Redhat

Enterprise Linux

1857 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
Exploit
  • EPSS 2.5%
  • Veröffentlicht 27.08.2021 15:15:09
  • Zuletzt bearbeitet 21.11.2024 06:23:40

squashfs_opendir in unsquash-1.c in Squashfs-Tools 4.5 stores the filename in the directory entry; this is then used by unsquashfs to create the new file during the unsquash. The filename is not validated for traversal outside of the destination dire...

  • EPSS 1.01%
  • Veröffentlicht 25.08.2021 19:15:14
  • Zuletzt bearbeitet 21.11.2024 06:21:57

There's a flaw in OpenEXR's rleUncompress functionality in versions prior to 3.0.5. An attacker who is able to submit a crafted file to an application linked with OpenEXR could cause an out-of-bounds read. The greatest risk from this flaw is to appli...

Exploit
  • EPSS 0.37%
  • Veröffentlicht 13.08.2021 14:15:07
  • Zuletzt bearbeitet 21.11.2024 06:21:52

A use-after-free in function hci_sock_bound_ioctl() of the Linux kernel HCI subsystem was found in the way user calls ioct HCIUNBLOCKADDR or other way triggers race condition of the call hci_unregister_dev() together with one of the calls hci_sock_bl...

  • EPSS 0.24%
  • Veröffentlicht 13.08.2021 14:15:07
  • Zuletzt bearbeitet 21.11.2024 06:22:02

A flaw was found in the Linux kernel netfilter implementation in versions prior to 5.5-rc7. A user with root (CAP_SYS_ADMIN) access is able to panic the system when issuing netfilter netflow commands.

  • EPSS 2.81%
  • Veröffentlicht 12.08.2021 15:15:07
  • Zuletzt bearbeitet 21.11.2024 05:46:21

Stack buffer overflow in libspf2 versions below 1.2.11 when processing certain SPF macros can lead to Denial of service and potentially code execution via malicious crafted SPF explanation messages.

  • EPSS 0.4%
  • Veröffentlicht 07.08.2021 04:15:06
  • Zuletzt bearbeitet 05.05.2025 14:12:40

In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE: the vendor indicates that the cited data corruption is...

  • EPSS 0.31%
  • Veröffentlicht 05.08.2021 21:15:13
  • Zuletzt bearbeitet 21.11.2024 06:22:05

A vulnerability was found in the Linux kernel in versions prior to v5.14-rc1. Missing size validations on inbound SCTP packets may allow the kernel to read uninitialized memory.

  • EPSS 2.69%
  • Veröffentlicht 05.08.2021 21:15:12
  • Zuletzt bearbeitet 21.11.2024 06:21:53

A flaw was found in the way nettle's RSA decryption functions handled specially crafted ciphertext. An attacker could use this flaw to provide a manipulated ciphertext leading to application crash and denial of service.

  • EPSS 0.73%
  • Veröffentlicht 05.08.2021 20:15:09
  • Zuletzt bearbeitet 21.11.2024 06:22:08

A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace ring buffer in a specific way. Only privileged local users (with CAP_SYS_ADMIN capability) could use this flaw ...

  • EPSS 2.9%
  • Veröffentlicht 05.08.2021 20:15:09
  • Zuletzt bearbeitet 21.11.2024 06:22:09

A flaw was found in the USB redirector device emulation of QEMU in versions prior to 6.1.0-rc2. It occurs when dropping packets during a bulk transfer from a SPICE client due to the packet queue being full. A malicious SPICE client could use this fla...