Filtered by vendor Redhat
Subscriptions
Filtered by product Enterprise Linux For Power Little Endian
Subscriptions
Total
105 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-42669 | 2 Redhat, Samba | 10 Enterprise Linux, Enterprise Linux Eus, Enterprise Linux For Ibm Z Systems and 7 more | 2024-11-23 | 6.5 Medium |
| A vulnerability was found in Samba's "rpcecho" development server, a non-Windows RPC server used to test Samba's DCE/RPC stack elements. This vulnerability stems from an RPC function that can be blocked indefinitely. The issue arises because the "rpcecho" service operates with only one worker in the main RPC task, allowing calls to the "rpcecho" server to be blocked for a specified time, causing service disruptions. This disruption is triggered by a "sleep()" call in the "dcesrv_echo_TestSleep()" function under specific conditions. Authenticated users or attackers can exploit this vulnerability to make calls to the "rpcecho" server, requesting it to block for a specified duration, effectively disrupting most services and leading to a complete denial of service on the AD DC. The DoS affects all other services as "rpcecho" runs in the main RPC task. | ||||
| CVE-2023-3972 | 1 Redhat | 23 Enterprise Linux, Enterprise Linux Aus, Enterprise Linux Desktop and 20 more | 2024-11-23 | 7.8 High |
| A vulnerability was found in insights-client. This security issue occurs because of insecure file operations or unsafe handling of temporary files and directories that lead to local privilege escalation. Before the insights-client has been registered on the system by root, an unprivileged local user or attacker could create the /var/tmp/insights-client directory (owning the directory with read, write, and execute permissions) on the system. After the insights-client is registered by root, an attacker could then control the directory content that insights are using by putting malicious scripts into it and executing arbitrary code as root (trivially bypassing SELinux protections because insights processes are allowed to disable SELinux system-wide). | ||||
| CVE-2023-38201 | 3 Fedoraproject, Keylime, Redhat | 9 Fedora, Keylime, Enterprise Linux and 6 more | 2024-11-23 | 6.5 Medium |
| A flaw was found in the Keylime registrar that could allow a bypass of the challenge-response protocol during agent registration. This issue may allow an attacker to impersonate an agent and hide the true status of a monitored machine if the fake agent is added to the verifier list by a legitimate user, resulting in a breach of the integrity of the registrar database. | ||||
| CVE-2023-38200 | 3 Fedoraproject, Keylime, Redhat | 9 Fedora, Keylime, Enterprise Linux and 6 more | 2024-11-23 | 7.5 High |
| A flaw was found in Keylime. Due to their blocking nature, the Keylime registrar is subject to a remote denial of service against its SSL connections. This flaw allows an attacker to exhaust all available connections. | ||||
| CVE-2022-27649 | 3 Fedoraproject, Podman Project, Redhat | 15 Fedora, Podman, Developer Tools and 12 more | 2024-11-21 | 7.5 High |
| A flaw was found in Podman, where containers were started incorrectly with non-empty default permissions. A vulnerability was found in Moby (Docker Engine), where containers were started incorrectly with non-empty inheritable Linux process capabilities. This flaw allows an attacker with access to programs with inheritable file capabilities to elevate those capabilities to the permitted set when execve(2) runs. | ||||
| CVE-2022-1274 | 1 Redhat | 10 Enterprise Linux, Enterprise Linux For Ibm Z Systems, Enterprise Linux For Ibm Z Systems Eus and 7 more | 2024-11-21 | 5.4 Medium |
| A flaw was found in Keycloak in the execute-actions-email endpoint. This issue allows arbitrary HTML to be injected into emails sent to Keycloak users and can be misused to perform phishing or other attacks against users. | ||||
| CVE-2022-1227 | 4 Fedoraproject, Podman Project, Psgo Project and 1 more | 19 Fedora, Podman, Psgo and 16 more | 2024-11-21 | 8.8 High |
| A privilege escalation flaw was found in Podman. This flaw allows an attacker to publish a malicious image to a public registry. Once this image is downloaded by a potential victim, the vulnerability is triggered after a user runs the 'podman top' command. This action gives the attacker access to the host filesystem, leading to information disclosure or denial of service. | ||||
| CVE-2022-1011 | 6 Debian, Fedoraproject, Linux and 3 more | 39 Debian Linux, Fedora, Linux Kernel and 36 more | 2024-11-21 | 7.8 High |
| A use-after-free flaw was found in the Linux kernel’s FUSE filesystem in the way a user triggers write(). This flaw allows a local user to gain unauthorized access to data from the FUSE filesystem, resulting in privilege escalation. | ||||
| CVE-2022-0516 | 5 Debian, Fedoraproject, Linux and 2 more | 32 Debian Linux, Fedora, Linux Kernel and 29 more | 2024-11-21 | 7.8 High |
| A vulnerability was found in kvm_s390_guest_sida_op in the arch/s390/kvm/kvm-s390.c function in KVM for s390 in the Linux kernel. This flaw allows a local attacker with a normal user privilege to obtain unauthorized memory write access. This flaw affects Linux kernel versions prior to 5.17-rc4. | ||||
| CVE-2022-0492 | 6 Canonical, Debian, Fedoraproject and 3 more | 36 Ubuntu Linux, Debian Linux, Fedora and 33 more | 2024-11-21 | 7.8 High |
| A vulnerability was found in the Linux kernel’s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 release_agent feature to escalate privileges and bypass the namespace isolation unexpectedly. | ||||
| CVE-2022-0435 | 5 Fedoraproject, Linux, Netapp and 2 more | 40 Fedora, Linux Kernel, H300e and 37 more | 2024-11-21 | 8.8 High |
| A stack overflow flaw was found in the Linux kernel's TIPC protocol functionality in the way a user sends a packet with malicious content where the number of domain member nodes is higher than the 64 allowed. This flaw allows a remote user to crash the system or possibly escalate their privileges if they have access to the TIPC network. | ||||
| CVE-2022-0330 | 4 Fedoraproject, Linux, Netapp and 1 more | 52 Fedora, Linux Kernel, H300e and 49 more | 2024-11-21 | 7.8 High |
| A random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality in the way a user may run malicious code on the GPU. This flaw allows a local user to crash the system or escalate their privileges on the system. | ||||
| CVE-2021-4091 | 2 Port389, Redhat | 11 389-ds-base, Directory Server, Enterprise Linux and 8 more | 2024-11-21 | 7.5 High |
| A double-free was found in the way 389-ds-base handles virtual attributes context in persistent searches. An attacker could send a series of search requests, forcing the server to behave unexpectedly, and crash. | ||||
| CVE-2021-3975 | 5 Canonical, Debian, Fedoraproject and 2 more | 15 Ubuntu Linux, Debian Linux, Fedora and 12 more | 2024-11-21 | 6.5 Medium |
| A use-after-free flaw was found in libvirt. The qemuMonitorUnregister() function in qemuProcessHandleMonitorEOF is called using multiple threads without being adequately protected by a monitor lock. This flaw could be triggered by the virConnectGetAllDomainStats API when the guest is shutting down. An unprivileged client with a read-only connection could use this flaw to perform a denial of service attack by causing the libvirt daemon to crash. | ||||
| CVE-2021-3930 | 3 Debian, Qemu, Redhat | 11 Debian Linux, Qemu, Advanced Virtualization and 8 more | 2024-11-21 | 6.5 Medium |
| An off-by-one error was found in the SCSI device emulation in QEMU. It could occur while processing MODE SELECT commands in mode_sense_page() if the 'page' argument was set to MODE_PAGE_ALLS (0x3f). A malicious guest could use this flaw to potentially crash QEMU, resulting in a denial of service condition. | ||||
| CVE-2021-3737 | 6 Canonical, Fedoraproject, Netapp and 3 more | 18 Ubuntu Linux, Fedora, Hci and 15 more | 2024-11-21 | 7.5 High |
| A flaw was found in python. An improperly handled HTTP response in the HTTP client code of python may allow a remote attacker, who controls the HTTP server, to make the client script enter an infinite loop, consuming CPU time. The highest threat from this vulnerability is to system availability. | ||||
| CVE-2021-3733 | 4 Fedoraproject, Netapp, Python and 1 more | 21 Extra Packages For Enterprise Linux, Fedora, Hci Compute Node Firmware and 18 more | 2024-11-21 | 6.5 Medium |
| There's a flaw in urllib's AbstractBasicAuthHandler class. An attacker who controls a malicious HTTP server that an HTTP client (such as web browser) connects to, could trigger a Regular Expression Denial of Service (ReDOS) during an authentication request with a specially crafted payload that is sent by the server to the client. The greatest threat that this flaw poses is to application availability. | ||||
| CVE-2021-3697 | 2 Gnu, Redhat | 14 Grub2, Codeready Linux Builder, Developer Tools and 11 more | 2024-11-21 | 7.0 High |
| A crafted JPEG image may lead the JPEG reader to underflow its data pointer, allowing user-controlled data to be written in heap. To a successful to be performed the attacker needs to perform some triage over the heap layout and craft an image with a malicious format and payload. This vulnerability can lead to data corruption and eventual code execution or secure boot circumvention. This flaw affects grub2 versions prior grub-2.12. | ||||
| CVE-2021-3696 | 3 Gnu, Netapp, Redhat | 15 Grub2, Ontap Select Deploy Administration Utility, Codeready Linux Builder and 12 more | 2024-11-21 | 4.5 Medium |
| A heap out-of-bounds write may heppen during the handling of Huffman tables in the PNG reader. This may lead to data corruption in the heap space. Confidentiality, Integrity and Availablity impact may be considered Low as it's very complex to an attacker control the encoding and positioning of corrupted Huffman entries to achieve results such as arbitrary code execution and/or secure boot circumvention. This flaw affects grub2 versions prior grub-2.12. | ||||
| CVE-2021-3695 | 4 Fedoraproject, Gnu, Netapp and 1 more | 16 Fedora, Grub2, Ontap Select Deploy Administration Utility and 13 more | 2024-11-21 | 4.5 Medium |
| A crafted 16-bit grayscale PNG image may lead to a out-of-bounds write in the heap area. An attacker may take advantage of that to cause heap data corruption or eventually arbitrary code execution and circumvent secure boot protections. This issue has a high complexity to be exploited as an attacker needs to perform some triage over the heap layout to achieve signifcant results, also the values written into the memory are repeated three times in a row making difficult to produce valid payloads. This flaw affects grub2 versions prior grub-2.12. | ||||