My Oracle Support Banner

How to Apply the Cloudera CDH 6.3.4/CM 6.3.4 Patches for CVE-2021-44228 and CVE-2021-45105 on BDA 5.2 with OL6 or OL7 with No Other CDH or CM Patches Applied (Doc ID 2856711.1)

Last updated on AUGUST 08, 2022

Applies to:

Big Data Appliance Integrated Software - Version 5.2.0 to 5.2.0 [Release 5.0]
Linux x86-64

Purpose

These instructions are for applying the patches provided by Cloudera for CM 6.3.4/CDH 6.3.4 clusters with no additional Cloudera Manager(CM) or CDH patches applied, to address CVE-2021-44228 and CVE-2021-45105. 

As such these instructions apply to BDA 5.2 OL6 or OL7 with no additional CM or CDH patches.  If any additional CM or CDH patches have been applied to the BDA 5.2 cluster, open an SR with Oracle Support to request a CM or CDH patch for CVE-2021-44228 and CVE-2021-45105 with the already installed patches included.  If this is not done applying the patches here will overwrite the existing CM or CDH patches on the cluster.

Scope

BDA 5.2 OL6 or OL7 clusters with no additional CM or CDH patches applied where a patch for CVE-2021-44228 and CVE-2021-45105 is preferred over the steps to mitigate CVE-2021-44228 provided in: TSB 2021-545: Critical vulnerability in log4j2 CVE-2021-44228 (Doc ID 2828023.1).

Details

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Purpose
Scope
Details
 Frequently Asked Questions
 Get the Two Patches from MOS, One for Patching Cloudera Manager(CM); One for Patching CDH
 Perform Initial Health Checks
 Preliminary Scan for log4j Vulnerabilities in the CM/CDH Packages
 Apply the Cloudera Manager Patch: Patch 33933465: PATCH BUILD OF PATCH-5202 FOR CLOUDERA MANAGER 6.3.4
 Apply the CDH patch: Patch 33933446: PATCH BUILD OF PATCH-5205 FOR CDH 6.3.4
 Post Patching Checks
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.