Vulnerabilities (CVE)

Filtered by vendor Redhat Subscribe
Filtered by product Enterprise Linux
Total 1270 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-41819 6 Debian, Fedoraproject, Opensuse and 3 more 9 Debian Linux, Fedora, Factory and 6 more 2022-01-21 5.0 MEDIUM 7.5 HIGH
CGI::Cookie.parse in Ruby through 2.6.8 mishandles security prefixes in cookie names. This also affects the CGI gem through 0.3.0 for Ruby.
CVE-2021-4104 3 Apache, Fedoraproject, Redhat 20 Log4j, Fedora, Codeready Studio and 17 more 2022-01-18 6.0 MEDIUM 7.5 HIGH
JMSAppender in Log4j 1.2 is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration. The attacker can provide TopicBindingName and TopicConnectionFactoryBindingName configurations causing JMSAppender to perform JNDI requests that result in remote code execution in a similar fashion to CVE-2021-44228. Note this issue only affects Log4j 1.2 when specifically configured to use JMSAppender, which is not the default. Apache Log4j 1.2 reached end of life in August 2015. Users should upgrade to Log4j 2 as it addresses numerous other issues from the previous versions.
CVE-2021-4166 5 Debian, Opensuse, Redhat and 2 more 5 Debian Linux, Factory, Enterprise Linux and 2 more 2022-01-15 5.8 MEDIUM 7.1 HIGH
vim is vulnerable to Out-of-bounds Read
CVE-2021-44733 4 Debian, Fedoraproject, Linux and 1 more 4 Debian Linux, Fedora, Linux Kernel and 1 more 2022-01-14 4.4 MEDIUM 7.0 HIGH
A use-after-free exists in drivers/tee/tee_shm.c in the TEE subsystem in the Linux kernel through 5.15.11. This occurs because of a race condition in tee_shm_get_from_id during an attempt to free a shared memory object.
CVE-2021-45463 4 Fedoraproject, Gegl, Gimp and 1 more 4 Fedora, Gegl, Gimp and 1 more 2022-01-13 6.8 MEDIUM 7.8 HIGH
GEGL before 0.4.34, as used (for example) in GIMP before 2.10.30, allows shell expansion when a pathname in a constructed command line is not escaped or filtered. This is caused by use of the system library function for execution of the ImageMagick convert fallback in magick-load.
CVE-2021-41817 6 Debian, Fedoraproject, Opensuse and 3 more 9 Debian Linux, Fedora, Factory and 6 more 2022-01-11 5.0 MEDIUM 7.5 HIGH
Date.parse in the date gem through 3.2.0 for Ruby allows ReDoS (regular expression Denial of Service) via a long string. The fixed versions are 3.2.1, 3.1.2, 3.0.2, and 2.0.1.
CVE-2021-45078 4 Debian, Fedoraproject, Gnu and 1 more 4 Debian Linux, Fedora, Binutils and 1 more 2022-01-10 6.8 MEDIUM 7.8 HIGH
stab_xcoff_builtin_type in stabs.c in GNU Binutils through 2.37 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds write. NOTE: this issue exists because of an incorrect fix for CVE-2018-12699.
CVE-2021-3622 2 Fedoraproject, Redhat 4 Fedora, Enterprise Linux, Enterprise Linux Workstation and 1 more 2022-01-10 4.3 MEDIUM 4.3 MEDIUM
A flaw was found in the hivex library. This flaw allows an attacker to input a specially crafted Windows Registry (hive) file, which would cause hivex to recursively call the _get_children() function, leading to a stack overflow. The highest threat from this vulnerability is to system availability.
CVE-2021-4024 3 Fedoraproject, Podman Project, Redhat 3 Fedora, Podman, Enterprise Linux 2022-01-07 6.4 MEDIUM 6.5 MEDIUM
A flaw was found in podman. The `podman machine` function (used to create and manage Podman virtual machine containing a Podman process) spawns a `gvproxy` process on the host system. The `gvproxy` API is accessible on port 7777 on all IP addresses on the host. If that port is open on the host's firewall, an attacker can potentially use the `gvproxy` API to forward ports on the host to ports in the VM, making private services on the VM accessible to the network. This issue could be also used to interrupt the host's services by forwarding all ports to the VM.
CVE-2021-3621 3 Fedoraproject, Redhat, Sssd 8 Fedora, Enterprise Linux, Enterprise Linux Eus and 5 more 2022-01-07 9.3 HIGH 8.8 HIGH
A flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via the logs-fetch and cache-expire subcommands. This flaw allows an attacker to trick the root user into running a specially crafted sssctl command, such as via sudo, to gain root access. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
CVE-2021-3653 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2022-01-06 6.1 MEDIUM 8.8 HIGH
A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the "int_ctl" field, this issue could allow a malicious L1 to enable AVIC support (Advanced Virtual Interrupt Controller) for the L2 guest. As a result, the L2 guest would be allowed to read/write physical pages of the host, resulting in a crash of the entire system, leak of sensitive data or potential guest-to-host escape. This flaw affects Linux kernel versions prior to 5.14-rc7.
CVE-2021-3416 4 Debian, Fedoraproject, Qemu and 1 more 4 Debian Linux, Fedora, Qemu and 1 more 2022-01-04 2.1 LOW 6.0 MEDIUM
A potential stack overflow via infinite loop issue was found in various NIC emulators of QEMU in versions up to and including 5.2.0. The issue occurs in loopback mode of a NIC wherein reentrant DMA checks get bypassed. A guest user/process may use this flaw to consume CPU cycles or crash the QEMU process on the host resulting in DoS scenario.
CVE-2021-4048 5 Fedoraproject, Julialang, Lapack Project and 2 more 8 Fedora, Julia, Lapack and 5 more 2022-01-04 6.4 MEDIUM 9.1 CRITICAL
An out-of-bounds read flaw was found in the CLARRV, DLARRV, SLARRV, and ZLARRV functions in lapack through version 3.10.0, as also used in OpenBLAS before version 0.3.18. Specially crafted inputs passed to these functions could cause an application using lapack to crash or possibly disclose portions of its memory.
CVE-2019-13456 4 Freeradius, Linux, Opensuse and 1 more 4 Freeradius, Linux Kernel, Leap and 1 more 2022-01-01 2.9 LOW 6.5 MEDIUM
In FreeRADIUS 3.0 through 3.0.19, on average 1 in every 2048 EAP-pwd handshakes fails because the password element cannot be found within 10 iterations of the hunting and pecking loop. This leaks information that an attacker can use to recover the password of any user. This information leakage is similar to the "Dragonblood" attack and CVE-2019-9494.
CVE-2020-14382 4 Canonical, Cryptsetup Project, Fedoraproject and 1 more 4 Ubuntu Linux, Cryptsetup, Fedora and 1 more 2022-01-01 6.8 MEDIUM 7.8 HIGH
A vulnerability was found in upstream release cryptsetup-2.2.0 where, there's a bug in LUKS2 format validation code, that is effectively invoked on every device/image presenting itself as LUKS2 container. The bug is in segments validation code in file 'lib/luks2/luks2_json_metadata.c' in function hdr_validate_segments(struct crypt_device *cd, json_object *hdr_jobj) where the code does not check for possible overflow on memory allocation used for intervals array (see statement "intervals = malloc(first_backup * sizeof(*intervals));"). Due to the bug, library can be *tricked* to expect such allocation was successful but for far less memory then originally expected. Later it may read data FROM image crafted by an attacker and actually write such data BEYOND allocated memory.
CVE-2020-14318 2 Redhat, Samba 3 Enterprise Linux, Storage, Samba 2022-01-01 4.0 MEDIUM 4.3 MEDIUM
A flaw was found in the way samba handled file and directory permissions. An authenticated user could use this flaw to gain access to certain file and directory information which otherwise would be unavailable to the attacker.
CVE-2020-25656 3 Debian, Linux, Redhat 3 Debian Linux, Linux Kernel, Enterprise Linux 2022-01-01 1.9 LOW 4.1 MEDIUM
A flaw was found in the Linux kernel. A use-after-free was found in the way the console subsystem was using ioctls KDGKBSENT and KDSKBSENT. A local user could use this flaw to get read memory access out of bounds. The highest threat from this vulnerability is to data confidentiality.
CVE-2021-20245 4 Debian, Fedoraproject, Imagemagick and 1 more 4 Debian Linux, Fedora, Imagemagick and 1 more 2022-01-01 7.1 HIGH 5.5 MEDIUM
A flaw was found in ImageMagick in coders/webp.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. The highest threat from this vulnerability is to system availability.
CVE-2021-3679 3 Debian, Linux, Redhat 3 Debian Linux, Linux Kernel, Enterprise Linux 2022-01-01 2.1 LOW 5.5 MEDIUM
A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace ring buffer in a specific way. Only privileged local users (with CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service.
CVE-2021-38160 4 Debian, Linux, Netapp and 1 more 9 Debian Linux, Linux Kernel, Element Software and 6 more 2022-01-01 7.2 HIGH 7.8 HIGH
** DISPUTED ** In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE: the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; the length validation was added solely for robustness in the face of anomalous host OS behavior.