Vulnerabilities (CVE)

Filtered by vendor Redhat Subscribe
Filtered by product Enterprise Linux
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-3507 2 Qemu, Redhat 2 Qemu, Enterprise Linux 2021-05-17 3.6 LOW 6.1 MEDIUM
A heap buffer overflow was found in the floppy disk emulator of QEMU up to 6.0.0 (including). It could occur in fdctrl_transfer_handler() in hw/block/fdc.c while processing DMA read data transfers from the floppy drive to the guest system. A privileged guest user could use this flaw to crash the QEMU process on the host resulting in DoS scenario, or potential information leakage from the host memory.
CVE-2019-14865 2 Gnu, Redhat 3 Grub2, Enterprise Linux, Enterprise Linux Eus 2021-05-17 4.9 MEDIUM 5.5 MEDIUM
A flaw was found in the grub2-set-bootflag utility of grub2. A local attacker could run this utility under resource pressure (for example by setting RLIMIT), causing grub2 configuration files to be truncated and leaving the system unbootable on subsequent reboots.
CVE-2021-20232 3 Fedoraproject, Gnu, Redhat 3 Fedora, Gnutls, Enterprise Linux 2021-05-17 7.5 HIGH 9.8 CRITICAL
A flaw was found in gnutls. A use after free issue in client_send_params in lib/ext/pre_shared_key.c may lead to memory corruption and other potential consequences.
CVE-2021-3482 2 Exiv2, Redhat 2 Exiv2, Enterprise Linux 2021-05-14 6.4 MEDIUM 6.5 MEDIUM
A flaw was found in Exiv2 in versions before and including 0.27.4-RC1. Improper input validation of the rawData.size property in Jp2Image::readMetadata() in jp2image.cpp can lead to a heap-based buffer overflow via a crafted JPG image containing malicious EXIF data.
CVE-2021-20271 3 Fedoraproject, Redhat, Rpm 3 Fedora, Enterprise Linux, Rpm 2021-05-14 5.1 MEDIUM 7.0 HIGH
A flaw was found in RPM's signature check functionality when reading a package file. This flaw allows an attacker who can convince a victim to install a seemingly verifiable package, whose signature header was modified, to cause RPM database corruption and execute code. The highest threat from this vulnerability is to data integrity, confidentiality, and system availability.
CVE-2021-3501 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2021-05-14 3.6 LOW 7.1 HIGH
A flaw was found in the Linux kernel in versions before 5.12. The value of internal.ndata, in the KVM API, is mapped to an array index, which can be updated by a user process at anytime which could lead to an out-of-bounds write. The highest threat from this vulnerability is to data integrity and system availability.
CVE-2021-20254 3 Fedoraproject, Redhat, Samba 3 Fedora, Enterprise Linux, Samba 2021-05-14 5.5 MEDIUM 8.1 HIGH
A flaw was found in samba. The Samba smbd file server must map Windows group identities (SIDs) into unix group ids (gids). The code that performs this had a flaw that could allow it to read data beyond the end of the array in the case where a negative cache entry had been added to the mapping cache. This could cause the calling code to return those values into the process token that stores the group membership for a user. The highest threat from this vulnerability is to data confidentiality and integrity.
CVE-2020-35508 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2021-05-13 4.4 MEDIUM 4.5 MEDIUM
A flaw possibility of race condition and incorrect initialization of the process id was found in the Linux kernel child/parent process identification handling while filtering signal handlers. A local attacker is able to abuse this flaw to bypass checks to send any signal to a privileged process.
CVE-2013-0222 2 Opensuse, Redhat 2 Opensuse, Enterprise Linux 2021-05-13 2.1 LOW N/A
The SUSE coreutils-i18n.patch for GNU coreutils allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a long string to the uniq command, which triggers a stack-based buffer overflow in the alloca function.
CVE-2013-0221 2 Opensuse, Redhat 2 Opensuse, Enterprise Linux 2021-05-13 4.3 MEDIUM N/A
The SUSE coreutils-i18n.patch for GNU coreutils allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a long string to the sort command, when using the (1) -d or (2) -M switch, which triggers a stack-based buffer overflow in the alloca function.
CVE-2013-0223 2 Opensuse, Redhat 2 Opensuse, Enterprise Linux 2021-05-13 1.9 LOW N/A
The SUSE coreutils-i18n.patch for GNU coreutils allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a long string to the join command, when using the -i switch, which triggers a stack-based buffer overflow in the alloca function.
CVE-2018-18584 6 Cabextract Project, Canonical, Debian and 3 more 6 Cabextract, Ubuntu Linux, Debian Linux and 3 more 2021-05-12 4.3 MEDIUM 6.5 MEDIUM
In mspack/cab.h in libmspack before 0.8alpha and cabextract before 1.8, the CAB block input buffer is one byte too small for the maximal Quantum block, leading to an out-of-bounds write.
CVE-2018-1000632 5 Debian, Dom4j Project, Netapp and 2 more 15 Debian Linux, Dom4j, Oncommand Workflow Automation and 12 more 2021-05-12 5.0 MEDIUM 7.5 HIGH
dom4j version prior to version 2.1.1 contains a CWE-91: XML Injection vulnerability in Class: Element. Methods: addElement, addAttribute that can result in an attacker tampering with XML documents through XML injection. This attack appear to be exploitable via an attacker specifying attributes or elements in the XML document. This vulnerability appears to have been fixed in 2.1.1 or later.
CVE-2020-27786 2 Linux, Redhat 4 Linux Kernel, Enterprise Linux, Enterprise Mrg and 1 more 2021-05-12 7.2 HIGH 7.8 HIGH
A flaw was found in the Linux kernel’s implementation of MIDI, where an attacker with a local account and the permissions to issue ioctl commands to midi devices could trigger a use-after-free issue. A write to this specific memory while freed and before use causes the flow of execution to change and possibly allow for memory corruption or privilege escalation. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
CVE-2020-25705 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2021-05-11 5.8 MEDIUM 7.4 HIGH
A flaw in the way reply ICMP packets are limited in the Linux kernel functionality was found that allows to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypassing source port UDP randomization. The highest threat from this vulnerability is to confidentiality and possibly integrity, because software that relies on UDP source port randomization are indirectly affected as well. Kernel versions before 5.10 may be vulnerable to this issue.
CVE-2021-3416 3 Fedoraproject, Qemu, Redhat 3 Fedora, Qemu, Enterprise Linux 2021-05-07 2.1 LOW 6.0 MEDIUM
A potential stack overflow via infinite loop issue was found in various NIC emulators of QEMU in versions up to and including 5.2.0. The issue occurs in loopback mode of a NIC wherein reentrant DMA checks get bypassed. A guest user/process may use this flaw to consume CPU cycles or crash the QEMU process on the host resulting in DoS scenario.
CVE-2021-3393 2 Postgresql, Redhat 3 Postgresql, Enterprise Linux, Software Collections 2021-05-07 3.5 LOW 4.3 MEDIUM
An information leak was discovered in postgresql in versions before 13.2, before 12.6 and before 11.11. A user having UPDATE permission but not SELECT permission to a particular column could craft queries which, under some circumstances, might disclose values from that column in error messages. An attacker could use this flaw to obtain information stored in a column they are allowed to write but not read.
CVE-2021-3409 3 Fedoraproject, Qemu, Redhat 3 Fedora, Qemu, Enterprise Linux 2021-05-07 4.6 MEDIUM 5.7 MEDIUM
The patch for CVE-2020-17380/CVE-2020-25085 was found to be ineffective, thus making QEMU vulnerable to the out-of-bounds read/write access issues previously found in the SDHCI controller emulation code. This flaw allows a malicious privileged guest to crash the QEMU process on the host, resulting in a denial of service or potential code execution. QEMU up to (including) 5.2.0 is affected by this.
CVE-2021-20270 3 Fedoraproject, Pygments, Redhat 6 Fedora, Pygments, Enterprise Linux and 3 more 2021-05-06 5.0 MEDIUM 7.5 HIGH
An infinite loop in SMLLexer in Pygments versions 1.5 to 2.7.3 may lead to denial of service when performing syntax highlighting of a Standard ML (SML) source file, as demonstrated by input that only contains the "exception" keyword.
CVE-2021-20291 2 Redhat, Storage Project 3 Enterprise Linux, Openshift Container Platform, Storage 2021-05-06 7.1 HIGH 6.5 MEDIUM
A deadlock vulnerability was found in 'github.com/containers/storage' in versions before 1.28.1. When a container image is processed, each layer is unpacked using `tar`. If one of those layers is not a valid `tar` archive this causes an error leading to an unexpected situation where the code indefinitely waits for the tar unpacked stream, which never finishes. An attacker could use this vulnerability to craft a malicious image, which when downloaded and stored by an application using containers/storage, would then cause a deadlock leading to a Denial of Service (DoS).