Vulnerabilities (CVE)

Filtered by vendor Redhat Subscribe
Filtered by product Codeready Linux Builder
Total 34 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-0847 7 Fedoraproject, Linux, Netapp and 4 more 39 Fedora, Linux Kernel, H300e and 36 more 2024-07-02 7.2 HIGH 7.8 HIGH
A flaw was found in the way the "flags" member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel and could thus contain stale values. An unprivileged local user could use this flaw to write to pages in the page cache backed by read only files and as such escalate their privileges on the system.
CVE-2023-4641 2 Redhat, Shadow-maint 9 Codeready Linux Builder, Codeready Linux Builder For Arm64, Codeready Linux Builder For Ibm Z Systems and 6 more 2024-05-03 N/A 5.5 MEDIUM
A flaw was found in shadow-utils. When asking for a new password, shadow-utils asks the password twice. If the password fails on the second attempt, shadow-utils fails in cleaning the buffer used to store the first entry. This may allow an attacker with enough access to retrieve the password from the memory.
CVE-2021-3975 5 Canonical, Debian, Fedoraproject and 2 more 14 Ubuntu Linux, Debian Linux, Fedora and 11 more 2024-04-01 N/A 6.5 MEDIUM
A use-after-free flaw was found in libvirt. The qemuMonitorUnregister() function in qemuProcessHandleMonitorEOF is called using multiple threads without being adequately protected by a monitor lock. This flaw could be triggered by the virConnectGetAllDomainStats API when the guest is shutting down. An unprivileged client with a read-only connection could use this flaw to perform a denial of service attack by causing the libvirt daemon to crash.
CVE-2021-31566 5 Debian, Fedoraproject, Libarchive and 2 more 14 Debian Linux, Fedora, Libarchive and 11 more 2024-03-27 N/A 7.8 HIGH
An improper link resolution flaw can occur while extracting an archive leading to changing modes, times, access control lists, and flags of a file outside of the archive. An attacker may provide a malicious archive to a victim user, who would trigger this flaw when trying to extract the archive. A local attacker may use this flaw to gain more privileges in a system.
CVE-2023-5455 3 Fedoraproject, Freeipa, Redhat 21 Fedora, Freeipa, Codeready Linux Builder and 18 more 2024-02-20 N/A 6.5 MEDIUM
A Cross-site request forgery vulnerability exists in ipa/session/login_password in all supported versions of IPA. This flaw allows an attacker to trick the user into submitting a request that could perform actions as the user, resulting in a loss of confidentiality and system integrity. During community penetration testing it was found that for certain HTTP end-points FreeIPA does not ensure CSRF protection. Due to implementation details one cannot use this flaw for reflection of a cookie representing already logged-in user. An attacker would always have to go through a new authentication attempt.
CVE-2023-4732 2 Linux, Redhat 10 Linux Kernel, Codeready Linux Builder, Codeready Linux Builder For Arm64 and 7 more 2024-01-25 N/A 4.7 MEDIUM
A flaw was found in pfn_swap_entry_to_page in memory management subsystem in the Linux Kernel. In this flaw, an attacker with a local user privilege may cause a denial of service problem due to a BUG statement referencing pmd_t x.
CVE-2023-4042 2 Artifex, Redhat 9 Ghostscript, Codeready Linux Builder, Codeready Linux Builder For Arm64 and 6 more 2023-12-27 N/A 5.5 MEDIUM
A flaw was found in ghostscript. The fix for CVE-2020-16305 in ghostscript was not included in RHSA-2021:1852-06 advisory as it was claimed to be. This issue only affects the ghostscript package as shipped with Red Hat Enterprise Linux 8.
CVE-2023-0179 4 Canonical, Fedoraproject, Linux and 1 more 14 Ubuntu Linux, Fedora, Linux Kernel and 11 more 2023-12-10 N/A 7.8 HIGH
A buffer overflow vulnerability was found in the Netfilter subsystem in the Linux Kernel. This issue could allow the leakage of both stack and heap addresses, and potentially allow Local Privilege Escalation to the root user via arbitrary code execution.
CVE-2019-8720 3 Redhat, Webkitgtk, Wpewebkit 24 Codeready Linux Builder, Codeready Linux Builder Eus, Codeready Linux Builder For Arm64 Eus and 21 more 2023-12-10 N/A 8.8 HIGH
A vulnerability was found in WebKit. The flaw is triggered when processing maliciously crafted web content that may lead to arbitrary code execution. Improved memory handling addresses the multiple memory corruption issues.
CVE-2021-3669 5 Debian, Fedoraproject, Ibm and 2 more 24 Debian Linux, Fedora, Spectrum Copy Data Management and 21 more 2023-12-10 N/A 5.5 MEDIUM
A flaw was found in the Linux kernel. Measuring usage of the shared memory does not scale with large shared memory segment counts which could lead to resource exhaustion and DoS.
CVE-2021-3659 3 Fedoraproject, Linux, Redhat 17 Fedora, Linux Kernel, Codeready Linux Builder and 14 more 2023-12-10 N/A 5.5 MEDIUM
A NULL pointer dereference flaw was found in the Linux kernel’s IEEE 802.15.4 wireless networking subsystem in the way the user closes the LR-WPAN connection. This flaw allows a local user to crash the system. The highest threat from this vulnerability is to system availability.
CVE-2021-3695 4 Fedoraproject, Gnu, Netapp and 1 more 14 Fedora, Grub2, Ontap Select Deploy Administration Utility and 11 more 2023-12-10 4.4 MEDIUM 4.5 MEDIUM
A crafted 16-bit grayscale PNG image may lead to a out-of-bounds write in the heap area. An attacker may take advantage of that to cause heap data corruption or eventually arbitrary code execution and circumvent secure boot protections. This issue has a high complexity to be exploited as an attacker needs to perform some triage over the heap layout to achieve signifcant results, also the values written into the memory are repeated three times in a row making difficult to produce valid payloads. This flaw affects grub2 versions prior grub-2.12.
CVE-2021-23177 4 Debian, Fedoraproject, Libarchive and 1 more 13 Debian Linux, Fedora, Libarchive and 10 more 2023-12-10 N/A 7.8 HIGH
An improper link resolution flaw while extracting an archive can lead to changing the access control list (ACL) of the target of the link. An attacker may provide a malicious archive to a victim user, who would trigger this flaw when trying to extract the archive. A local attacker may use this flaw to change the ACL of a file on the system and gain more privileges.
CVE-2021-3697 2 Gnu, Redhat 12 Grub2, Codeready Linux Builder, Developer Tools and 9 more 2023-12-10 4.4 MEDIUM 7.0 HIGH
A crafted JPEG image may lead the JPEG reader to underflow its data pointer, allowing user-controlled data to be written in heap. To a successful to be performed the attacker needs to perform some triage over the heap layout and craft an image with a malicious format and payload. This vulnerability can lead to data corruption and eventual code execution or secure boot circumvention. This flaw affects grub2 versions prior grub-2.12.
CVE-2021-3696 3 Gnu, Netapp, Redhat 13 Grub2, Ontap Select Deploy Administration Utility, Codeready Linux Builder and 10 more 2023-12-10 6.9 MEDIUM 4.5 MEDIUM
A heap out-of-bounds write may heppen during the handling of Huffman tables in the PNG reader. This may lead to data corruption in the heap space. Confidentiality, Integrity and Availablity impact may be considered Low as it's very complex to an attacker control the encoding and positioning of corrupted Huffman entries to achieve results such as arbitrary code execution and/or secure boot circumvention. This flaw affects grub2 versions prior grub-2.12.
CVE-2021-3656 3 Fedoraproject, Linux, Redhat 26 Fedora, Linux Kernel, 3scale Api Management and 23 more 2023-12-10 7.2 HIGH 8.8 HIGH
A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the "virt_ext" field, this issue could allow a malicious L1 to disable both VMLOAD/VMSAVE intercepts and VLS (Virtual VMLOAD/VMSAVE) for the L2 guest. As a result, the L2 guest would be allowed to read/write physical pages of the host, resulting in a crash of the entire system, leak of sensitive data or potential guest-to-host escape.
CVE-2021-20257 4 Debian, Fedoraproject, Qemu and 1 more 8 Debian Linux, Fedora, Qemu and 5 more 2023-12-10 2.1 LOW 6.5 MEDIUM
An infinite loop flaw was found in the e1000 NIC emulator of the QEMU. This issue occurs while processing transmits (tx) descriptors in process_tx_desc if various descriptor fields are initialized with invalid values. This flaw allows a guest to consume CPU cycles on the host, resulting in a denial of service. The highest threat from this vulnerability is to system availability.
CVE-2020-25717 5 Canonical, Debian, Fedoraproject and 2 more 25 Ubuntu Linux, Debian Linux, Fedora and 22 more 2023-12-10 8.5 HIGH 8.1 HIGH
A flaw was found in the way Samba maps domain users to local users. An authenticated attacker could use this flaw to cause possible privilege escalation.
CVE-2022-0492 6 Canonical, Debian, Fedoraproject and 3 more 30 Ubuntu Linux, Debian Linux, Fedora and 27 more 2023-12-10 6.9 MEDIUM 7.8 HIGH
A vulnerability was found in the Linux kernel’s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 release_agent feature to escalate privileges and bypass the namespace isolation unexpectedly.
CVE-2021-3744 5 Debian, Fedoraproject, Linux and 2 more 24 Debian Linux, Fedora, Linux Kernel and 21 more 2023-12-10 2.1 LOW 5.5 MEDIUM
A memory leak flaw was found in the Linux kernel in the ccp_run_aes_gcm_cmd() function in drivers/crypto/ccp/ccp-ops.c, which allows attackers to cause a denial of service (memory consumption). This vulnerability is similar with the older CVE-2019-18808.