Redhat

Enterprise Linux

1857 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.36%
  • Veröffentlicht 09.01.2018 19:29:00
  • Zuletzt bearbeitet 21.11.2024 03:14:07

A use-after-free vulnerability was found in network namespaces code affecting the Linux kernel before 4.14.11. The function get_net_ns_by_id() in net/core/net_namespace.c does not check for the net::count value after it has found a peer network in ne...

  • EPSS 0.47%
  • Veröffentlicht 08.01.2018 19:29:00
  • Zuletzt bearbeitet 21.11.2024 02:05:10

(1) core/tests/test_memmap.py, (2) core/tests/test_multiarray.py, (3) f2py/f2py2e.py, and (4) lib/tests/test_io.py in NumPy before 1.8.1 allow local users to write to arbitrary files via a symlink attack on a temporary file.

  • EPSS 2.67%
  • Veröffentlicht 29.12.2017 22:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

The find_ifcfg_path function in netcf before 0.2.7 might allow attackers to cause a denial of service (application crash) via vectors involving augeas path expressions.

  • EPSS 0.51%
  • Veröffentlicht 29.12.2017 15:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

The einj_error_inject function in drivers/acpi/apei/einj.c in the Linux kernel allows local users to simulate hardware errors and consequently cause a denial of service by leveraging failure to disable APEI error injection through EINJ when securelev...

  • EPSS 5.5%
  • Veröffentlicht 18.12.2017 19:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

A security-check flaw was found in the way the Heketi 5 server API handled user requests. An authenticated Heketi user could send specially crafted requests to the Heketi server, resulting in remote command execution as the user running Heketi server...

  • EPSS 0.43%
  • Veröffentlicht 18.12.2017 19:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

An access flaw was found in Heketi 5, where the heketi.json configuration file was world readable. An attacker having local access to the Heketi server could read plain-text passwords from the heketi.json file.

  • EPSS 0.4%
  • Veröffentlicht 07.12.2017 02:29:13
  • Zuletzt bearbeitet 13.05.2026 00:24:29

A non-privileged user is able to mount a fuse filesystem on RHEL 6 or 7 and crash a system if an application punches a hole in a file that does not end aligned to a page boundary.

  • EPSS 0.38%
  • Veröffentlicht 30.11.2017 18:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

The rngapi_reset function in crypto/rng.c in the Linux kernel before 4.2 allows attackers to cause a denial of service (NULL pointer dereference).

  • EPSS 0.39%
  • Veröffentlicht 15.11.2017 21:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

The tower_probe function in drivers/usb/misc/legousbtower.c in the Linux kernel before 4.8.1 allows local users (who are physically proximate for inserting a crafted USB device) to gain privileges by leveraging a write-what-where condition that occur...

  • EPSS 0.37%
  • Veröffentlicht 05.10.2017 01:29:04
  • Zuletzt bearbeitet 13.05.2026 00:24:29

Linux kernel: heap out-of-bounds in AF_PACKET sockets. This new issue is analogous to previously disclosed CVE-2016-8655. In both cases, a socket option that changes socket state may race with safety checks in packet_set_ring. Previously with PACKET_...