Redhat

Enterprise Linux Aus

44 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5

CVE-2020-1045

  • EPSS 20.52%
  • Veröffentlicht 11.09.2020 17:15:18
  • Zuletzt bearbeitet 21.11.2024 05:09:37

<p>A security feature bypass vulnerability exists in the way Microsoft ASP.NET Core parses encoded cookie names.</p> <p>The ASP.NET Core cookie parser decodes entire cookie strings which could allow a malicious attacker to set a second cookie with th...

5.9

CVE-2020-10711

  • EPSS 5.08%
  • Veröffentlicht 22.05.2020 15:15:11
  • Zuletzt bearbeitet 21.11.2024 04:55:54

A NULL pointer dereference flaw was found in the Linux kernel's SELinux subsystem in versions before 5.7. This flaw occurs while importing the Commercial IP Security Option (CIPSO) protocol's category bitmap into the SELinux extensible bitmap via the...

8.1

CVE-2019-9506

  • EPSS 3.28%
  • Veröffentlicht 14.08.2019 17:15:11
  • Zuletzt bearbeitet 21.11.2024 04:51:45

The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") tha...

7.5

CVE-2019-11478

  • EPSS 30.13%
  • Veröffentlicht 19.06.2019 00:15:12
  • Zuletzt bearbeitet 21.11.2024 04:21:09

Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. A remote attacker could use this to cause a denia...

7.8

CVE-2019-11477

  • EPSS 74.55%
  • Veröffentlicht 19.06.2019 00:15:12
  • Zuletzt bearbeitet 21.11.2024 04:21:09

Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. This ha...

9.8

CVE-2019-10126

  • EPSS 3.84%
  • Veröffentlicht 14.06.2019 14:29:00
  • Zuletzt bearbeitet 21.11.2024 04:18:28

A flaw was found in the Linux kernel. A heap based buffer overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c might lead to memory corruption and possibly other consequences.

7

CVE-2019-11811

  • EPSS 0.07%
  • Veröffentlicht 07.05.2019 14:29:00
  • Zuletzt bearbeitet 21.11.2024 04:21:48

An issue was discovered in the Linux kernel before 5.0.4. There is a use-after-free upon attempted read access to /proc/ioports after the ipmi_si module is removed, related to drivers/char/ipmi/ipmi_si_intf.c, drivers/char/ipmi/ipmi_si_mem_io.c, and ...

5.5

CVE-2018-16878

  • EPSS 0.02%
  • Veröffentlicht 18.04.2019 18:29:00
  • Zuletzt bearbeitet 21.11.2024 03:53:30

A flaw was found in pacemaker up to and including version 2.0.1. An insufficient verification inflicted preference of uncontrolled processes can lead to DoS

7.5

CVE-2018-14638

  • EPSS 0.86%
  • Veröffentlicht 14.09.2018 19:29:00
  • Zuletzt bearbeitet 21.11.2024 03:49:29

A flaw was found in 389-ds-base before version 1.3.8.4-13. The process ns-slapd crashes in delete_passwdPolicy function when persistent search connections are terminated unexpectedly leading to remote denial of service.

7.8

CVE-2018-13405

Exploit
  • EPSS 0.15%
  • Veröffentlicht 06.07.2018 14:29:01
  • Zuletzt bearbeitet 21.11.2024 03:47:02

The inode_init_owner function in fs/inode.c in the Linux kernel through 3.16 allows local users to create files with an unintended group ownership, in a scenario where a directory is SGID to a certain group and is writable by a user who is not a memb...