Redhat » Enterprise Linux Workstation : Security Vulnerabilities, CVEs, Published In August 2018 (Gain Privilege)
Adobe Flash Player 30.0.0.134 and earlier have a "use of a component with a known vulnerability" vulnerability. Successful exploitation could lead to privilege escalation.
Max CVSS
9.8
EPSS Score
1.62%
Published
2018-08-29
Updated
2019-10-03
It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc (double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status() which are part of snd_rawmidi_ioctl() handler in rawmidi.c file. A malicious local attacker could possibly use this for privilege escalation.
Max CVSS
7.8
EPSS Score
0.04%
Published
2018-08-21
Updated
2023-02-12
2 vulnerabilities found