Vulnerabilities (CVE)

Filtered by vendor Redhat Subscribe
Filtered by product Enterprise Linux Aus
Total 42 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-10661 3 Debian, Linux, Redhat 6 Debian Linux, Linux Kernel, Enterprise Linux and 3 more 2024-03-14 7.6 HIGH 7.0 HIGH
Race condition in fs/timerfd.c in the Linux kernel before 4.10.15 allows local users to gain privileges or cause a denial of service (list corruption or use-after-free) via simultaneous file-descriptor operations that leverage improper might_cancel queueing.
CVE-2019-11477 6 Canonical, F5, Ivanti and 3 more 24 Ubuntu Linux, Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager and 21 more 2024-02-27 7.8 HIGH 7.5 HIGH
Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commit 3b4929f65b0d8249f19a50245cd88ed1a2f78cff.
CVE-2019-11478 6 Canonical, F5, Ivanti and 3 more 24 Ubuntu Linux, Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager and 21 more 2024-02-27 5.0 MEDIUM 7.5 HIGH
Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commit f070ef2ac66716357066b683fb0baf55f8191a2e.
CVE-2020-1045 3 Fedoraproject, Microsoft, Redhat 6 Fedora, Asp.net Core, Enterprise Linux and 3 more 2023-12-31 5.0 MEDIUM 7.5 HIGH
<p>A security feature bypass vulnerability exists in the way Microsoft ASP.NET Core parses encoded cookie names.</p> <p>The ASP.NET Core cookie parser decodes entire cookie strings which could allow a malicious attacker to set a second cookie with the name being percent encoded.</p> <p>The security update addresses the vulnerability by fixing the way the ASP.NET Core cookie parser handles encoded names.</p>
CVE-2023-3972 1 Redhat 19 Enterprise Linux, Enterprise Linux Aus, Enterprise Linux Desktop and 16 more 2023-12-10 N/A 7.8 HIGH
A vulnerability was found in insights-client. This security issue occurs because of insecure file operations or unsafe handling of temporary files and directories that lead to local privilege escalation. Before the insights-client has been registered on the system by root, an unprivileged local user or attacker could create the /var/tmp/insights-client directory (owning the directory with read, write, and execute permissions) on the system. After the insights-client is registered by root, an attacker could then control the directory content that insights are using by putting malicious scripts into it and executing arbitrary code as root (trivially bypassing SELinux protections because insights processes are allowed to disable SELinux system-wide).
CVE-2023-0494 3 Fedoraproject, Redhat, X.org 18 Fedora, Enterprise Linux, Enterprise Linux Aus and 15 more 2023-12-10 N/A 7.8 HIGH
A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be exploited by ProcXkbSetDeviceInfo() and ProcXkbGetDeviceInfo() to read and write into freed memory. This can lead to local privilege elevation on systems where the X server runs privileged and remote code execution for ssh X forwarding sessions.
CVE-2021-3669 5 Debian, Fedoraproject, Ibm and 2 more 24 Debian Linux, Fedora, Spectrum Copy Data Management and 21 more 2023-12-10 N/A 5.5 MEDIUM
A flaw was found in the Linux kernel. Measuring usage of the shared memory does not scale with large shared memory segment counts which could lead to resource exhaustion and DoS.
CVE-2021-20316 3 Debian, Redhat, Samba 7 Debian Linux, Enterprise Linux, Enterprise Linux Aus and 4 more 2023-12-10 N/A 6.8 MEDIUM
A flaw was found in the way Samba handled file/directory metadata. This flaw allows an authenticated attacker with permissions to read or modify share metadata, to perform this operation outside of the share.
CVE-2021-3609 3 Linux, Netapp, Redhat 43 Linux Kernel, H300e, H300e Firmware and 40 more 2023-12-10 6.9 MEDIUM 7.0 HIGH
.A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory, crash the system or escalate privileges. This race condition in net/can/bcm.c in the Linux kernel allows for local privilege escalation to root.
CVE-2021-3570 4 Debian, Fedoraproject, Linuxptp Project and 1 more 7 Debian Linux, Fedora, Linuxptp and 4 more 2023-12-10 8.0 HIGH 8.8 HIGH
A flaw was found in the ptp4l program of the linuxptp package. A missing length check when forwarding a PTP message between ports allows a remote attacker to cause an information leak, crash, or potentially remote code execution. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. This flaw affects linuxptp versions before 3.1.1, before 2.0.1, before 1.9.3, before 1.8.1, before 1.7.1, before 1.6.1 and before 1.5.1.
CVE-2020-14391 2 Gnome, Redhat 5 Control Center, Enterprise Linux, Enterprise Linux Aus and 2 more 2023-12-10 2.1 LOW 5.5 MEDIUM
A flaw was found in the GNOME Control Center in Red Hat Enterprise Linux 8 versions prior to 8.2, where it improperly uses Red Hat Customer Portal credentials when a user registers a system through the GNOME Settings User Interface. This flaw allows a local attacker to discover the Red Hat Customer Portal password. The highest threat from this vulnerability is to confidentiality.
CVE-2020-14355 5 Canonical, Debian, Opensuse and 2 more 10 Ubuntu Linux, Debian Linux, Leap and 7 more 2023-12-10 6.5 MEDIUM 6.6 MEDIUM
Multiple buffer overflow vulnerabilities were found in the QUIC image decoding process of the SPICE remote display system, before spice-0.14.2-1. Both the SPICE client (spice-gtk) and server are affected by these flaws. These flaws allow a malicious client or server to send specially crafted messages that, when processed by the QUIC image compression algorithm, result in a process crash or potential code execution.
CVE-2020-10711 5 Canonical, Debian, Linux and 2 more 11 Ubuntu Linux, Debian Linux, Linux Kernel and 8 more 2023-12-10 4.3 MEDIUM 5.9 MEDIUM
A NULL pointer dereference flaw was found in the Linux kernel's SELinux subsystem in versions before 5.7. This flaw occurs while importing the Commercial IP Security Option (CIPSO) protocol's category bitmap into the SELinux extensible bitmap via the' ebitmap_netlbl_import' routine. While processing the CIPSO restricted bitmap tag in the 'cipso_v4_parsetag_rbm' routine, it sets the security attribute to indicate that the category bitmap is present, even if it has not been allocated. This issue leads to a NULL pointer dereference issue while importing the same category bitmap into SELinux. This flaw allows a remote network user to crash the system kernel, resulting in a denial of service.
CVE-2019-9506 8 Apple, Blackberry, Canonical and 5 more 274 Iphone Os, Mac Os X, Tvos and 271 more 2023-12-10 4.8 MEDIUM 8.1 HIGH
The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") that can decrypt traffic and inject arbitrary ciphertext without the victim noticing.
CVE-2018-16878 6 Canonical, Clusterlabs, Debian and 3 more 9 Ubuntu Linux, Pacemaker, Debian Linux and 6 more 2023-12-10 2.1 LOW 5.5 MEDIUM
A flaw was found in pacemaker up to and including version 2.0.1. An insufficient verification inflicted preference of uncontrolled processes can lead to DoS
CVE-2019-11811 3 Linux, Opensuse, Redhat 9 Linux Kernel, Leap, Enterprise Linux and 6 more 2023-12-10 6.9 MEDIUM 7.0 HIGH
An issue was discovered in the Linux kernel before 5.0.4. There is a use-after-free upon attempted read access to /proc/ioports after the ipmi_si module is removed, related to drivers/char/ipmi/ipmi_si_intf.c, drivers/char/ipmi/ipmi_si_mem_io.c, and drivers/char/ipmi/ipmi_si_port_io.c.
CVE-2019-10126 6 Canonical, Debian, Linux and 3 more 26 Ubuntu Linux, Debian Linux, Linux Kernel and 23 more 2023-12-10 7.5 HIGH 9.8 CRITICAL
A flaw was found in the Linux kernel. A heap based buffer overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c might lead to memory corruption and possibly other consequences.
CVE-2018-14638 2 Fedoraproject, Redhat 7 389 Directory Server, Enterprise Linux Aus, Enterprise Linux Desktop and 4 more 2023-12-10 5.0 MEDIUM 7.5 HIGH
A flaw was found in 389-ds-base before version 1.3.8.4-13. The process ns-slapd crashes in delete_passwdPolicy function when persistent search connections are terminated unexpectedly leading to remote denial of service.
CVE-2018-13405 6 Canonical, Debian, F5 and 3 more 27 Ubuntu Linux, Debian Linux, Big-ip Access Policy Manager and 24 more 2023-12-10 4.6 MEDIUM 7.8 HIGH
The inode_init_owner function in fs/inode.c in the Linux kernel through 3.16 allows local users to create files with an unintended group ownership, in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of that group. Here, the non-member can trigger creation of a plain file whose group ownership is that group. The intended behavior was that the non-member can trigger creation of a directory (but not a plain file) whose group ownership is that group. The non-member can escalate privileges by making the plain file executable and SGID.
CVE-2017-7847 3 Debian, Mozilla, Redhat 7 Debian Linux, Thunderbird, Enterprise Linux Aus and 4 more 2023-12-10 4.3 MEDIUM 4.3 MEDIUM
Crafted CSS in an RSS feed can leak and reveal local path strings, which may contain user name. This vulnerability affects Thunderbird < 52.5.2.