Total
691 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-43786 | 3 Fedoraproject, Redhat, X.org | 3 Fedora, Enterprise Linux, Libx11 | 2024-04-30 | N/A | 5.5 MEDIUM |
| A vulnerability was found in libX11 due to an infinite loop within the PutSubImage() function. This flaw allows a local user to consume all available system resources and cause a denial of service condition. | |||||
| CVE-2023-43785 | 3 Fedoraproject, Redhat, X.org | 3 Fedora, Enterprise Linux, Libx11 | 2024-04-30 | N/A | 5.5 MEDIUM |
| A vulnerability was found in libX11 due to a boundary condition within the _XkbReadKeySyms() function. This flaw allows a local user to trigger an out-of-bounds read error and read the contents of memory on the system. | |||||
| CVE-2023-42756 | 4 Debian, Fedoraproject, Linux and 1 more | 4 Debian Linux, Fedora, Linux Kernel and 1 more | 2024-04-30 | N/A | 4.7 MEDIUM |
| A flaw was found in the Netfilter subsystem of the Linux kernel. A race condition between IPSET_CMD_ADD and IPSET_CMD_SWAP can lead to a kernel panic due to the invocation of `__ip_set_put` on a wrong `set`. This issue may allow a local user to crash the system. | |||||
| CVE-2023-42754 | 3 Fedoraproject, Linux, Redhat | 3 Fedora, Linux Kernel, Enterprise Linux | 2024-04-30 | N/A | 5.5 MEDIUM |
| A NULL pointer dereference flaw was found in the Linux kernel ipv4 stack. The socket buffer (skb) was assumed to be associated with a device before calling __ip_options_compile, which is not always the case if the skb is re-routed by ipvs. This issue may allow a local user with CAP_NET_ADMIN privileges to crash the system. | |||||
| CVE-2023-3255 | 3 Fedoraproject, Qemu, Redhat | 3 Fedora, Qemu, Enterprise Linux | 2024-04-30 | N/A | 6.5 MEDIUM |
| A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. A wrong exit condition may lead to an infinite loop when inflating an attacker controlled zlib buffer in the `inflate_buffer` function. This could allow a remote authenticated client who is able to send a clipboard to the VNC server to trigger a denial of service. | |||||
| CVE-2023-3019 | 2 Qemu, Redhat | 2 Qemu, Enterprise Linux | 2024-04-30 | N/A | 6.5 MEDIUM |
| A DMA reentrancy issue leading to a use-after-free error was found in the e1000e NIC emulation code in QEMU. This issue could allow a privileged guest user to crash the QEMU process on the host, resulting in a denial of service. | |||||
| CVE-2023-39198 | 3 Fedoraproject, Linux, Redhat | 3 Fedora, Linux Kernel, Enterprise Linux | 2024-04-30 | N/A | 6.4 MEDIUM |
| A race condition was found in the QXL driver in the Linux kernel. The qxl_mode_dumb_create() function dereferences the qobj returned by the qxl_gem_object_create_with_handle(), but the handle is the only one holding a reference to it. This flaw allows an attacker to guess the returned handle value and trigger a use-after-free issue, potentially leading to a denial of service or privilege escalation. | |||||
| CVE-2023-39194 | 3 Fedoraproject, Linux, Redhat | 3 Fedora, Linux Kernel, Enterprise Linux | 2024-04-30 | N/A | 4.4 MEDIUM |
| A flaw was found in the XFRM subsystem in the Linux kernel. The specific flaw exists within the processing of state filters, which can result in a read past the end of an allocated buffer. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, potentially leading to an information disclosure. | |||||
| CVE-2023-39193 | 3 Fedoraproject, Linux, Redhat | 3 Fedora, Linux Kernel, Enterprise Linux | 2024-04-30 | N/A | 6.0 MEDIUM |
| A flaw was found in the Netfilter subsystem in the Linux kernel. The sctp_mt_check did not validate the flag_count field. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or information disclosure. | |||||
| CVE-2023-39189 | 3 Fedoraproject, Linux, Redhat | 3 Fedora, Linux Kernel, Enterprise Linux | 2024-04-30 | N/A | 6.0 MEDIUM |
| A flaw was found in the Netfilter subsystem in the Linux kernel. The nfnl_osf_add_callback function did not validate the user mode controlled opt_num field. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or information disclosure. | |||||
| CVE-2023-40551 | 2 Fedoraproject, Redhat | 3 Fedora, Enterprise Linux, Shim | 2024-04-29 | N/A | 5.1 MEDIUM |
| A flaw was found in the MZ binary format in Shim. An out-of-bounds read may occur, leading to a crash or possible exposure of sensitive data during the system's boot phase. | |||||
| CVE-2023-40550 | 2 Fedoraproject, Redhat | 3 Fedora, Enterprise Linux, Shim | 2024-04-29 | N/A | 5.5 MEDIUM |
| An out-of-bounds read flaw was found in Shim when it tried to validate the SBAT information. This issue may expose sensitive data during the system's boot phase. | |||||
| CVE-2023-40549 | 2 Fedoraproject, Redhat | 3 Fedora, Enterprise Linux, Shim | 2024-04-29 | N/A | 5.5 MEDIUM |
| An out-of-bounds read flaw was found in Shim due to the lack of proper boundary verification during the load of a PE binary. This flaw allows an attacker to load a crafted PE binary, triggering the issue and crashing Shim, resulting in a denial of service. | |||||
| CVE-2023-40546 | 2 Fedoraproject, Redhat | 3 Fedora, Enterprise Linux, Shim | 2024-04-29 | N/A | 5.5 MEDIUM |
| A flaw was found in Shim when an error happened while creating a new ESL variable. If Shim fails to create the new variable, it tries to print an error message to the user; however, the number of parameters used by the logging function doesn't match the format string used by it, leading to a crash under certain circumstances. | |||||
| CVE-2024-0914 | 2 Opencryptoki Project, Redhat | 2 Opencryptoki, Enterprise Linux | 2024-04-25 | N/A | 5.9 MEDIUM |
| A timing side-channel vulnerability has been discovered in the opencryptoki package while processing RSA PKCS#1 v1.5 padded ciphertexts. This flaw could potentially enable unauthorized RSA ciphertext decryption or signing, even without access to the corresponding private key. | |||||
| CVE-2023-7192 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2024-04-25 | N/A | 4.4 MEDIUM |
| A memory leak problem was found in ctnetlink_create_conntrack in net/netfilter/nf_conntrack_netlink.c in the Linux Kernel. This issue may allow a local attacker with CAP_NET_ADMIN privileges to cause a denial of service (DoS) attack due to a refcount overflow. | |||||
| CVE-2023-4459 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2024-04-25 | N/A | 5.5 MEDIUM |
| A NULL pointer dereference flaw was found in vmxnet3_rq_cleanup in drivers/net/vmxnet3/vmxnet3_drv.c in the networking sub-component in vmxnet3 in the Linux Kernel. This issue may allow a local attacker with normal user privilege to cause a denial of service due to a missing sanity check during cleanup. | |||||
| CVE-2023-4091 | 3 Fedoraproject, Redhat, Samba | 5 Fedora, Enterprise Linux, Enterprise Linux Eus and 2 more | 2024-04-22 | N/A | 6.5 MEDIUM |
| A vulnerability was discovered in Samba, where the flaw allows SMB clients to truncate files, even with read-only permissions when the Samba VFS module "acl_xattr" is configured with "acl_xattr:ignore system acls = yes". The SMB protocol allows opening files when the client requests read-only access but then implicitly truncates the opened file to 0 bytes if the client specifies a separate OVERWRITE create disposition request. The issue arises in configurations that bypass kernel file system permissions checks, relying solely on Samba's permissions. | |||||
| CVE-2022-2127 | 4 Debian, Fedoraproject, Redhat and 1 more | 4 Debian Linux, Fedora, Enterprise Linux and 1 more | 2024-04-22 | N/A | 5.9 MEDIUM |
| An out-of-bounds read vulnerability was found in Samba due to insufficient length checks in winbindd_pam_auth_crap.c. When performing NTLM authentication, the client replies to cryptographic challenges back to the server. These replies have variable lengths, and Winbind fails to check the lan manager response length. When Winbind is used for NTLM authentication, a maliciously crafted request can trigger an out-of-bounds read in Winbind, possibly resulting in a crash. | |||||
| CVE-2020-14383 | 2 Redhat, Samba | 2 Enterprise Linux, Samba | 2024-04-22 | 4.0 MEDIUM | 6.5 MEDIUM |
| A flaw was found in samba's DNS server. An authenticated user could use this flaw to the RPC server to crash. This RPC server, which also serves protocols other than dnsserver, will be restarted after a short delay, but it is easy for an authenticated non administrative attacker to crash it again as soon as it returns. The Samba DNS server itself will continue to operate, but many RPC services will not. | |||||