Red Hat yum-rhn-plugin RHN Updates Denial of Service Vulnerability

Red Hat yum-rhn-plugin RHN Updates Denial of Service Vulnerability

The Red Hat yum-rhn-plugin is prone to a denial-of-service vulnerability because it fails to adequately validate communication with Red Hat Network (RHN) servers.

Attackers can exploit this issue to prevent users from accessing security updates. This can provide a window of opportunity for an attacker to exploit a vulnerability addressed by a security update.

NOTE: This issue cannot be leveraged to install malicious packages because packages signatures are still verified prior to installation.