Redhat

Enterprise Linux

1857 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
Exploit
  • EPSS 4.33%
  • Veröffentlicht 19.06.2019 00:15:12
  • Zuletzt bearbeitet 21.11.2024 04:20:25

When using the gdImageCreateFromXbm() function in the GD Graphics Library (aka LibGD) 2.2.5, as used in the PHP GD extension in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6, it is possible to supply data that will cause t...

  • EPSS 98.75%
  • Veröffentlicht 19.06.2019 00:15:12
  • Zuletzt bearbeitet 21.11.2024 04:21:09

Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. This ha...

  • EPSS 94.69%
  • Veröffentlicht 19.06.2019 00:15:12
  • Zuletzt bearbeitet 21.11.2024 04:21:09

Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. A remote attacker could use this to cause a denia...

  • EPSS 91.66%
  • Veröffentlicht 19.06.2019 00:15:12
  • Zuletzt bearbeitet 21.11.2024 04:21:09

Jonathan Looney discovered that the Linux kernel default MSS is hard-coded to 48 bytes. This allows a remote peer to fragment TCP resend queues significantly more than if a larger MSS were enforced. A remote attacker could use this to cause a denial ...

  • EPSS 0.51%
  • Veröffentlicht 18.06.2019 18:15:09
  • Zuletzt bearbeitet 21.11.2024 01:46:43

A heap-based buffer overflow exists in GNU Bash before 4.3 when wide characters, not supported by the current locale set in the LC_CTYPE environment variable, are printed through the echo built-in function. A local attacker, who can provide data to p...

  • EPSS 3.22%
  • Veröffentlicht 17.06.2019 19:15:11
  • Zuletzt bearbeitet 21.11.2024 04:49:41

An issue was discovered in RubyGems 2.6 and later through 3.0.2. A crafted gem with a multi-line name is not handled correctly. Therefore, an attacker could inject arbitrary code to the stub line of gemspec, which is eval-ed by code in ensure_loadabl...

  • EPSS 6.82%
  • Veröffentlicht 14.06.2019 14:29:00
  • Zuletzt bearbeitet 21.11.2024 04:18:28

A flaw was found in the Linux kernel. A heap based buffer overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c might lead to memory corruption and possibly other consequences.

  • EPSS 0.51%
  • Veröffentlicht 12.06.2019 14:29:02
  • Zuletzt bearbeitet 21.11.2024 04:18:32

The Libreswan Project has found a vulnerability in the processing of IKEv1 informational exchange packets which are encrypted and integrity protected using the established IKE SA encryption and integrity keys, but as a receiver, the integrity check v...

  • EPSS 0.53%
  • Veröffentlicht 05.06.2019 15:29:03
  • Zuletzt bearbeitet 21.11.2024 04:52:14

An integer underflow issue exists in ntfs-3g 2017.3.23. A local attacker could potentially exploit this by running /bin/ntfs-3g with specially crafted arguments from a specially crafted directory to cause a heap buffer overflow, resulting in a crash ...

  • EPSS 0.62%
  • Veröffentlicht 03.06.2019 22:29:00
  • Zuletzt bearbeitet 21.11.2024 04:23:11

An issue was discovered in dlpar_parse_cc_property in arch/powerpc/platforms/pseries/dlpar.c in the Linux kernel through 5.1.6. There is an unchecked kstrdup of prop->name, which might allow an attacker to cause a denial of service (NULL pointer dere...