Mitigate Baron SameEdit (CVE-2021-3156) vulnerability

Red Hat Summit – learn how to reduce the pressure of patching Red Hat Enterprise Linux

By Archis Gore

‘Administrators who fail to patch their systems are one of the greatest threats to server security’ Red Hat security guide. Time to take the responsibility off your admin’s shoulders 

To coincide with this week’s virtual Red Hat Summit we wanted to provide some support to the people that manage the patching and security of Linux systems, especially as Working From Home is adding complexity and unwanted pressure.

From a historical perspective, starting right around 1998 or so, Linux has grown to become the platform for digital transformation in the modern enterprise. Starting with file/print, home directories, email and web servers, Linux now runs applications for big data, artificial intelligence/machine-learning, containers and Kubernetes. From a workload and use case perspective, Linux has matured to take on business continuity, fraud detection, supply chain processing, supercomputing and more. From a vertical market perspective, Linux is now found in just about every sector, with a particular strong showing in Financial Services, Manufacturing, Healthcare, and Government. And in the challenging days of 2020, Linux has shined by helping organizations address new challenges around security, business continuity and working from home.

Linux is enterprise-grade. And the leading enterprise-grade version of Linux, is Red Hat. According to the IDC report, “Worldwide Server Operating Environments Market Shares, 2018: Overall Market Growth Accelerates,”:

  • Red Hat Enterprise Linux subscriptions represent more than 33% of the total paid enterprise operating system environments
  • Linux in its entirety (paid and unpaid distributions) made up over 70% of all server deployments

However, as per Red Hat’s own security guide, ‘All software contains bugs. Often, these bugs can result in a vulnerability that can expose your system to malicious users. Packages that have not been updated are a common cause of computer intrusions.’

Red Hat quite rightly recommends that you ‘Implement a plan for installing security patches in a timely manner to quickly eliminate discovered vulnerabilities, so they cannot be exploited.’ (For a full list of all Red Hat security vulnerabilities go to

As Red Hat’s security guide also states, ‘Administrators who fail to patch their systems are one of the greatest threats to server security’.

Unfortunately, as we all know, the best laid plans often go awry and patching often ends up being done at the weekend to avoid unwanted downtime, or in a panic, when it’s critical. This statement also assumes that the only threat to Linux security are from known vulnerabilities to which there is a patch available.

A patch gap is generally understood to be the period from when a vulnerability is discovered to the point when a patch is deployed to fix it. However, there’s plenty of evidence that the attack threshold is open for a considerable time before the point of formal discovery. This is the ideal scenario for hackers. If they find the weakness first, they can work under the radar and exploit it while no one is the wiser.

Let’s do a little simple math to show what the breadth of the problem looked like in 2018 (note – we’ve rounded up below):

  • Total Linux Servers in 2018 = 12 million servers
  • Source IDC: Total Servers = 17.1 million, 70% are running Linux
  • Total Linux Servers with Potential Patch Gap in 2018 = almost 7 million

And as per our previous blog ‘The Patch Gap – it’s much bigger than you think’, the patch gap in Linux is much, much bigger than commonly acknowledged – a whopping 2,618 days.

Therefore, a radically different approach is needed for protection throughout this entire patch gap period. Polymorphing protects your Linux systems against known and unknown vulnerabilities whether your systems are patched or unpatched without any negative impact on application performance or disruptive changes to working practices.

In fact, as Jeremy Russell, Director DevOps for LegalShield explains in the LegalShield customer success story, the solution makes server administration easier: “With Polymorphing for Linux, the additional layer of protection means we don’t need to drop everything to install security patches. We’ve adopted a standard cadence for patching, in support of our other security monitoring and detection measures. At a time when more of us are working from home, this helps us keep systems protected without interrupting other projects.”

To find out how you could add another layer of security to your Red Hat Enterprise Linux and relieve the pressure from patching and security through Polymorphing, sign up for our webinar here. ‘Protect patched, and unpatched Linux servers from known/unknown vulnerabilities, May 12, 11am PST.’

Interested in learning more?

Be the first to hear about the latest product releases and cybersecurity news.

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.