Redhat

Enterprise Linux

1857 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.53%
  • Veröffentlicht 30.07.2018 16:29:00
  • Zuletzt bearbeitet 21.11.2024 03:42:13

A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bounds write in jbd2_journal_dirty_metadata(), a denial of service, and a system crash by mounting and operating on a crafted ext4 filesystem image.

  • EPSS 0.7%
  • Veröffentlicht 30.07.2018 15:29:00
  • Zuletzt bearbeitet 21.11.2024 03:32:03

A flaw was found in the Linux kernel before version 4.12 in the way the KVM module processed the trap flag(TF) bit in EFLAGS during emulation of the syscall instruction, which leads to a debug exception(#DB) being raised in the guest stack. A user/pr...

Exploit
  • EPSS 11.93%
  • Veröffentlicht 27.07.2018 21:29:00
  • Zuletzt bearbeitet 21.11.2024 03:14:06

A stack-based buffer overflow vulnerability was found in NBD server implementation in qemu before 2.11 allowing a client to request an export name of size up to 4096 bytes, which in fact should be limited to 256 bytes, causing an out-of-bounds stack ...

  • EPSS 0.46%
  • Veröffentlicht 27.07.2018 19:29:00
  • Zuletzt bearbeitet 21.11.2024 03:23:50

A flaw was found in the Linux kernel's handling of clearing SELinux attributes on /proc/pid/attr files before 4.9.10. An empty (null) write to this file can crash the system by causing the system to attempt to access unmapped kernel memory.

Exploit
  • EPSS 0.72%
  • Veröffentlicht 27.07.2018 18:29:01
  • Zuletzt bearbeitet 21.11.2024 03:42:13

A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bound write in in fs/jbd2/transaction.c code, a denial of service, and a system crash by unmounting a crafted ext4 filesystem image.

  • EPSS 1.28%
  • Veröffentlicht 27.07.2018 18:29:00
  • Zuletzt bearbeitet 21.11.2024 03:23:47

A vulnerability was found in ipa before 4.4. IdM's ca-del, ca-disable, and ca-enable commands did not properly check the user's permissions while modifying CAs in Dogtag. An authenticated, unauthorized attacker could use this flaw to delete, disable,...

  • EPSS 1.03%
  • Veröffentlicht 27.07.2018 18:29:00
  • Zuletzt bearbeitet 21.11.2024 03:23:51

It was discovered that rpm-ostree and rpm-ostree-client before 2017.3 fail to properly check GPG signatures on packages when doing layering. Packages with unsigned or badly signed content could fail to be rejected as expected. This issue is partially...

Exploit
  • EPSS 0.53%
  • Veröffentlicht 27.07.2018 18:29:00
  • Zuletzt bearbeitet 21.11.2024 03:23:51

It was discovered that libXdmcp before 1.1.2 including used weak entropy to generate session keys. On a multi-user system using xdmcp, a local attacker could potentially use information available from the process list to brute force the key, allowing...

  • EPSS 4.6%
  • Veröffentlicht 27.07.2018 12:29:00
  • Zuletzt bearbeitet 21.11.2024 03:08:56

A flaw was found in the way samba client before samba 4.4.16, samba 4.5.14 and samba 4.6.8 used encryption with the max protocol set as SMB3. The connection could lose the requirement for signing and encrypting to any DFS redirects, allowing an attac...

Exploit
  • EPSS 0.86%
  • Veröffentlicht 26.07.2018 18:29:00
  • Zuletzt bearbeitet 21.11.2024 03:42:12

A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause a use-after-free in ext4_xattr_set_entry function and a denial of service or unspecified other impact may occur by renaming a file in a crafted ext4 filesystem image.