Redhat » Enterprise Linux Workstation : Security Vulnerabilities, CVEs, Published In August 2018 (Memory corruption)
A null-pointer dereference vulnerability was found in libtirpc before version 0.3.3-rc3. The return value of makefd_xprt() was not checked in all instances, which could lead to a crash when the server exhausted the maximum number of available file descriptors. A remote attacker could cause an rpc-based application to crash by flooding it with new connections.
Max CVSS
7.5
EPSS Score
3.60%
Published
2018-08-30
Updated
2023-02-03
It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc (double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status() which are part of snd_rawmidi_ioctl() handler in rawmidi.c file. A malicious local attacker could possibly use this for privilege escalation.
Max CVSS
7.8
EPSS Score
0.04%
Published
2018-08-21
Updated
2023-02-12
Use after free in libxml2 before 2.9.5, as used in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Max CVSS
8.8
EPSS Score
2.14%
Published
2018-08-28
Updated
2018-10-25
Use after free in PDFium in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
Max CVSS
8.8
EPSS Score
1.26%
Published
2018-08-28
Updated
2018-10-30
Use after free in PDFium in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
Max CVSS
8.8
EPSS Score
1.26%
Published
2018-08-28
Updated
2018-10-30
Out-of-bounds Write in the QUIC networking stack in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to gain code execution via a malicious server.
Max CVSS
8.8
EPSS Score
2.01%
Published
2018-08-28
Updated
2018-11-20
A use after free in V8 in Google Chrome prior to 62.0.3202.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Max CVSS
9.3
EPSS Score
2.22%
Published
2018-08-28
Updated
2018-11-07
7 vulnerabilities found