat enterprise linux for x86_64 9 x86_64.
Red hat enterprise linux for ibm z systems 9 s390x.
Red hat enterprise linux for power, little endian 9 ppc64le.
Red hat enterprise linux for arm 64 9 aarch64.
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Successful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.
Solution
Refer to Red Hat security advisory RHSA-2022:8126 for updates and patch information.
Vendor References
- RHSA-2022:8126 -
access.redhat.com/errata/RHSA-2022:8126
CVEs related to QID 240887
Software Advisories
| Advisory ID | Software | Component | Link |
|---|---|---|---|
| RHSA-2022:8126 | Red Hat Enterprise Linux |
access.redhat.com/errata/RHSA-2022:8126 |