A researcher found a trivial bypass for CVE-2021-20253 by sending a mail to awx user, thereby leveraging postfix to create a folder, owned by awx, then placing a binary in that folder that lets a low privilege user to elevate to awx outside the isolation jail.
This issue has been addressed in the following products: Red Hat Ansible Automation Platform 2.1 for RHEL 8 Via RHSA-2022:0460 https://access.redhat.com/errata/RHSA-2022:0460
This issue has been addressed in the following products: Red Hat Ansible Automation Platform 2.0 for RHEL 8 Via RHSA-2022:0474 https://access.redhat.com/errata/RHSA-2022:0474
This issue has been addressed in the following products: Red Hat Ansible Tower 3.8 for RHEL 7 Via RHSA-2022:0482 https://access.redhat.com/errata/RHSA-2022:0482
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2021-4112
For Ansible Tower 3.8, this is addressed in ansible-tower 3.8.5-2 and ansible-runner 1.4.7-2 rpms, which are included in ansible-tower-setup-bundle-3.8.5-2.tar.gz/ansible-automation-platform-setup-bundle-1.2.6-2.tar.gz.