Filtered by vendor Redhat
Subscriptions
Filtered by product Rhel Aus
Subscriptions
Total
1179 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-42896 | 2 Linux, Redhat | 8 Linux Kernel, Enterprise Linux, Rhel Aus and 5 more | 2025-04-21 | 8 High |
| There are use-after-free vulnerabilities in the Linux kernel's net/bluetooth/l2cap_core.c's l2cap_connect and l2cap_le_connect_req functions which may allow code execution and leaking kernel memory (respectively) remotely via Bluetooth. A remote attacker could execute code leaking kernel memory via Bluetooth if within proximity of the victim. We recommend upgrading past commit https://www.google.com/url https://github.com/torvalds/linux/commit/711f8c3fb3db61897080468586b970c87c61d9e4 https://www.google.com/url | ||||
| CVE-2024-38428 | 2 Gnu, Redhat | 6 Wget, Enterprise Linux, Rhel Aus and 3 more | 2025-04-21 | 9.1 Critical |
| url.c in GNU Wget through 1.24.5 mishandles semicolons in the userinfo subcomponent of a URI, and thus there may be insecure behavior in which data that was supposed to be in the userinfo subcomponent is misinterpreted to be part of the host subcomponent. | ||||
| CVE-2017-1000112 | 2 Linux, Redhat | 8 Linux Kernel, Enterprise Linux, Enterprise Mrg and 5 more | 2025-04-20 | 7.0 High |
| Linux kernel: Exploitable memory corruption due to UFO to non-UFO path switch. When building a UFO packet with MSG_MORE __ip_append_data() calls ip_ufo_append_data() to append. However in between two send() calls, the append path can be switched from UFO to non-UFO one, which leads to a memory corruption. In case UFO packet lengths exceeds MTU, copy = maxfraglen - skb->len becomes negative on the non-UFO path and the branch to allocate new skb is taken. This triggers fragmentation and computation of fraggap = skb_prev->len - maxfraglen. Fraggap can exceed MTU, causing copy = datalen - transhdrlen - fraggap to become negative. Subsequently skb_copy_and_csum_bits() writes out-of-bounds. A similar issue is present in IPv6 code. The bug was introduced in e89e9cf539a2 ("[IPv4/IPv6]: UFO Scatter-gather approach") on Oct 18 2005. | ||||
| CVE-2017-1000379 | 2 Linux, Redhat | 9 Linux Kernel, Enterprise Linux, Enterprise Mrg and 6 more | 2025-04-20 | 7.8 High |
| The Linux Kernel running on AMD64 systems will sometimes map the contents of PIE executable, the heap or ld.so to where the stack is mapped allowing attackers to more easily manipulate the stack. Linux Kernel version 4.11.5 is affected. | ||||
| CVE-2017-17405 | 3 Debian, Redhat, Ruby-lang | 13 Debian Linux, Enterprise Linux, Enterprise Linux Desktop and 10 more | 2025-04-20 | N/A |
| Ruby before 2.4.3 allows Net::FTP command injection. Net::FTP#get, getbinaryfile, gettextfile, put, putbinaryfile, and puttextfile use Kernel#open to open a local file. If the localfile argument starts with the "|" pipe character, the command following the pipe character is executed. The default value of localfile is File.basename(remotefile), so malicious FTP servers could cause arbitrary command execution. | ||||
| CVE-2017-14491 | 13 Arista, Arubanetworks, Canonical and 10 more | 35 Eos, Arubaos, Ubuntu Linux and 32 more | 2025-04-20 | 9.8 Critical |
| Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response. | ||||
| CVE-2017-7184 | 3 Canonical, Linux, Redhat | 8 Ubuntu Linux, Linux Kernel, Enterprise Linux and 5 more | 2025-04-20 | 7.8 High |
| The xfrm_replay_verify_len function in net/xfrm/xfrm_user.c in the Linux kernel through 4.10.6 does not validate certain size data after an XFRM_MSG_NEWAE update, which allows local users to obtain root privileges or cause a denial of service (heap-based out-of-bounds access) by leveraging the CAP_NET_ADMIN capability, as demonstrated during a Pwn2Own competition at CanSecWest 2017 for the Ubuntu 16.10 linux-image-* package 4.8.0.41.52. | ||||
| CVE-2017-12613 | 3 Apache, Debian, Redhat | 17 Portable Runtime, Debian Linux, Enterprise Linux and 14 more | 2025-04-20 | 7.1 High |
| When apr_time_exp*() or apr_os_exp_time*() functions are invoked with an invalid month field value in Apache Portable Runtime APR 1.6.2 and prior, out of bounds memory may be accessed in converting this value to an apr_time_exp_t value, potentially revealing the contents of a different static heap value or resulting in program termination, and may represent an information disclosure or denial of service vulnerability to applications which call these APR functions with unvalidated external input. | ||||
| CVE-2017-2647 | 2 Linux, Redhat | 6 Linux Kernel, Enterprise Linux, Enterprise Mrg and 3 more | 2025-04-20 | N/A |
| The KEYS subsystem in the Linux kernel before 3.18 allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via vectors involving a NULL value for a certain match field, related to the keyring_search_iterator function in keyring.c. | ||||
| CVE-2017-1000251 | 4 Debian, Linux, Nvidia and 1 more | 17 Debian Linux, Linux Kernel, Jetson Tk1 and 14 more | 2025-04-20 | 8.0 High |
| The native Bluetooth stack in the Linux Kernel (BlueZ), starting at the Linux kernel version 2.6.32 and up to and including 4.13.1, are vulnerable to a stack overflow vulnerability in the processing of L2CAP configuration responses resulting in Remote code execution in kernel space. | ||||
| CVE-2017-2636 | 3 Debian, Linux, Redhat | 9 Debian Linux, Linux Kernel, Enterprise Linux and 6 more | 2025-04-20 | 7.0 High |
| Race condition in drivers/tty/n_hdlc.c in the Linux kernel through 4.10.1 allows local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline. | ||||
| CVE-2017-7895 | 3 Debian, Linux, Redhat | 10 Debian Linux, Linux Kernel, Enterprise Linux and 7 more | 2025-04-20 | 9.8 Critical |
| The NFSv2 and NFSv3 server implementations in the Linux kernel through 4.10.13 lack certain checks for the end of a buffer, which allows remote attackers to trigger pointer-arithmetic errors or possibly have unspecified other impact via crafted requests, related to fs/nfsd/nfs3xdr.c and fs/nfsd/nfsxdr.c. | ||||
| CVE-2017-5461 | 2 Mozilla, Redhat | 7 Network Security Services, Enterprise Linux, Rhel Aus and 4 more | 2025-04-20 | N/A |
| Mozilla Network Security Services (NSS) before 3.21.4, 3.22.x through 3.28.x before 3.28.4, 3.29.x before 3.29.5, and 3.30.x before 3.30.1 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact by leveraging incorrect base64 operations. | ||||
| CVE-2016-9147 | 2 Isc, Redhat | 6 Bind, Enterprise Linux, Rhel Aus and 3 more | 2025-04-20 | N/A |
| named in ISC BIND 9.9.9-P4, 9.9.9-S6, 9.10.4-P4, and 9.11.0-P1 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a response containing an inconsistency among the DNSSEC-related RRsets. | ||||
| CVE-2017-1000366 | 8 Debian, Gnu, Mcafee and 5 more | 26 Debian Linux, Glibc, Web Gateway and 23 more | 2025-04-20 | N/A |
| glibc contains a vulnerability that allows specially crafted LD_LIBRARY_PATH values to manipulate the heap/stack, causing them to alias, potentially resulting in arbitrary code execution. Please note that additional hardening changes have been made to glibc to prevent manipulation of stack and heap memory but these issues are not directly exploitable, as such they have not been given a CVE. This affects glibc 2.25 and earlier. | ||||
| CVE-2017-7555 | 2 Augeas, Redhat | 5 Augeas, Enterprise Linux, Rhel Aus and 2 more | 2025-04-20 | N/A |
| Augeas versions up to and including 1.8.0 are vulnerable to heap-based buffer overflow due to improper handling of escaped strings. Attacker could send crafted strings that would cause the application using augeas to copy past the end of a buffer, leading to a crash or possible code execution. | ||||
| CVE-2017-10661 | 3 Debian, Linux, Redhat | 12 Debian Linux, Linux Kernel, Enterprise Linux and 9 more | 2025-04-20 | 7.0 High |
| Race condition in fs/timerfd.c in the Linux kernel before 4.10.15 allows local users to gain privileges or cause a denial of service (list corruption or use-after-free) via simultaneous file-descriptor operations that leverage improper might_cancel queueing. | ||||
| CVE-2017-6074 | 3 Debian, Linux, Redhat | 9 Debian Linux, Linux Kernel, Enterprise Linux and 6 more | 2025-04-20 | 7.8 High |
| The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel through 4.9.11 mishandles DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allows local users to obtain root privileges or cause a denial of service (double free) via an application that makes an IPV6_RECVPKTINFO setsockopt system call. | ||||
| CVE-2016-9840 | 9 Apple, Boost, Canonical and 6 more | 27 Iphone Os, Mac Os X, Tvos and 24 more | 2025-04-20 | 8.8 High |
| inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic. | ||||
| CVE-2017-15265 | 2 Linux, Redhat | 7 Linux Kernel, Enterprise Linux, Enterprise Mrg and 4 more | 2025-04-20 | 7.0 High |
| Race condition in the ALSA subsystem in the Linux kernel before 4.13.8 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted /dev/snd/seq ioctl calls, related to sound/core/seq/seq_clientmgr.c and sound/core/seq/seq_ports.c. | ||||