Rewterz Threat Advisory – CVE-2021-25215 – Red Hat Bind Vulnerability

Rewterz Threat Advisory – CVE-2021-29472 – PHP vulnerability allows supply-chain attacks

April 30, 2021

Rewterz Threat Alert – Stealthy RotaJakiro Backdoor Targeting Linux Systems

April 30, 2021

Rewterz Threat Advisory – CVE-2021-25215 – Red Hat Bind Vulnerability

Severity

High

Analysis Summary

CVE-2021-25215

A flaw exists in bind. The vulnerability exists due to an assertion check that can fail while answering queries for DNAME records that require the DNAME to be processed to resolve itself. An attacker can exploit this vulnerability to gain availability to the system.

Impact

System Breach

Affected Vendors

RedHat

Affected Products

Red Hat Enterprise Linux Server 7 x86_64
Red Hat Enterprise Linux Workstation 7 x86_64
Red Hat Enterprise Linux Desktop 7 x86_64
Red Hat Enterprise Linux for IBM z Systems 7 s390x
Red Hat Enterprise Linux for Power
big endian 7 ppc64
Red Hat Enterprise Linux for Scientific Computing 7 x86_64
little endian 7 ppc64le

Remediation

Download the latest patches and updates from https://bugzilla.redhat.com/show_bug.cgi?id=1953857

Rewterz Threat Advisory – CVE-2021-29472 – PHP vulnerability allows supply-chain attacks

Rewterz Threat Alert – Stealthy RotaJakiro Backdoor Targeting Linux Systems

Rewterz Threat Advisory – CVE-2021-25215 – Red Hat Bind Vulnerability

Severity

Analysis Summary

CVE-2021-25215

Impact

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan