On Monday, August 30th, 2021, another notable high-risk vulnerability was reported. The vulnerability pertains to open-source software provider, IBM subsidiary company Red Hat, Inc., and can result in the complete compromise of a system that isn’t patched with the latest security fix.
Who Are Red Hat?
Red Hat is a multi-billion dollar IBM subsidiary company that provides open-source software. According to the official website, “Red Hat delivers hardened, open source solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.” Established in 1993, Red Hat offers a vast range of products, such as; platforms, storage, application services, application development, cloud computing solutions, and automation/management solutions. Red Hat, Inc. was acquired for $34 billion in 2018, in one of IBM’s most historic acquisitions.
The Red Hat Software Vulnerability
On August 30th, 2021 a software vulnerability report was revealed to the public on Red Hat’s Security Advisory Product Errata Customer Portal. The report concerns Red Hat Enterprise Linux, which is Red Hat’s commercial Linux distribution product. It is a high-risk vulnerability in Red Hat Enterprise Linux, specifically version 8.2. This software vulnerability can be exploited by attackers on a system that does not have the latest security fix, and can ultimately lead to complete compromise of a vulnerable system.
Technical Details Surrounding The Vulnerability
According to the official security advisory report, further in-depth technical details surrounding the vulnerability have been released. The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a boundary error. The error is in the msadpcm_decode_block() function of libsndfile. A remote attacker can trick the victim to open a specially crafted WAV file, trigger a heap-based buffer overflow and execute arbitrary code on the target system. If successfully exploited, this vulnerability may result in the complete compromise of a targetted system, that has not been updated to the latest patch. The CVE ID database code (Common Vulnerabilities and Exposures) for this software vulnerability is CVE-2021-3246. The vulnerability was marked as important by Red Hat, with in-depth technical specifications of the issue found here.
Vulnerable Software Versions
The security advisory report on the official Red Hat web page contains details about the software versions of Red Hat Enterprise Linux that are currently vulnerable as a result of this security flaw;
Red Hat Enterprise Linux for x86_64 – Extended Update Support 8.2 x86_64 Red Hat Enterprise Linux Server – AUS 8.2 x86_64 Red Hat Enterprise Linux for IBM z Systems – Extended Update Support 8.2 s390x Red Hat Enterprise Linux for Power, little endian – Extended Update Support 8.2 ppc64le Red Hat Enterprise Linux Server – TUS 8.2 x86_64 Red Hat Enterprise Linux for ARM 64 – Extended Update Support 8.2 aarch64 Red Hat Enterprise Linux Server (for IBM Power LE) – Update Services for SAP Solutions 8.2 ppc64le Red Hat Enterprise Linux Server – Update Services for SAP Solutions 8.2 x86_64 Red Hat CodeReady Linux Builder for x86_64 – Extended Update Support 8.2 x86_64 Red Hat CodeReady Linux Builder for Power, little endian – Extended Update Support 8.2 ppc64le Red Hat CodeReady Linux Builder for IBM z Systems – Extended Update Support 8.2 s390x Red Hat CodeReady Linux Builder for ARM 64 – Extended Update Support 8.2 aarch64
Important User Information
Users need to know that the security vulnerability has been updated, that is, fixed. The official Red Hat Security Advisory has released a security patch for the ‘libsndfile’ security flaw detailed above. Users/customers should visit this section for information on how to apply package updates.